MicrostockGroup Sponsors


Author Topic: My Shutterstock account hacked  (Read 6536 times)

0 Members and 1 Guest are viewing this topic.

« on: December 04, 2018, 02:40 »
+1
Hi,
yesterday my shutterstock account was hacked. They changed email account and payment infos. I can`t login to the account. I`ve contacted Shutterstock yesterday but i have not heard anything.
Has anyone ever happened?


Chichikov


« Reply #2 on: December 04, 2018, 07:14 »
+1
Thanks for the heads up...checking now.edit: all good, but then I had changed my pw a couple weeks ago when someone reported a hack, but others said it wasn't.
« Last Edit: December 04, 2018, 07:23 by cathyslife »

« Reply #3 on: December 04, 2018, 10:44 »
+1
Yep. Happened to me earlier this year.

I got an automated email from SS saying my payment info had changed -- it now went to some bank in Eastern Europe.  That wasn't me...

I managed to log on (had to jump through a couple hoops because they had changed the password, but I did manage to get in).  I then changed my password to something stronger -- AND UNIQUE TO SS -- and then changed the bank info back to my own bank.

I then sent an email to SS, telling them of the unauthorized change, and my response to it.  I heard back from them a couple days later. Clearly a personal email. The SS support person thanked me for letting them know, and said they would have told me to do exactly what I had already done, and thanked me for taking that action.

I expect my experience was then entered into a database somewhere in SS to let them know the extent of the problem, and perhaps help them come up with ways to stop the incursion.

« Reply #4 on: December 04, 2018, 10:50 »
0
This just proves how effective the wonderful recaptcha is!!

« Reply #5 on: December 04, 2018, 11:29 »
+1
what has recaptcha got to do with people using weak password and probably same password everywhere.

« Reply #6 on: December 04, 2018, 11:58 »
0
what has recaptcha got to do with people using weak password and probably same password everywhere.
and what do you base that statement on? I think it has more to do with being required to use the same password as the sign in for insecure FTP.

« Reply #7 on: December 04, 2018, 12:21 »
+2
captcha is for preventing automated bots to log in, not for anti-hacking. When the system is hacked, thousand users would be affected, not just one or two. Hackers use brute force to try to guess pasword and that how it was probably done. I'vve had few occasions in the last months, warning from google that someone was trying to login to my email acccount.

« Reply #8 on: December 04, 2018, 13:23 »
+2
Hackers use brute force to try to guess pasword and that how it was probably done.

That is how they used to do it. More recently, they hack large databases where they can skim millions of passwords. They then go through various other sites trying the same email/password combinations to see which ones get unlocked.

That is why you have probably gotten a slew of emails saying they saw you on a porn site playing with yourself on your camera, which they controlled.  Actually not at all true, but they took the passwords they gleaned from one of the mass attacks and sent out the emails, knowing that a few would fall for it and pay the ransom.  They only need a very tiny percentage to succeed to reap themselves millions of $ in profit...

And BTW, I don't think I have EVER seen a captcha on SS.  When I log in, I am directly on my dashboard.

« Reply #9 on: December 04, 2018, 15:00 »
0
Don't forget when changing password... 12 characters is the minimum recommended.

https://www.betterbuys.com/estimating-password-cracking-times/assets/images/password_time_and_length.jpg

k_t_g

  • wheeeeeeeeee......
« Reply #10 on: December 04, 2018, 17:42 »
+2
You don't thing they managed to use a "hack program" besides the usual password hack?
Because this is exactly what it smells like to me.

Helpful info:
Here is one way to secure: https://lastpass.com/getlastpass1.php?n=1&mcomb=sa8Igu52I|139371278098|lastpass|e|i8rbbhb5l0|c&cvosrc=ppc.google.lastpass&cvo_campaign={campid}&cvo_crid=139371278098&Matchtype=e&gclid=EAIaIQobChMIzqSJi9Pr1QIV17rACh3cMAZYEAAYASAAEgLmJPD_BwE
And here is a more traditional method; Make a nice long password. Long as you can. Must be different then other passwords you have on other sites you use. make them with numbers, letters in both regular and capitals and also use symbols. The same with questions and answers. Make crazy question and answers but use plenty of spelling mistakes, nonsense words and again use symbols. Bunch some words. Have a little black book for your questions and answers and passwords so you don't forget or save them in a thumb drive.
Use those double notification security functions that come with many sites.
All good info till they make "a better mouse trap" in the future.
Hopefully soon.  ;)

« Reply #11 on: December 05, 2018, 05:09 »
+5
Shutterstocks FTP is the biggest security hole in the entire thing.

Same username and password as the main site and no encryption at all so details sent plain text for all to see.

« Reply #12 on: December 06, 2018, 12:09 »
0
#metoo and Creative Market as well. Check your account. creative Market hasnt auto payout but i seen in time and reported.
Creative Market Hack Account PayPal: [email protected]


 

Related Topics

  Subject / Started by Replies Last post
33 Replies
34403 Views
Last post December 09, 2012, 20:39
by gostwyck
53 Replies
34435 Views
Last post August 05, 2016, 16:01
by redo
10 Replies
9965 Views
Last post December 13, 2015, 12:12
by stockastic
10 Replies
9999 Views
Last post November 18, 2016, 06:55
by Millionstock.com
4 Replies
5460 Views
Last post August 22, 2017, 10:47
by niktol

Sponsors

Mega Bundle of 5,900+ Professional Lightroom Presets

Microstock Poll Results

Sponsors