Just today, I have received two calls (separated by many hours) where the people told me they were returning my call!
I have no idea what that means. Was my phone hacked? My identity stolen? (I have not seen any unusual activity in my bank account or credit card accounts, though, but I have not yet checked on my credit score and credit dossier...)
Or is someone merely spoofing my phone number?
How do I counter that? What are my best options?
This is starting to worry me... (was my phone hacked?)
Moderators: Bookworm, starkruzr, MrFireDragon, PrettyPrincess, Wapsi
- lake_wrangler
- Posts: 4300
- Joined: Sun Aug 05, 2012 8:16 am
- Location: Laval, Québec, Canada
Re: This is starting to worry me... (was my phone hacked?)
It's common for phone scammers to make calls with forged Caller ID numbers... a lot of voice-over-IP services don't validate the calling-number information. Scammers do this to make it look as if the calls are coming from a local source, raising the odds that the called number will answer.lake_wrangler wrote: ↑Thu Aug 06, 2020 9:02 pm Just today, I have received two calls (separated by many hours) where the people told me they were returning my call!
I have no idea what that means. Was my phone hacked? My identity stolen? (I have not seen any unusual activity in my bank account or credit card accounts, though, but I have not yet checked on my credit score and credit dossier...)
Or is someone merely spoofing my phone number?
How do I counter that? What are my best options?
So, it's likely that this incident had nothing to do with your phone, or you personally... some sales-slimer could have picked your phone number completely at random. There nothing you can do, yourself, to prevent this.
Do check your financials, though, just to be sure.
Re: This is starting to worry me... (was my phone hacked?)
FWIW - More than once Caller ID said I was calling myself. Some of the spoofing techniques use the area code and local exchange numbers to make you think it's someone local calling. The point is caller ID is not completely trustworthy, although I do believe it when it comes up "Spam" or "Private Number".
One password trick you may find handy is including some way of recognizing which website is attached to the password you're using. For example, if your password is X123, if you use that for Wapsi Square Forum, try WapX123 instead. More than once I've back tracked mail spam/blackmail messages to the origin site that way, and passed feedback to their Phishing e-mail addy. And what does it say about modern days that the Spell Check on my mail client recognizes "Phishing" without flagging it?
Any way, good luck on staying ahead of it. For myself, I have a multi section binder to keep track of passwords: Bank, Medical, Social, Gaming, Shopping, etc, etc. Makes life (and password changes/updates) much simpler.
One password trick you may find handy is including some way of recognizing which website is attached to the password you're using. For example, if your password is X123, if you use that for Wapsi Square Forum, try WapX123 instead. More than once I've back tracked mail spam/blackmail messages to the origin site that way, and passed feedback to their Phishing e-mail addy. And what does it say about modern days that the Spell Check on my mail client recognizes "Phishing" without flagging it?
Any way, good luck on staying ahead of it. For myself, I have a multi section binder to keep track of passwords: Bank, Medical, Social, Gaming, Shopping, etc, etc. Makes life (and password changes/updates) much simpler.
Don't let other peoples limitations become your constraints!
My Deviant Art scribbles
The Atomic Guide to Basic GIMP Stuff
My Deviant Art scribbles
The Atomic Guide to Basic GIMP Stuff
- lake_wrangler
- Posts: 4300
- Joined: Sun Aug 05, 2012 8:16 am
- Location: Laval, Québec, Canada
Re: This is starting to worry me... (was my phone hacked?)
Out of curiosity, did you answer when you apparently called yourself?Atomic wrote: ↑Mon Aug 10, 2020 9:33 amFWIW - More than once Caller ID said I was calling myself. Some of the spoofing techniques use the area code and local exchange numbers to make you think it's someone local calling. The point is caller ID is not completely trustworthy, although I do believe it when it comes up "Spam" or "Private Number".
I personally use a password manager (LastPass, to be precise), so all my passwords are a jumbled mess that would make it hard for anyone to guess.Atomic wrote: ↑Mon Aug 10, 2020 9:33 amOne password trick you may find handy is including some way of recognizing which website is attached to the password you're using. For example, if your password is X123, if you use that for Wapsi Square Forum, try WapX123 instead. More than once I've back tracked mail spam/blackmail messages to the origin site that way, and passed feedback to their Phishing e-mail addy.
