MrJ2U Posted August 19, 2021 Share Posted August 19, 2021 Luckily I checked because this evening purchases were made from somebody who stole my information. I've changed my password, took of the credit card on file, and cancelled the orders. You may want to check your Shoppee account. I found out from messenger about the orders. Link to comment Share on other sites More sharing options...
Popular Post CharlieH Posted August 19, 2021 Popular Post Share Posted August 19, 2021 This does mot mean that Shopee has been breached. I have seen this numerous times where Google is saying this or that password has been exposed elsewhere on the internet. It is generally referring to people who use the same password on different sites, then suggests you change one of them. 3 2 Link to comment Share on other sites More sharing options...
Popular Post Kildonan Posted August 19, 2021 Popular Post Share Posted August 19, 2021 Yes, I got double orders turning up, one after the other, on the same day! Just as well I have learned my lesson NOT TO PAY IN ADVANCE, as the time taken to get your money back is months! Everything now Cash On Delivery! 2 1 2 Link to comment Share on other sites More sharing options...
MrJ2U Posted August 19, 2021 Author Share Posted August 19, 2021 6 minutes ago, CharlieH said: This does mot mean that Shopee has been breached. I have seen this numerous times where Google is saying this or that password has been exposed elsewhere on the internet. It is generally referring to people who use the same password on different sites, then suggests you change one of them. Anyway I was alarmed. Just thought I'd mention it just in case this isn't an isolated incident. Link to comment Share on other sites More sharing options...
CharlieH Posted August 19, 2021 Share Posted August 19, 2021 8 minutes ago, MrJ2U said: Anyway I was alarmed. Just thought I'd mention it just in case this isn't an isolated incident. A simple Google security check. Just a good reminder to people NOT to use the same password on different sites. Personally I use a password manager and that takes care of all that now. 1 Link to comment Share on other sites More sharing options...
MrJ2U Posted August 19, 2021 Author Share Posted August 19, 2021 2 minutes ago, CharlieH said: A simple Google security check. Just a good reminder to people NOT to use the same password on different sites. Personally I use a password manager and that takes care of all that now. Which one? I think I need that. Link to comment Share on other sites More sharing options...
CharlieH Posted August 19, 2021 Share Posted August 19, 2021 2 minutes ago, MrJ2U said: Which one? I think I need that. I use one called "last pass" as its the last pass you"ll ever need, just one to remember ???? https://www.lastpass.com/ 1 Link to comment Share on other sites More sharing options...
MrJ2U Posted August 19, 2021 Author Share Posted August 19, 2021 11 minutes ago, CharlieH said: I use one called "last pass" as its the last pass you"ll ever need, just one to remember ???? https://www.lastpass.com/ Thanks. Definitely worth a try. Link to comment Share on other sites More sharing options...
BritManToo Posted August 19, 2021 Share Posted August 19, 2021 I use the same password on everything. If someone wants to order free stuff for me I don't mind. If someone wants to use my Facebook page feel free. Nothing encrypted or locked on my PC, totally happy for anyone to view, nothing of interest to find. Too many people over concerned with security for trivial things. Back in the UK HM Tax and NI are so secure I can't pay contributions or tax bills. Why would I care if someone wants to make my NI or tax payments for me? Make my day! 1 1 Link to comment Share on other sites More sharing options...
MrJ2U Posted August 19, 2021 Author Share Posted August 19, 2021 1 minute ago, BritManToo said: I use the same password on everything. If someone wants to order free stuff for me I don't mind. If someone wants to use my Facebook page feel free. Nothing encrypted or locked on my PC, totally happy for anyone to view, nothing of interest to find. Too many people over concerned with security for trivial things. Back in the UK HM Tax and NI are so secure I can't pay contributions or tax bills. Why would I care if someone wants to make my NI or tax payments for me? Make my day! They used my credit card to buy camera equipment. I wasn't to happy about that. 1 Link to comment Share on other sites More sharing options...
Popular Post BritManToo Posted August 19, 2021 Popular Post Share Posted August 19, 2021 Just now, MrJ2U said: They used my credit card to buy camera equipment. I wasn't to happy about that. Don't let online shopping sites keep you CC/DC details. (Doesn't every purchase require you to enter the 3 digit number on the back of the card?) Use COD. 2 1 Link to comment Share on other sites More sharing options...
MrJ2U Posted August 19, 2021 Author Share Posted August 19, 2021 Yup! Ive deleted my cc in the account. Especially here in Thailand. In the US you have limited liability for fraudulent charges. Link to comment Share on other sites More sharing options...
