Now what do I do? Went to delete junk mail and every single notification that someone is accessing my account from Moscow is in the trash like they've been deleting them before I saw. Who I guess. Disable account?

@Klaatu_Veratta_Nectarine Either it’s the same person or… this is from 2022.

@Klaatu_Veratta_Nectarine Looks like it may be a phishing attempt - I’d still recommend a password change, especially if you used the link in the email, and also do an immediate AV/Malware scan.

Likely someone grabbed your email address from one of your other contacts that did actually get compromised and they’re sending out phishing attempts based on that.

@Klaatu_Veratta_Nectarine IT IS ENTIRELY POSSIBLE that they used the same IP address, but DHCP is typically used on ISP networks (source: I work for an ISP and we use DHCP) so they’d have a different IP a year later, odds are…. Unless they have static for some reason and… why would a non-state, malevolent entity use a static IP…? Heck why would a state malevolent entity use a static IP?

@EnochianEntropy @Klaatu_Veratta_Nectarine via an IP address tool:

@Exitpass @EnochianEntropy Thank you? But couldn't they use a vpn?

@Exitpass @EnochianEntropy I am kind of dumb. Not super worried but wow

@Klaatu_Veratta_Nectarine @Exitpass VPN or a proxy - they can both mask an IP.

@EnochianEntropy @Exitpass it's just weird because i didn't get a Coso alert that info was compromised. I'm gonna blame the bird site because it makes me cranky.

@Klaatu_Veratta_Nectarine @Exitpass Those are going to be based on data that is known to be compromised - if it’s kept in the back pocket and not exposed to the internet at large, then it won’t be shown as compromised because the only one who knows that it’s compromised is the one who did the compromising or bought it from someone who didn’t share it out.

@EnochianEntropy @Exitpass
Ah. Makes sense.

@EnochianEntropy @Exitpass
What would be the point of them logging in and not changing the password. So not keeping stuff. They logged in every day at roughly the same time for a series of days. If they just wanted to peek why not download it all and go undetected? If they wanted to take the account over to try bribe me to pay them they would change the password. It's weird.

@Klaatu_Veratta_Nectarine @EnochianEntropy @Exitpass Not at all weird. If you are truly hacked then most likely they want to leverage their access to make a profit. But how? If they locked you out how would they contact you for ransom? They need to know who you are. If you have unique access to important accounts or sites then that's a way to profit. They're looking to see what they can use. In the meantime, they don't do anything to alert you that anything is wrong like changing your password.