Warning: accounts are still being hacked on various coin forums

Just a heads up for everyone to remain vigilant. There were some accounts hacked here on CoinTalk recently. It has also happened on the NGC and PCGS forums (with several more cases the last few days over at PCGS). If someone messages you offering gold under spot or anything else that seems too good to be true, be cautious.

 

Log in or Sign up to hide this ad.

The scary thing about these recent hacks is that whoever is responsible knows at least some basics about coins. They have pictures of real coins and descriptions aren't obviously fake. There was also a case yesterday where the scammer sent "proof" of his identity by showing a Verizon bill with the actual name/address of the person that was hacked. The bill turned out to be a fake that was generated online and just added the address info but it was fairly convincing. So again, stay vigilant and look everything over super carefully.

 

If this is AI the government can probably get warrants to catch the miscreants.

 

I haven't sold a coin since the 90's, so if it's a sale from me, it's FAKE.

The Romans had a much better justice system than we do. They had most delightful ways to deal with miscreants, such as scammers.

 

Even the guy who took control of my account on here seemed to know what he was doing.

 

He blew his cover when he started posting snide responses as you.

I wonder which coin forum was the source of this hack. I don't know what a moderator has access to as far as data but it seems like one way to have done this is just getting one moderator's password. It also seems to imply that one of these sites is storing passwords as plain text instead of encrypting them, but I know very little about hacking.

 

I sure hope not, that's a (if not the) cardinal sin of security.

It could have been a successful phishing attack, or it could have been a very badly-configured site, coin-related or not, getting hacked.

I hope everybody's got the memo now about not reusing passwords...

 

It is easier now, the phones and computers have fingerprint and facial recognition that will recall the unique strong password for you. 15-20 years ago when I created most of my passwords, that didn't exist and it was impossible to remember different passwords for every account, so for non financial accounts, I simply used the same generic password. It never occurred to me that someone would take over my coin accounts with the sole purpose of impersonating me to scam others with fake coin sales.