pancakes

MicrostockGroup Sponsors


Author Topic: Stolen earnings - check your password!  (Read 2236 times)

0 Members and 1 Guest are viewing this topic.

« on: October 01, 2019, 04:31 »
+4
Yesterday I received a message from Bigstock that my email address has been updated and a moment later that 'Your Bigstock commission request has been received'.
I responded immediately and undoed the changes.
But the balance of my earnings, in fact my annual turnover since January 2019, had already disappeared.
Of course I hope that this can still be reversed and that the actual payment to the thief has not yet taken place.
I send this message as a warning for everyone not to use a password that is also used elsewhere.
Perhaps it is a reason to check your passwords yourself?


« Reply #1 on: October 01, 2019, 11:48 »
+1
Looks like SS got hacked as well. I received an email notifying me of change of payment. Went from PP to Skrill and a .ru email address. Change your passwords.

« Reply #2 on: October 01, 2019, 12:34 »
0
Change your passwords.

Done for SS. Thanks for the heads up.

« Reply #3 on: October 01, 2019, 15:37 »
0
Sorry that it happened to you but thanks for the heads up! I have now updated all of my passwords.

« Reply #4 on: October 01, 2019, 19:48 »
+3
Looks like SS got hacked as well. I received an email notifying me of change of payment. Went from PP to Skrill and a .ru email address. Change your passwords.

Nice of SS to inform us.

« Reply #5 on: October 02, 2019, 00:09 »
0
Looks like SS got hacked as well. I received an email notifying me of change of payment. Went from PP to Skrill and a .ru email address. Change your passwords.

Nice of SS to inform us.

It doesn't seem like a mass hacking of SS/BS, surely there would be screams of rage all over the place if it was. Could the passwords have been picked up in some other way? My accounts have not been changed.

« Reply #6 on: October 03, 2019, 06:13 »
0
People have been reporting this issue on SS for well over a year now.  A few every month on forums.
Usual MO there is email address changed, they get a deluge of spam, presumably to hide the genuine mail aways on the last day of the month.

SS to my knowledge have never discussed in in public but its been going on a while.

Uncle Pete

  • Great Place by a Great Lake - My Home Port
« Reply #7 on: October 03, 2019, 10:30 »
+3
Looks like SS got hacked as well. I received an email notifying me of change of payment. Went from PP to Skrill and a .ru email address. Change your passwords.

Nice of SS to inform us.

It doesn't seem like a mass hacking of SS/BS, surely there would be screams of rage all over the place if it was. Could the passwords have been picked up in some other way? My accounts have not been changed.

And the response has been "we were not hacked" but of course any rumor or accusation gets more play than the truth. Three people report stolen accounts on a forum, and it's an epidemic. Hey wait, how many people here have had their PayPal changed on a stock agency?

I like to ask people who "got hacked" do they share the computer? Do they use the same password on 50 sites? Besides how would SS being hacked give someone a BS password? Hmm, that's odd. Would SS being hacked give your password for Adobe or iStock?

People have been reporting this issue on SS for well over a year now.  A few every month on forums.
Usual MO there is email address changed, they get a deluge of spam, presumably to hide the genuine mail aways on the last day of the month.

SS to my knowledge have never discussed in in public but its been going on a while.

SS has answered over and over, that they were not hacked, meanwhile you claim they haven't? To your knowledge? Did you look?

You are right with the deluge to cover if someone is trying to change and steal. Also don't forget the fake warnings, package deliveries and others that people open and they just invited the thieves to all their data, trojans and data collections. But OK, it's SS to blame.  ::)

Last you might want to check this list and the OP also:
500px

February 15, 2019: The accounts of 14.8 million users of 500px have been hacked, revealing full names, usernames, email addresses, birth dates, locations, and gender. The photo sharing website has notified its users and is forcing a password reset.

Facebook

April 2, 2019: Two third-party applications which hold Facebook datasets were left exposed to the public online. Over 540 million records, including account names, Facebook ID, and user activity were exposed through Cultura Colectiva. The second application, At the Pool, disclosed passwords along with information regarding photos, events, groups, check-ins and more.

