pancakes

MicrostockGroup Sponsors


Author Topic: account hacked ???  (Read 13548 times)

0 Members and 1 Guest are viewing this topic.

« on: February 09, 2014, 20:16 »
+1
just opened my email account @ gmail and found out that my BigStock account has been hacked because I have an email from BigStock saying that my email address was changed to ryan@fraud.su

entered BigStock and it looks like the hacker got a plan that now has 98 credits and downloaded 16 pictures already

after logging out I can't log in anymore because they changed the password

cool stuff BigStock ;D



« Reply #1 on: February 09, 2014, 20:19 »
+2
Woah, that's a problem. Keep us posted.

« Reply #2 on: February 09, 2014, 20:21 »
0
Woah, that's a problem. Keep us posted.

Hi Luis Santos,

Your account email address at Bigstock has been changed to ryan@fraud.su.

Please use this new email address when logging into your Bigstock account. If you did not request this change or have any questions, just reply to this email.
   
   

Cheers,
The Bigstock Team
http://www.bigstockphoto.com


just replied, will see how it goes :)

« Reply #3 on: February 09, 2014, 20:25 »
+1
Eek! That's crazy

« Reply #4 on: February 09, 2014, 20:26 »
+1
Pretty gutsy for the thief to use a fraud.su name. Wonder why that didnt send a red flag to bigstock? Hope you get it straightened out.

« Reply #5 on: February 09, 2014, 20:33 »
0
Pretty gutsy for the thief to use a fraud.su name. Wonder why that didnt send a red flag to bigstock? Hope you get it straightened out.

yeah, quite an usual name for hackers looking at google results ;D

« Reply #6 on: February 09, 2014, 21:35 »
0
Hey Luis, I hope you thought about changing all of your passwords!  Sorry that happened to you, and I hope you can let us know that Bigstock is standing by you.

« Reply #7 on: February 10, 2014, 01:35 »
0
Yea, I thought that name was strange... I think some of these hackers do this to get hired somewhere.

My best to you also Luis


My Very Best :)
KimsCreativeHub.com

« Reply #8 on: February 10, 2014, 03:10 »
0
Have you used one of those third party tools / apps which require you to effectively give them your login details ? Or logged in using public or open wifi ?
« Last Edit: February 10, 2014, 04:54 by bunhill »

« Reply #9 on: February 10, 2014, 06:16 »
0
Have you used one of those third party tools / apps which require you to effectively give them your login details ? Or logged in using public or open wifi ?

no, I always login from the same IP, BigStock is now checking this out

« Reply #10 on: February 15, 2014, 20:34 »
+4
6 days now

a few replies but still cannot log in and portfolio not online as well, not great indeed, even if they are being extra safe it is taking too long IMO

« Reply #11 on: February 15, 2014, 21:34 »
+5
6 days now

a few replies but still cannot log in and portfolio not online as well, not great indeed, even if they are being extra safe it is taking too long IMO

it sucks that an agency couldn't [wouldn't] quickly fix your account.  Maybe it's possible that they are trying to use your account to find the person involved and can't say anything. Who knows.  I hope they get it resolved soon, Luis.  Just SUCKS! 

« Reply #12 on: February 15, 2014, 22:49 »
0
It's a federal holiday here in the U.S. on Monday and some offices are closed too.  Not sure about BS but it could delay results further too.  I hope they get it resolved for you soon.

« Reply #13 on: February 19, 2014, 11:09 »
0
important notice

BigStock just sent me an email saying they believe it was a breach due to a website, I highly recommend you guys (contributors) to check if there is any place in the internet with your FTP credentials, I don't know how but there is one site that is displaying my username/email/password for over 20 agencies, really insane, somebody must have given that information, BigStock believes it was a third party service that uploads our images to multiple stock agencies but the most weird is that I never use that type of services, always on my pc and with filezilla

stockphoto-images.com

« Reply #14 on: February 19, 2014, 11:24 »
0
important notice

BigStock just sent me an email saying they believe it was a breach due to a website, I highly recommend you guys (contributors) to check if there is any place in the internet with your FTP credentials, I don't know how but there is one site that is displaying my username/email/password for over 20 agencies, really insane, somebody must have given that information, BigStock believes it was a third party service that uploads our images to multiple stock agencies but the most weird is that I never use that type of services, always on my pc and with filezilla
This is concerning. Just because of this very reason, I never signed up or used any third party uploaders/sales report programs. This is just scary.

