Account being compromised on MCM

Plunders · Jun 11, 2019

People get scammed and then a staff marked the acc as compromised i am thinking that some staff is doing this shitty scum thing or if im wrong then correct me it's just sketchy i see everyday people gets scammed before they mark the acc as compromised.

Kuzni · Jun 11, 2019

It's just people being stupid and having shit security, mcm accounts will always be target's because high rep = easy scam

Sloth · Jun 11, 2019

Kuzni said:
It's just people being stupid and having shit security, mcm accounts will always be target's because high rep = easy scam

Sometimes I don’t really understand how it can happen so easily. 2FA and location requirements alongside having a decent password is all it takes to prevent a security breach.

Megumin · Jun 11, 2019

Avidify said:
Was just scammed after i binned Shape, hate to say it but you cant trust rep on this site and I wouldnt doubt if some scummy shit is going on.

Rep can be trusted because they have more to lose and are clearly legit?[DOUBLEPOST=1560288709][/DOUBLEPOST]You only have 1 rep

Megumin · Jun 11, 2019

Avidify said:
Thanks for pointing out I only have 1 rep I didn't notice and I care a ton.

Accounts can be compromised and there are always ways to scheme or just exit scam and never look at the site again, maybe you should stop blindly trusting people off of a number and a couple reviews.

As for the Shape situation it was a misunderstanding and it has been resolved.

I don't blindly trust people? lol.

Fire · Jun 11, 2019

These are the most practical methods that comes to mind for compromising an account:

Sending a user, a link to a URL that looks like MC-Market, with a page that looks identical to MC-Market, but not logged in, so the user has to login again, therefore enters their password. When entered, it sends them to the real site. So, they don’t see that anything has happened. From there, login to their account, and hope they don’t have 2FA setup. If they do, that’s the end of the road, unless their MC-Market password and email password is the same.

Secondly, send the user an executable file and in some way convince the user to run it. From there you can gain access to someone’s system and retrieve their password (Likely stored in the browser), and even access their email to find the 2FA code.

To protect your account from being compromised, all you really need to do is the following;

Do use 2FA.
Don’t use the same password for MC-Market and your email.
Don’t run EXE, or other executable file types people send you.
Where possible, check the URL is correct before logging in to the site. However as long as you follow the above 3, you might be fine.

Lotus · Jun 11, 2019

The most common cause to why an account is compromised on MCM, and quite frankly any other platform, is due to ‘credential stuffing’. People still do use the same password for most platforms they use, which makes it easy for anyone to simply try logging in with credentials from leaked databases.

https://haveibeenpwned.com/ - Do ensure your credentials have not been leaked elsewhere and take heed to all the advice posted in this thread to enhance your online security.

Kuchy · Jun 12, 2019

Plunders said:
i see everyday

The 1 day you've been here you've seen that much? Wow, you really explored the site in depth in that case...

pet · Jun 12, 2019

GeckoThePecko said:
im dying every single email I have is listed as pwned on that site lmfao

Mood :rofl:

DarkKnights22 · Jun 12, 2019

Lotus said:
The most common cause to why an account is compromised on MCM, and quite frankly any other platform, is due to ‘credential stuffing’. People still do use the same password for most platforms they use, which makes it easy for anyone to simply try logging in with credentials from leaked databases.

https://haveibeenpwned.com/ - Do ensure your credentials have not been leaked elsewhere and take heed to all the advice posted in this thread to enhance your online security.

exactly xD

User · Jun 12, 2019

Lotus said:
The most common cause to why an account is compromised on MCM, and quite frankly any other platform, is due to ‘credential stuffing’. People still do use the same password for most platforms they use, which makes it easy for anyone to simply try logging in with credentials from leaked databases.

https://haveibeenpwned.com/ - Do ensure your credentials have not been leaked elsewhere and take heed to all the advice posted in this thread to enhance your online security.

I'd also suggest avast.com/hackcheck. It shows you the site/app you were hacked on and the actual password that was hacked, so you know whether you're currently at risk or if it's just an old, unused password.

Account being compromised on MCM

Plunders

Kuzni

If you signed up after 2016 don't diss me thx

Sloth

Feed Me

Megumin

Georgia✟#0264 add me even if it's just to chat

Megumin

Georgia✟#0264 add me even if it's just to chat

Fire

Always DM me here before dealing via Discord.

Lotus

Professional Flower

Kuchy

Web Developing Cake

Attachments

pet

Jahn is MY DADDY :)

DarkKnights22

Professional Java Developer

User

i left click on lego people