Instagram

May 20, 2019: More than 49 million Instagram influencers, celebrities, and brands have had their private contact information exposed after an India-based social media marketing company left the data unprotected on an Amazon Web Services database. TechCrunch reported that the bio, profile photo, location, verification status, email address and phone number of high-profile accounts were exposed.

https://www.identityforce.com/blog/2019-data-breaches

Claim: "On the last day of the month at 1:30 am someone broke into my account and change the minimum payment and changed the PayPal email address. I received a warning from shutterstock and responded immediately before the money was transferred out and told them it wasnt me and stop the transaction. I thought I was in the clear but 3 hours later all the money was transferred out.  Im trying to get payout reversed but reaching anyone is hard as the is no chat or phone calls.  Has this happed to anyone else? " Posted, 1 forum post, never returned.

But all the money wasn't actually transferred out as it takes days to pay. Right? First of the month is a good time for every one of us to check our accounts as the thieves will try to have it changed so we don't notice as it does go to $0.00 every month.

By the way: "Keeping in mind that no Shutterstock systems have been attacked/hacked/intruded on/violated/accessed/etc, there are two things to keep in mind as far as our timelines in reply to an issue like this.

1. It is extremely high priority. Probably second only to the site being accessible/people not being able to download your excellent submissions. We treat it similarly to your family member being tricked by one of those phone calls claiming to be the IRS.

2. We have to investigate it completely and properly before we can provide a meaningful reply beyond our team saying something to the effect of "we're sorry you're experiencing this issue and we have forwarded this to the team responsible."

https://forums.submit.shutterstock.com/topic/97719-help-my-account-has-been-hacked/?tab=comments#comment-1773533


« Reply #8 on: October 03, 2019, 15:41 »
+2
Check your password make sure none are the same on any sites that involve money.

« Reply #9 on: October 03, 2019, 17:19 »
0
Ss pays to the payment email shown in your account. But if you change the payment email on October 1, this will only affect the November payment. The hacker in this case used this to his advantage and changed the payment email on the 30th and the real owner of the account changed it back on the 1st which is too late.

Folks, don't save your ss credentials in ftp programs. Ss foolishly uses the same credentials for ftp as your site login. This is probably the main cause for so many hacks.
« Last Edit: October 04, 2019, 04:31 by Microstock Posts »

« Reply #10 on: October 04, 2019, 05:21 »
0
Semi offtopic, i have read an article that declared that those random generated passwords GFRVhjknhG432b2#e$3 for example are useless because nobody writes them down or remembers and just store in browser and shares through all devices laptop, tablet phone etc. adding vunerability issues.

Instead, using phrase variations eg george19loves@anna03! as a random example of course, is better sometimes. Easier to write down on a list or remember as variations for a few bunch of everyday used payment including sites. No reason to store in browser after typing them some times, they become a habit :)
« Last Edit: October 04, 2019, 05:23 by George_ »

« Reply #11 on: October 04, 2019, 08:31 »
+1
Semi offtopic, i have read an article that declared that those random generated passwords GFRVhjknhG432b2#e$3 for example are useless because nobody writes them down or remembers and just store in browser and shares through all devices laptop, tablet phone etc. adding vunerability issues.

Instead, using phrase variations eg george19loves@anna03! as a random example of course, is better sometimes. Easier to write down on a list or remember as variations for a few bunch of everyday used payment including sites. No reason to store in browser after typing them some times, they become a habit :)

A good long random password is designed to not be remembered.  The security boost comes with combining a unique,non predictable password for every site with a proper password manager.
That way the user only needs to remember 1 long, complicated password.  Obviously if that get THAT compromised they have big issues but trying to remember 1 is a lot better than 30 or 40. Or sharing between sites.

Its not impossible that BS and SS share the same backend authentication or storage systems so there could be a common fault there.

But ultimately nobody can nail down what the cause is.

