best security for pc to stop spam emails and people trying to hack into my devices.

[carlos726811]

As the title says.
Reason i ask for the past week. I have had to change all my password as someone in russia been trying to hack all my accounts. I also have 2-Step verification enabled for all my devices.

ubisoft.
Steam
Battlenet etc.
I am getting spam emails. I been intouch with Internet provider and they told me they can't do anything about it.
Virus scanner and firewall all active. Windows security showing as no action needed. Its getting a joke and now i am running out of passwords.

 

[SpyderTracks]

As the title says.
Reason i ask for the past week. I have had to change all my password as someone in russia been trying to hack all my accounts. I also have 2-Step verification enabled for all my devices.

ubisoft.
Steam
Battlenet etc.
I am getting spam emails. I been intouch with Internet provider and they told me they can't do anything about it.
Virus scanner and firewall all active. Windows security showing as no action needed. Its getting a joke and now i am running out of passwords.

You can't do anything about spam emails, it means that someone has gathered your email address from you logging in somewhere (NOT YOUR PASSWORD) and is sending you unsolicited emails, it's like people sending you through advert slips through the mail, you can't do anything to stop it other than add it to your spam filter on your email account. It's not related to anti virus, it's controls within any email account that you need to use to filter out bad emails.

You need to think of it as the same as your house, if someone knows your address, you can't stop them sending you a letter or turning up on the doorstep.

It's nothing to do with internet provider, it's down to you to manage your accounts and route stuff to spam where necessary or block it entirely.

You can check weather online accounts have been breached by HaveIBeenPwned: https://haveibeenpwned.com/

But spam email is just someone sending you an email, that's all, there's no security implication, unless you open the email and click on dodgy links.

Similarly, you can't stop people trying to hack you other than by not clicking on dodgy links in emails or visiting dodgy websites which then broadcasts your IP address to the bad actors. Once they have your details ie email addres or IP, there's nothing you can do to stop them trying to attack you other than change your email provider and ISP and therefor get a new IP address and email address.

But spam email and account hack attempts are very normal, even moreso if there's been an account leak (which you can't prevent against). That's exactly why you have spam filters and 2FA. Every email account gets spam, that's why you have a spam inbox.

This is basic internet security you should be doing on a daily basis.

 

[RichLan564]

As the title says.
Reason i ask for the past week. I have had to change all my password as someone in russia been trying to hack all my accounts. I also have 2-Step verification enabled for all my devices.

ubisoft.
Steam
Battlenet etc.
I am getting spam emails. I been intouch with Internet provider and they told me they can't do anything about it.
Virus scanner and firewall all active. Windows security showing as no action needed. Its getting a joke and now i am running out of passwords.

I'm genuinely interested how you have deduced this? Who told you you had been hacked by somebody in Russia?

Also WRT running out of passwords just use a password manager, it creates them for you.

 

[ubuysa]

As above, you can't stop spam emails. What you can do however, is investigate the spam filter on whatever email provider you use. Gmail for example, has a good spam filter. These don't stop the spam email, but they stop you seeing it. You might also consider an email client like Mozilla Thunderbird, it has an excellent spam filter.

If I were in your position I would change my email provider. Set up new email accounts somewhere else. I use two accounts, a public one and a private one. The public one is only used online, for forums (like this one), online shopping, etc. It will get all the spam. My private one is never used anywhere online, but this is the one I use for emailing friends and family etc.

There are a few key rules that you MUST follow if you want to stay safe online, and prevent your passwords being compromised:

1. Never use the same password on multiple accounts. Once a criminal has discovered one password the will try this password on every account of yours that they can find.

2. Use a password manager and generate random passwords. I use Keepass2 and have done for many years. All my passwords are generated by Keepass and they are long and impossible to guess.

3. Never EVER click on any link in an email, no matter where it comes from. It it appears to be from a bank or other organisation, then open a browser, navigate top the bank or organisation's website, and login from there. If it's from a friend or relative, then confirm directly with the friend or relative that it's genuine.

4. Never EVER download 'hacked' or pirated versions of software, especially via a torrent client. You never know what malware will come bundled with it!

5. Take care when entering website URIs. Criminals will setup convincing websites with similar looking domain names in the hope of catching lazy typers out. Amzaon.com for example, or cittibank.com. Set up bookmarks for all websites you normally visit, and check carefully that they are correct.

