It was just 3 weeks ago where I woke up one morning getting ready to send my kids to school and thought it was going to be just an ordinary day.
After having breakfast and drove my kids to school, my phone’s DND turned off and as I was driving back home I started to get a few notifications on my phone.
As I got back and sat in front of my PC, I checked all my phone messages and this was one of the many similar messages I received.
I was pretty much shocked as to why I was receiving this message as I surely didn’t get online nor did any task online for anything at 7am in the morning .
There were a number of Microsoft Accounts which I have and I started to be very suspicions of this activity leading me to start trying to login to all my email accounts of importance.
All was able to login except for 1 of my account. A very old account which I created more then 15 years ago. I have not logged into this account for awhile however I still remembered my password as I’ve not changed it for a long time.
Seeing that I was unable to login, I quickly did a reset and true enough, each time I reset it required a authentication code which showed similar message as above.
By now, I’ve got 2 scenarios in which I was thinking off.
- My email is hacked and password was compromised
- My phone SIM card is cloned thus getting weird messages
To eliminate one of the possibilities, I quickly head off to the telco and got my SIM CARD change. While doing that … I then realized my FB could not login and few other stuff I was unable to login.
Things was getting extremly critical at this point and I was in a mere panic state
So ok .. taking things I knew I had to take drastic measures. As all I could do not is the most obvious thing.
LOGIN EVERY ACCOUNT I HAD AND CHANGED PASSWORD !
I quickly did all of those … login to my main emails and change password. Then login to my social media like FB and change password … loging to all my crypto related exchanges and change password.
However while I was doing all of that, it seem that my main email accounts ( none microsoft ) keeps resetting itself again.
What I did next closed the leak
Keeping a clear head was the main thing, as I was already in a state of panic .. so thinking back, my old email account ( HOTMAIL from microsoft )
- I had to recover that and after I got a new SIMCARD and then change the password on that.
- I also enabled secondary verification by phone. Lucky I had 2 phones
Once I did that I checked all the security login logs. It looks something like this.
One of it was successful as I went thru the logs and it was connected from CANADA. Unfortunatly I don’t have the screen shot here.
Now once I cleared that, added security, it was time to change once more all my other accounts password once more.
This time, all my passwords remained changed and didn’t reset itself. By then a few accounts were unable to be access already as it was changed to a unknown password, however I manage to recover it.
How they managed to gain access and hack my accounts !
This is just a rough indication on how they were able to access a lot of my stuff because I didn’t pay attention to my recovery email which I’ve not login for the longest time since I do not use it much anymore.
For those of you who do not know what IMAP is , its basically a way to syncronize your emails thru 3rd party apps for example if you are using iPhone and wanted IOS to manage your mails, you would use the IMAP function to sync it.
Apparently that this IMAP sync hack has been around for awhile and Microsoft is aware about it. Its not really a security flaw, however its more of a feature, which of course can be abused if somehow your username and password has been compromised.
What I learn from this
- Secure the email which you use as a recovery email and don’t use that email at all if possible to signup for anything online
- ALWAYS enable secondary authentication like 2FA
- Manage your password well and try not to use the same password in all your site. Even though I do have a standard password which I use for dodgy sites however you can’t be too careful as even the best companies in the world are not spared from hackers trying to gain access to their databases.
- Frequently check and verify your security logins on all your main accounts.
I do hope that you would not go thru this experience as I did, it really wasted a lot of time and I felt disgusted at the fact that someone had breached my privacy.
I did suffer some losses, this was purely because I so happened to be awake at the time of the hack. Its indeed an experience which I don’t wish any of you to partake in.
Cheers and hope my sharing will be able to help you guys to start securing your accounts more.