Do you know which "site" it was? How do you know that it was for over 20 agencies if you dont mind me asking?

« Reply #15 on: February 19, 2014, 11:26 »
+1
on the famous http://pastebin.com/

this is quite a serious matter, don't know what I can do but this should be investigated properly

« Reply #16 on: February 19, 2014, 12:10 »
+1
other contributor, it never ends, tons of txts loaded with this information


« Reply #17 on: February 19, 2014, 13:11 »
+2
FileZilla warns of large malware campaign

Quote
Spoofed versions of the open source FTP program circulating on third-party websites are designed to steal log-in credentials

« Reply #18 on: February 19, 2014, 13:23 »
0
guess I won't use it again, will stick with agency uploader(s)

« Reply #19 on: February 19, 2014, 13:45 »
+1
guess I won't use it again, will stick with agency uploader(s)

Or FTP software like Fetch (Mac) or FTP Voyager (what I used to use on Windows pre 2008)

« Reply #20 on: February 19, 2014, 13:55 »
0
guess I won't use it again, will stick with agency uploader(s)

Or FTP software like Fetch (Mac) or FTP Voyager (what I used to use on Windows pre 2008)

how can we be sure that those aren't going to be hacked? ;D

fritz

  • I love Tom and Jerry music

« Reply #21 on: February 19, 2014, 13:59 »
0
Looks like windows FTP upload is the safest way!

« Reply #22 on: February 19, 2014, 15:24 »
0
guess I won't use it again, will stick with agency uploader(s)


Or FTP software like Fetch (Mac) or FTP Voyager (what I used to use on Windows pre 2008)


how can we be sure that those aren't going to be hacked? ;D


In the case of Fetch, because the data that would be of interest to hackers isn't stored centrally anywhere (it's on my systems behind a firewall) and the software lives on my Macs having been purchased from a developer who would, I trust, inform users if somehow an update contained malware.
« Last Edit: February 19, 2014, 15:41 by Jo Ann Snover »

« Reply #23 on: February 19, 2014, 15:32 »
+3
I stopped using Filezilla ages ago, when finding that all sensitive data is stored in plain text files on local pc. I always had antivirus, firewall and every imaginable security feature but I still didn't like how Filezilla developers actively refused to introduce some sort of encryption to login data - saying that its user's responsibility. I've been very happy with CuteFTP Pro since then :)

Uncle Pete

« Reply #24 on: February 24, 2014, 21:54 »
+1
I didn't want to say anything because of past debates about Mac and security. But here's in the news:  http://news.yahoo.com/apple-readies-security-fix-mac-ios-flaw-214138710.html

"Cluley said Apple's iOS update fixed "a critical vulnerability that could allow hackers to intercept what should have been secure communications between your iPhone and SSL-protected websites. That means, potentially, online attackers could grab your user ID or passwords as you attempted to log into popular websites."

Do you have a Mac Luis?

As for Filezilla, if you download from a trusted site, like the source, it's fine. If you just search for "downlad filezilla" you could be at risk. I use cnet.com or tucows. But don't blame the software product for something that's got another cause.

Here's one cause: Trojan.Silentbanker is a Trojan horse that records keystrokes, captures screen images, and steals confidential financial information to send to the remote attacker.  Make sure your computer isn't still infected (if it was?)

Just because something steals passwords from one software, don't assume it was THAT software that caused it. Most of the time people get attacked by visiting infected sites or opening a file with the trojan built into something innocent looking.

But no matter what, run a virus software that checks before loading the system files, (in safe mode for you Windows users) or it can just regenerate itself on the next boot.


 

Related Topics

  Subject / Started by Replies Last post
33 Replies
6610 Views
Last post December 09, 2012, 20:39
by gostwyck
10 Replies
5153 Views
Last post December 13, 2015, 12:12
by stockastic
10 Replies
4441 Views
Last post November 18, 2016, 06:55
by Millionstock.com
4 Replies
2507 Views
Last post August 22, 2017, 10:47
by niktol
12 Replies
2259 Views
Last post December 06, 2018, 12:09
by CDPiC

Sponsors

Microstock Poll Results