I received a notification last night that someone changed my shipping address on Macys.com and when I visited the website, there was an open order for a PS5 with delivery to:

DONT IEPN 203 W PITTSBURGH AVE WILDWOOD CREST NJ 08260

After logging into Macy's I got 43 emails at once to seven different services like "Excalidraw" and "Sportograf" trying to login using a magic link.

At this point was was pretty nervous so I checked my main email security. Sure enough, there have been repeated login attempts under my account going on every few minutes for weeks.

Show

I also saw there was an attempted login to my cellphone or home internet company.

I use 2FA, authenticators, etc. Basically what else should I be doing? Is there any way to be more preventative? I really don't wanna chuck this email but it is possible that may be the safest recourse. I do use this email for almost 300 different accounts to various things though.

  • BaumGeist@lemmy.ml
    ·
    3 months ago

    and when I visited the website, there was an open order for a PS5 with delivery to:

    After logging into Macy’s I got 43 emails at once to seven different services

    Did you manually navigate to Macys.com, or did you click a link in the email to "Macys.com"? Because it's a common phishing technique, they may have used your macys email and password to password spray every other website they could find it associated with when you "logged in." It's usually a page that's spoofed to look like a legitimate login page, which redirects you to the actual page once it records a login attempt.

    Also check HaveIBeenPwned.com, your email may show up in a few major beaches, which is enough for script kiddies to spray it across the entire net.

  • neidu2@feddit.nl
    ·
    edit-2
    3 months ago

    Your username and password combo probably leaked from somewhere. It happens when services you use have a breach.

    This is why it is recommended to not use the same password for everything, as well as changing your password once in a while.

    Also, I recommend putting your email into https://haveibeenpwned.com/ and it will let you know if your address has been part of any breaches that it is aware of. Optional: Sign up, and you'll be emailed if your address does appear at a later date.

  • CaptainBasculin@lemmy.ml
    ·
    3 months ago

    Change email password just to be on the safe side. Make sure no device connected to your local internet is compromised. Give a Malwarebytes scan to your PC and look up your IoT devices (if you have any) to see if they had any history of vulnerabilities.

    Do NOT use same passwords on multiple sites, or at the very least, salt your password based on the site. (add characters based on what site you're visiting). For maximum security, use a password manager like KeePass.

    Do NOT use a similar password to your very crucial passwords (your email, goverment sites etc.) anywhere no matter what.

    Inform macys about your account being compromised; if your credit card was charged; issue a chargeback.

  • thepreciousboar@lemm.ee
    ·
    3 months ago

    If you use a strong password and 2fa, there's no way to prevent login attempts, and a strong enough authentication will make random login attempts just a nuicance. You can set up a recovery address (that must be equally safe). If you are using an online password manager, check there was no known leak