It could be:

(i) the user has been hacked or has a trojan or a brute force possible password
(ii) the user is reusing passwords on sites that are compromised
(iii) Insecure authentication like FTP combined with an untrusted network
(iv) Shutterstock/BS was hacked previously and people are drip-feeding credentials every month to get money
(v) SS is still currently compromised and they're unaware of it leading to fresh thefts every month.

Any of those are possible along with others.  All we know is SS and BS seem to get some people every month having the same issue and its been going on a while.

k_t_g

  • Happy Thanks Giving!
« Reply #12 on: October 04, 2019, 23:44 »
+1
I just don't know why people don't use common sense. 🤨😑🤦‍♀️

I see this all the time across all boards. I get these nonsense fake Amazon Apple and other emails and the like trying to luring me with free money and or pretending to be someone that broken in to an account and purchased something.

Never click on a link in your email/s. Just go to your account/s and double check the inbox in there. Also report any suspicious phishing email to your email providers. There are some email providers that will also allow you to see the senders email by just hovering over the so called email address. Usually they're imposters.

As for passwords always have nice long and complicated passwords with numbers, letters, capitals and symbols. Can't remember them all? not to worry. Just write them down in a "little black book" and or keep them in a thumb drive.

Don't forget to use all those extra safety features too. They really help as well.

Try not to save any passwords in those browser apps. Cause you never know.
Last but not least pray. 🙏Doesn't hurt.

Oh to those sneaky theft lurkers, I don't have money to spend and other. So bugger off! Seriously! Get a job!

« Reply #13 on: October 05, 2019, 01:15 »
0
The problem with Shutterstock is that you have to use your password to send over insecure FTP. Open invitation for hackers.

« Reply #14 on: October 05, 2019, 04:26 »
+3


Today I received Bigstock's reply to the various e-mails that I sent in the meantime.

Bigstock has blocked the payment to the thief! Of course I am very happy!

Bigstock assumes that my e-mail account has been hacked and strongly recommends that I change my password for the e-mail account and the same for the PayPal account.

After that I can change the Bigstock password again and eventually my initially lost income will be available to me again.

Fortunately, everything seems resolved with this. In any case, thanks for your compassion!

In the Netherlands we know the saying: a warned person counts for two!
« Last Edit: October 05, 2019, 05:32 by Ruud »

« Reply #15 on: October 06, 2019, 13:43 »
+1
FWIW, I had the same thing happen last year with BigStock.

I got an email though, saying that my banking info had changed.  I immediately went in, restored the banking info and changed the password. I then sent an email to BS telling them what had happened.

They thanked me for the info (in a clearly individually written email from tech support), and said that I had done exactly the steps they would have recommended.

I believe all the agencies send out such emails if banking info is changed.  More than anything, this is simply a lesson not to ignore emails from any of the agencies. You never know when one might be critically important, as this one was.

Uncle Pete

  • Great Place by a Great Lake - My Home Port
« Reply #16 on: October 07, 2019, 11:40 »
0
Check your password make sure none are the same on any sites that involve money.

Also anyone can check here.  https://haveibeenpwned.com/

See what sites you belong to that actually have been hacked?

I still can't understand how BS being hacked was because of SS or SS being hacked caused the BS account to be stolen? Same password?  ::)



« Reply #17 on: October 07, 2019, 13:47 »
0
Check your password make sure none are the same on any sites that involve money.

Also anyone can check here.  https://haveibeenpwned.com/

See what sites you belong to that actually have been hacked?

I still can't understand how BS being hacked was because of SS or SS being hacked caused the BS account to be stolen? Same password?  ::)

Reading all of the replies above the only one that makes sense is the FTP thing. I use a password manager (LastPass) that has random passwords on each site that are rather complex like this one 1TTpobed3ZW6evc%01PrcGF2!O@B3hr4!Wd! , and I don't share a computer with anyone or network. Whoever got into my SS account changed it to a Skrill account which I don't have, and to an email address that was not mine. I also do not use a mobile device of any sort online.


« Reply #18 on: October 10, 2019, 03:08 »
0
The problem with Shutterstock is that you have to use your password to send over insecure FTP. Open invitation for hackers.