How would you go about back tracking spam or blackmail messages, based on which password you use? I've heard of the possibility of creating aliases in gmail, to figure out which site you've subscribed to is to blame for selling your info to spammers (similar to what you said, but on the email part of the deal: [alias specific to subscribed site].[actual email address]@gmail.com. That way, when you get spammed, just check which email address they sent it to, and it gives you an idea of where the fault lies. But I don't understand how doing so for a password would be effective, in that regard.
I find spellcheckers to be hit-or-miss on a regular basis, actually. Heck, my email client will flag verbs that are just fine, just because I used a contraction between the subject and the verb (particularly in French, like "j'aime" or "j'étais" and so on... even though the rest of the time the French checker is fairly accurate...) So I find that even when using a spellchecker, you still have to have a decent command of the language in which you are typing, so as to recognize false flags...
But isn't that a security risk on another level? If you maintain said binder at home, you don't risk as much, since one should, hopefully, be able to trust family members, but then if you need those passwords from work, you won't have access to them... And generally, if someone ever breaks into your home, they will tend to try to abscond with what seems like the more valuable items in their eyes, so they probably won't be looking through your books, papers, binders, and so on...
On the other hand, if you do keep the binder (or a copy of it) at work, then you put yourself at risk, as you can never tell who will be passing through the office, or whether an industrial spy will try to gather information by breaking in at night... and you still end up with the problem of needing a copy at home, or only be able to access the sites at work for which the passwords are kept at work...
Granted, it's better in an unidentified/falsely identified binder than to keep it on a post-it on the side of the screen or in the desk's top drawer... But I would still be weary of someone finding it...
- lake_wrangler
- Posts: 4300
- Joined: Sun Aug 05, 2012 8:16 am
- Location: Laval, Québec, Canada
Re: This is starting to worry me... (was my phone hacked?)
Incidentally, I was speaking to a friend about this the day after it happened (the supposed returned calls), and he told me that it had just happened to him that very day...
Re: This is starting to worry me... (was my phone hacked?)
Many years ago I was in the habit of beginning and ending online passwords with a space. Would have confused the heck out of anyone who got hold of my paper list of passwords.
But then I got a computer with Windows, and the password dialogs in (at least that version of) Windows automatically stripped off leading and trailing passwords.
But then I got a computer with Windows, and the password dialogs in (at least that version of) Windows automatically stripped off leading and trailing passwords.
Re: This is starting to worry me... (was my phone hacked?)
My password binder is home use.
Back tracking the password spam was simple since it was a E-mail blackmail threat announcing they had my password "WAXXONwaxxoff" and what an Interesting Time I had visiting naughty sites, and what a shame if all your social network friends found out... send bitcoin to...blah blah. Since all my passwords are single site, I was able to contact that site to let them know they were being phished and included the message. Lather, Rinse, Repeat for other such attempts.
YMMV and good luck with everything!
Back tracking the password spam was simple since it was a E-mail blackmail threat announcing they had my password "WAXXONwaxxoff" and what an Interesting Time I had visiting naughty sites, and what a shame if all your social network friends found out... send bitcoin to...blah blah. Since all my passwords are single site, I was able to contact that site to let them know they were being phished and included the message. Lather, Rinse, Repeat for other such attempts.
YMMV and good luck with everything!
Don't let other peoples limitations become your constraints!
My Deviant Art scribbles
The Atomic Guide to Basic GIMP Stuff
My Deviant Art scribbles
The Atomic Guide to Basic GIMP Stuff
- lake_wrangler
- Posts: 4300
- Joined: Sun Aug 05, 2012 8:16 am
- Location: Laval, Québec, Canada
Re: This is starting to worry me... (was my phone hacked?)
Ah. Yes. I've received that kind of message before, except that the password they claimed was mine had nothing to do with any of my passwords. That's why I didn't make the link between password and backtracking.