For the past month or so I feel like I've been targeted by a every persistent actor, from password resets to personal email account, auto-dialers, to countless text messages about coinbase/ledger transfers, verification codes, password resets, logins from other devices, etc. It's really annoying that some have definitely have access to a database leak with personal information as some of these e-mails and texts appear to be carefully crafted to reflect that knowledge. Some emails don't even get marked as spam. Stay safe out there, cold storage or bust. Self-custody and privacy above all.
Discussion
Sounds like a data breach on one of your bitcoin / crypto platforms. Check if your email has been doxed. There is several sites where you can do that.
I know exactly where the leak came from unfortunately. Over the years I've collected a large dataset of various crypto related leaks myself thanks to #OSINT. It's all out in the open. Sites like https://haveibeenpwned.com is just a tip of an iceberg.
Important to use different passwords on all sites, especially key ones like financial or main email. Maybe memorize/write and don't even save digitally the most important imo.
I used to have same password across so many sites it's scary to think what could have been accessed
My default setting for Bitwarden/Keepass password managers is 40 characters with special characters included.
Fun when you wanna log into Netflix at Airbnb or something lol. I do something similar
I hope you are not typing all 40 characters into the password field!
More like 20 for that one
Use the app/extension for that!
Do you memorize all your passwords, YODL?
No lol. But a few key ones I don't store digitally
Yodl the Quant โญ๏ธ๐
Fool me once...we won't be fooled again!
I did no such thing ๐คญ
No, but I definitely leaked shared passwords back when, so had to tighten up my process a bit. Took many hours ๐ญ
Dammit, I knew I'd seen it recently on pitufin but didn't have it faved
Same, often times, I am like, "I know I have just the perfect GIF response for that!" But finding it...I wish more people helped with tagging process!
I'm tired boss
I hear ya! It's fun, but then it gets a bit old. Working on a motivation mechanic to get more help! Stay tuned.
Yeah, I get a lot of scam attempts too. Spam calls, scam texts and emails, often crypto related. Thanks kyc for protecting me
Yeah, I wish I could just not have e-mail or phone number at this point.
You might use this crisis as motivation to adopt a one unique email per account setup via simplelogin.io or addy.io
You'd have to burn your leaked email and create a new personal one but it will provide a bulwark should any more account details get leaked.
Thank you for the recommendations!
Happy to help.
For phone number segregation you might consider something like mysudo, JMP.chat or Cloaked.
Some of these phone services also offer disposable emails too.
One thing I'd recommend doing if you're not trying to remain highly anonymous is registering your own custom domain name for all the email aliases you'll be generating. That was you can take them with you easily should you opt to switch to another provider or even self host if so inclined. (Addy.io offers their software as a free self hosted option).
It goes without saying that you'll need a robust password manager to keep track if all your unique account emails and passwords.
I pretty much moved all my e-mail to my own domain and was doing what you recommended. The legacy email is just something that had a long history and was tied to my identity and it's a bit of a pain to completely dump it at this point. In terms of phone numbers, I just use a VOIP as my default for general screening, never give out my actual number. So, everything that comes in there I know is not valuable.
Also this: https://silent.link/
SUPERCYCLE
Is it really?!
Privacy is the key ๐๏ธ