They changed it for me. I got a warning to do a scan first and then they would let me know the new one. That's pretty good service.
ACTIONS THAT YOU MUST TAKE:1. You will need to scan and clean all computers that are used to access the (redacted) email account with up-to-date anti-malware/anti-virus software. Seehttp://en.wikipedia.org/wiki/Malware_scannerMany site owners have reported good results when scanningtheir machines with MalwareBytes, http://www.malwarebytes.org/2. Acknowledge this notice with any information you haveregarding this issue and the results of scans you have completed.Once acknowledgment and the results of your scans are received we can provide you with the opportunity to reset your password and regain access to your CNC.
I am assuming they don't want the same thing to happen tomorrow if they just give me a new password.
There are four possibilities in these situations...1: A machine that either was used to access that email account, or the email account password was stored on, was compromised2: The password used was easy to guess (dictionary type attack)3: The user/password and addresses were sniffed, e.g. on an unsecuredwireless network4: This email address was used as a username at an external service andthe password provided was the same as the email account password andthe external service was compromised... There are some that speculatethat this may become more common...
Personally I use random passwords for every new online account, just to stop the spread of compromised passwords.
Quote from: Nick Gammon on Oct 19, 2013, 03:39 amPersonally I use random passwords for every new online account, just to stop the spread of compromised passwords.So - you use LastPass - as Steve Gibson recommends?
So - you use LastPass - as Steve Gibson recommends?
Huh. Well none of the usual misspellings or bad grammar. I assume all hyperlinks match the corresponding text. Seems harmless so far. Makes me wonder what happened, where the problem was. The occasional computer gets compromised and I can't imagine an ISP would care. Now if the problem were on their end, and many accounts were compromised, that might explain it.Quote from: Nick Gammon on Oct 19, 2013, 01:36 amI am assuming they don't want the same thing to happen tomorrow if they just give me a new password.I wonder what the thing was that happened.
You have initiated a payment for $100.00 AUD to WHATEVER.com. *Payment details*Amount: $100.00 AUDTransaction ID: 5C53687F7327933RBecause the payment was made from an foreign ip address, we put the transaction ID 5C53687F7327933R on hold.To cancel this payment, please follow the link below:SOMEDODGYLINK.com
I'm suspicious. Why should they give you the new password only after you had done a scan?
We are in an annoying zone of having a lot of false positives, and false negatives. ...