ND40oz **Possible Compromised Account**

well darn... all this stuff going on.... i bit the bullet and did the ole 2-factor auth.. even though I rarely sell high priced items..
 
Kinda wish [H] would force everyone to change passwords at minimum. Though I get how much of a headache that is for the mods/users.
I've been using unique passwords for every site/service for several years now to avoid issues like this.
 
Yeah, put a flag in your profile that you want to enable the BST forum. Then that flag requires 2FA to be enabled on your account.

I know. I know. Easier said than done.
 
I am still a super mod (but inactive) over at Anandtech forums. I did check to see if your acct was compromised (which right now it isn't) I would enable 2FA there as well.

Thanks, updated and MFA setup over there, different password than here to begin with but might as well just move everything over to my pw manager.
 
Kinda wish [H] would force everyone to change passwords at minimum. Though I get how much of a headache that is for the mods/users.
I've been using unique passwords for every site/service for several years now to avoid issues like this.
It's not a bad headache using bitwarden or descent pw managers
 
Can you reverse the charge on the CC or bank?
He said he sent the money via Zelle. They say right on their website that you should not use it for high-risk purchases. It is primarily meant to send money quickly among friends and family.

1642612183784.png
 
Nope, 2 different managers said I am out of luck. funds cleared and gone.
Isn't [H] full of computer dudes that can find anyone, anywhere? can't you find the guy and flood his inbox with goatse or something?
 
No, Venmo and Cash App are both the same - no protection just like Zelle.
Just wanted to add that Venmo does actually offer a purchase protection program, which benefits buyers & sellers with some recourse/redress options, granted its a qualifying purchase made to a business profile. Source: https://venmo.com/legal/us-user-agreement/#venmo-purchase-program

With Zelle, I've seen some transactions reversed in cases where the sender/originator's actual online banking account was compromised. In this case of course, Dark12 wouldn't be able to pull that string because he himself intentionally submitted the payment, not a 3rd party who gained unauthorized access to his online banking account. Zelle does recommend that you contact them though. Even if they can't get your money back, they can at least rat out the scammer to their bank/credit union: https://www.zellepay.com/support/report-scam
 
Last edited:
Isn't [H] full of computer dudes that can find anyone, anywhere? can't you find the guy and flood his inbox with goatse or something?

The Venmo and Zelle accounts he/she are using have completely different names associated with them. This I believe counts as wire fraud though and Dark12 may be able to open a case for it.
 
Yea I fucked up.


Nope, 2 different managers said I am out of luck. funds cleared and gone.
don't give up yet. i assume you paid through Zelle via a credit card, debit card, or bank account - work with whichever one it is and explain the situation. the squeaky wheel gets the grease, as they say.
 
don't give up yet. i assume you paid through Zelle via a credit card, debit card, or bank account - work with whichever one it is and explain the situation. the squeaky wheel gets the grease, as they say.
This day and age, I'd be amazed if he even was able to get an actual human to the phone; nevermind one that understands what he's saying.
 
Just wanted to add that Venmo does actually offer a purchase protection program, which offers some recourse/redress for buyer & sellers granted its a qualifying purchase made to a business profile. Source: https://venmo.com/legal/us-user-agreement/#venmo-purchase-program

With Zelle, I've seen some transactions reversed in cases where the sender/originator's actual online banking account was compromised. In this case of course, Dark12 wouldn't be able to pull that string because he himself intentionally submitted the payment, not a 3rd party who gained unauthorized access to his online banking account. Zelle does recommend that you contact them though. Even if they can't get your money back, they can at least rat out the scammer to their bank/credit union: https://www.zellepay.com/support/report-scam
Good info! Unfortunately, in this case this is to an individual. I would recommend PayPal Goods and Services for this type of transaction.
 
don't give up yet. i assume you paid through Zelle via a credit card, debit card, or bank account - work with whichever one it is and explain the situation. the squeaky wheel gets the grease, as they say.
I spent an hour bitching to 2 different managers at Chase this morning. They said since I initiated the transfer I am on the hook, but they'll investigate. :rolleyes:

My old business ran a million dollars through chase business without a single complaint. You'd think they could eat this for customer service reasons.

Considering moving to a credit union. I know this was my fault, but still.
 
I spent an hour bitching to 2 different managers at Chase this morning. They said since I initiated the transfer I am on the hook, but they'll investigate. :rolleyes:

My old business ran a million dollars through chase business without a single complaint. You'd think they could eat this for customer service reasons.

Considering moving to a credit union. I know this was my fault, but still.
A good credit union would be far more willing to work with you.

If your using a bank like chase get over it. Its just buisness in their mind, no customer service involved besides the nice people on the phone to politely tell you no.
 
I fully agree here. But part of the problem is that the sellers are the compromised ones. The buyers should be wary of Venmo, PP G&S, and Zelle.
The buyer could have easily not lost his money with one quick phone call.

We have done a sitewide pw reset in the past, and it is a fucking shitshow that I in no way have the resources to manage.

So if you are not protecting yourself on trades with some simple acts of self protection, that is on you.
 
The buyer could have easily not lost his money with one quick phone call.

We have done a sitewide pw reset in the past, and it is a fucking shitshow that I in no way have the resources to manage.

So if you are not protecting yourself on trades with some simple acts of self protection, that is on you.
I take the blame. Owned up to my stupidity. Don't be like me, folks.
 
I take the blame. Owned up to my stupidity. Don't be like me, folks.
Not directed at you. Directed at people that think resetting passwords for a million people is no big deal or turning on 2FA for over a million folks is easy to work through. Props on you for taking responsibility. A lot of folks are not like you.
 
Oh shit, I was watching this go down this morning. Thank God ND40oz figured it out, but I feel awful for Dark12... Damn, what a nightmare....
 
fucking sucks to be me.
Still better than I did. I lost $1100 to a compromised account here right before the "Be Careful" thread was posted because I had done business with the guy before so I had let my guard down despite other red flags.
 
I would like to know how the account owner failed from a security perspective so it can be shared as a PSA. The scammer could have easily "sold" the card as well as other scam deals at more reasonable prices and buyers would not have been aware until even later.
 
Last edited:
I would like to know how the account owner failed from a security perspective so it can be shared as a PSA. The scammer could have easily "sold" the card at a more reasonable price and buyer would not have been aware until even later.
It links back to what I thought was a leak/hack of Heatwave credentials that I don't think was every admitted by heatware. The effected users had the same password at Heatware as other sites.

I may be wrong, but this is what I gathered over the last few months.

Either way, this is from people using the same password at multiple sites/services.
 
Back
Top