6. Never click on any button or link in a webpage unless you know where it will take you. Avoid at all costs just clicking through interesting looking links. Most legitimate websites will warn you if a link you're clicking will take you to a third-party site - avoid these.

7. Stay away from p.o.r.n sites. They are the most favoured way of infecting you with password stealing malware.

The bottom line is this; treat the web in the same way you would when walking around a major city alone in the dark. There really are criminals hiding round every corner on the web, and if you don't look where you're going then they will catch you out.

Oh, and just because someone says you've been hacked doesn't mean that you have. Especially if it's from someone you don't know.

 

[carlos726811]

I'm genuinely interested how you have deduced this? Who told you you had been hacked by somebody in Russia?

Also WRT running out of passwords just use a password manager, it creates them for you.

Well i got email from ubisoft stating someone got on my account and it stated in email Russia and the ip address. I Got intouch with ubisoft. they told me to screenshot the email which i did. they stated it was from them. They had a look and they told me in convo that someone was on my account now from russia. and i checked my bank and noticed someone purchesed a ubisoft game from my account.

 

[Scott]

Sounds like someone got into your Ubisoft account specifically. Nothing more to add other than the advice given above.

Make sure you use 2FA with your mobile, rather than your email though. If they get the email first, they get the keys to the kingdom.

 

[B4zookaw]

I echo ubuysa's advice on using a password manager and random passwords for every site. And above all else, never use the password you have for your email address anywhere else, ever. If they get access to your email, you loose access and control of everything!

What I'd do is change password on your email address asap, and then try and regain control of your ubisoft account by initiating a password reset. And then once back in control of account, change password, enable 2FA, etc.

 

[TonyCarter]

I'd also recommend NOT saving payment details (i.e. debit card, credit card or bank account) in any online account...be it a games service or an online marketplace.

I'm even wary of linking my Xbox account with other game publishers after getting pwned by the EA hack many years ago (2011 according to my email conversation with them).

In my case the EA servers were breached which meant the hacker had access to my linked Microsoft Xbox account details and went and bought a load of FIFA Premium Gold Packs with my Microsoft Points (which I was saving up for an Xbox One pre-order). EA didn't give a damn, and Microsoft said it was my fault for signing in to the EA apps with my Microsoft Account (it was an option they provided FFS).

I only got them refunded after Microsoft had investigated and saw that I hadn't even installed FIFA (of any vintage) on my Xbox. Luckily I didn't have, and don't have my payment instructions stored on those sort of sites.

Now I have an authenticator app for most websites, and some even allow me to use my iPhone as a hardware key using biometrics to provide authentication.

 

[Steveyg]

Yeah if there's anything we know for absolutely surety is that companies cannot be trusted with your sensitive information

 

[Martinr36]

Best security is all of the above and common sense

 

[Rakk]

I'm genuinely interested how you have deduced this? Who told you you had been hacked by somebody in Russia?

Some scammers are actually using that line - I know every so often I get a call from someone claiming to be 'Virgin tech support', obviously I know they're scammers, but they tell you that they've discovered there are Russian hackers getting onto your machine/network and proceed to get you to look in the Event Viewer at the bit where there are always errors and obviously that shows that they are trying to hack in - obviously they are talking complete rubbish, but its normally after about 10 mins I get bored of stringing them along and tell them to go away (not always in a very polite way lol)

 

[RichLan564]

Some scammers are actually using that line - I know every so often I get a call from someone claiming to be 'Virgin tech support', obviously I know they're scammers, but they tell you that they've discovered there are Russian hackers getting onto your machine/network and proceed to get you to look in the Event Viewer at the bit where there are always errors and obviously that shows that they are trying to hack in - obviously they are talking complete rubbish, but its normally after about 10 mins I get bored of stringing them along and tell them to go away (not always in a very polite way lol)

That's what i wondered, anybody could be anywhere now with VPN etc. i would have thought a genuine "hacker" would cover their tracks better than that, more like a chancer than hacker.

Love those phone calls, I have a nice chat with them now and again too, i like it when i get them to a point where they tell me i'm wasting their.

 

[Martinr36]

If my 93 year old mother gets such calls, she tells them that me or my sisters deal with such things and proceeds to hang up and block the number.

If she gets a dodgy text or WhatsApp it gets dealt with in a similar manner