As a matter of fact theres such thing as secure ftp (SFTP). It uses SSH. Try winscp, its free and reliable. Plain FTP was considered garbage 15 years ago.

« Reply #19 on: October 13, 2019, 21:52 »
+3
Happened to me on Bigstock a little while before they changed their payout method to  end-of-month. I got an email notifying me my email had been changed when I had not done that. So I signed in to my account (directly, not through the email) and changed my password right away. But it appeared the hacker had full access to my account thru the BS site directly because after I changed my p/word from a totally different physical location (different machine, ip, etc), then changed my mail back to the original, he/she changed it back to their russian one within a few minutes. I was in contact with BS for a while, and they finally fixed it, locked him out, etc. I've heard of A LOT of BS account compromises, so obviously there's a weakness in their security. Has not happened to me on any other micro in 12 years of being there (yet....)

« Reply #20 on: Yesterday at 08:14 »
0
Happened to me on Bigstock a little while before they changed their payout method to  end-of-month. I got an email notifying me my email had been changed when I had not done that. So I signed in to my account (directly, not through the email) and changed my password right away. But it appeared the hacker had full access to my account thru the BS site directly because after I changed my p/word from a totally different physical location (different machine, ip, etc), then changed my mail back to the original, he/she changed it back to their russian one within a few minutes. I was in contact with BS for a while, and they finally fixed it, locked him out, etc. I've heard of A LOT of BS account compromises, so obviously there's a weakness in their security. Has not happened to me on any other micro in 12 years of being there (yet....)


I wonder if it happened when they created that bridge between SS and BS. Prior to that, I was a contributor to both with no issues. Shortly after the bridge, I left BS, and havent had an issue with SS. Ever. Im not sure of the timing of when the hacking issues began.

Uncle Pete

  • Great Place by a Great Lake - My Home Port
« Reply #21 on: Yesterday at 09:35 »
+1
Happened to me on Bigstock a little while before they changed their payout method to  end-of-month. I got an email notifying me my email had been changed when I had not done that. So I signed in to my account (directly, not through the email) and changed my password right away. But it appeared the hacker had full access to my account thru the BS site directly because after I changed my p/word from a totally different physical location (different machine, ip, etc), then changed my mail back to the original, he/she changed it back to their russian one within a few minutes. I was in contact with BS for a while, and they finally fixed it, locked him out, etc. I've heard of A LOT of BS account compromises, so obviously there's a weakness in their security. Has not happened to me on any other micro in 12 years of being there (yet....)


I wonder if it happened when they created that bridge between SS and BS. Prior to that, I was a contributor to both with no issues. Shortly after the bridge, I left BS, and havent had an issue with SS. Ever. Im not sure of the timing of when the hacking issues began.

Sounds like some good guesses. Payout method, bridge, end of month, BS owned by SS. BS is the problem, not SS?

Oh well, maybe that's good news for me, I left BS a couple years ago. I have new passwords pretty much "everywhere" since Spring, and plan on changing them again just in case. As someone said, anything that involves money or payments, change your password and never use the same one on any two microstock sites.

But I suppose if someone used the same PW on SS and BS, that would be high risk. I've suspected that for years, these attacks seem pretty random and limited individuals, instead of across the whole group There are people who make much more, who don't seem to have the problems, and they would be the most lucrative targets.

Someone inside an agency, that has access, and a member who used the same passwords, would me, hypothetically, if you use the same password on Deposit as SS, and someone at Deposit can read it, you just got owned.



 

Related Topics

  Subject / Started by Replies Last post
48 Replies
32142 Views
Last post February 22, 2016, 01:23
by heartsnatcher
10 Replies
6568 Views
Last post November 23, 2009, 05:54
by YadaYadaYada
11 Replies
4223 Views
Last post August 22, 2011, 18:43
by Slovenian
8 Replies
2032 Views
Last post June 25, 2013, 15:56
by pancaketom
20 Replies
11123 Views
Last post March 28, 2014, 22:42
by WooStock

Sponsors

Microstock Poll Results