FritsSikkink Posted August 19, 2021 Share Posted August 19, 2021 3 hours ago, BritManToo said: I use the same password on everything. If someone wants to order free stuff for me I don't mind. If someone wants to use my Facebook page feel free. Nothing encrypted or locked on my PC, totally happy for anyone to view, nothing of interest to find. Too many people over concerned with security for trivial things. Back in the UK HM Tax and NI are so secure I can't pay contributions or tax bills. Why would I care if someone wants to make my NI or tax payments for me? Make my day! Typical noob answer, they can empty your bank account pretty easy. 2 Link to comment Share on other sites More sharing options...
gearbox Posted August 19, 2021 Share Posted August 19, 2021 6 hours ago, MrJ2U said: Anyway I was alarmed. Just thought I'd mention it just in case this isn't an isolated incident. You should be alarmed...it means that particular username/password combo is compromised and widely known. If they guess for example that you have a Shopee account they would have been able to log in as you. You can check your Shopee user name in how many breaches was involved here: https://haveibeenpwned.com/ Unfortunately it doesn't show the exact web sites compromised, as often these are combined and aggregated, and then sold on the back market. You should try to figure out where you have used this username/password, then go to these sites and change the password with an unique password. For best results use a password manager, and let the manager to generate unique machine passwords for you for each site, these are currently unbreakable. 1 Link to comment Share on other sites More sharing options...
fangless Posted August 20, 2021 Share Posted August 20, 2021 9 hours ago, BritManToo said: I use the same password on everything. If someone wants to order free stuff for me I don't mind. If someone wants to use my Facebook page feel free. Nothing encrypted or locked on my PC, totally happy for anyone to view, nothing of interest to find. Too many people over concerned with security for trivial things. Back in the UK HM Tax and NI are so secure I can't pay contributions or tax bills. Why would I care if someone wants to make my NI or tax payments for me? Make my day! Jeremey Clarkson once thought the same as you and published his details in his newspaper column. A prankster set up a Direct debit to a charity and took £500 out of his account. BBC NEWS | Entertainment | Clarkson stung after bank prank 1 Link to comment Share on other sites More sharing options...
mtls2005 Posted August 20, 2021 Share Posted August 20, 2021 (edited) 11 hours ago, CharlieH said: This does mot mean that Shopee has been breached. I have seen this numerous times where Google is saying this or that password has been exposed elsewhere on the internet. Yes, this is the excuse Lazada (and Shopee and LINE) used late last year for their MASSIVE (13 million accounts in Thailand) data breach. “Our investigation shows that the leak did not come from Lazada but a third-party provider,” Pimchaya Boonyarathapan, a Lazada public relations official, told Thai Enquirer. When asked who was the third party provider, the rep said she did not know. https://www.thaienquirer.com/20953/lazada-suffers-data-hack-of-13-million-accounts/ Edited August 20, 2021 by mtls2005 1 Link to comment Share on other sites More sharing options...
mtls2005 Posted August 20, 2021 Share Posted August 20, 2021 12 hours ago, MrJ2U said: In the US you have limited liability for fraudulent charges. You can of course use a U.S.-issued credit card here, obviously choose one without the 3% foreign transaction surcharge, and afford yourself all the same protections. No annual fee: https://www.bankofamerica.com/credit-cards/products/travel-rewards-credit-card/ $95 annual fee (100,000 point sign up bonus): https://creditcards.chase.com/rewards-credit-cards/sapphire/preferred 1 Link to comment Share on other sites More sharing options...
jobsworth Posted August 20, 2021 Share Posted August 20, 2021 17 hours ago, CharlieH said: A simple Google security check. Just a good reminder to people NOT to use the same password on different sites. Personally I use a password manager and that takes care of all that now. until the password manager gets hacked. 2 Link to comment Share on other sites More sharing options...
chilly07 Posted August 20, 2021 Share Posted August 20, 2021 COD is the answer! 1 Link to comment Share on other sites More sharing options...
MrJ2U Posted August 20, 2021 Author Share Posted August 20, 2021 12 hours ago, gearbox said: You should be alarmed...it means that particular username/password combo is compromised and widely known. If they guess for example that you have a Shopee account they would have been able to log in as you. You can check your Shopee user name in how many breaches was involved here: https://haveibeenpwned.com/ Unfortunately it doesn't show the exact web sites compromised, as often these are combined and aggregated, and then sold on the back market. You should try to figure out where you have used this username/password, then go to these sites and change the password with an unique password. For best results use a password manager, and let the manager to generate unique machine passwords for you for each site, these are currently unbreakable. Gotta get myself a password manager. Link to comment Share on other sites More sharing options...
MrJ2U Posted August 20, 2021 Author Share Posted August 20, 2021 5 hours ago, mtls2005 said: You can of course use a U.S.-issued credit card here, obviously choose one without the 3% foreign transaction surcharge, and afford yourself all the same protections. No annual fee: https://www.bankofamerica.com/credit-cards/products/travel-rewards-credit-card/ $95 annual fee (100,000 point sign up bonus): https://creditcards.chase.com/rewards-credit-cards/sapphire/preferred I've got that. I wasn't sure it covered foreign companies like Shoppee, Lazada, etc. I'll call them. I've got Chase Sapphire preferred. Link to comment Share on other sites More sharing options...
ericthai Posted August 20, 2021 Share Posted August 20, 2021 On 8/19/2021 at 10:26 AM, MrJ2U said: Yup! Ive deleted my cc in the account. Especially here in Thailand. In the US you have limited liability for fraudulent charges. I started using virtual credit cards. I use a free service and have multiple cards. I use one card for ebay. when I make a purchase I change the limit on the card from $0 to the amount I need, make the purchase and then turn the card back to $0. I use another one for Netlfix, the netflix card only allows 1 transaction a month of no more than $15. I use them for trail memberships too. They are linked to my credit card which I have fraud protection on that too. I like this as my CC info is not being used all over the net. Sometimes it is a pain to login change the allowed amount and then go and change it back to $0 afterward. The nice thing is using it for free trails, no more forgetting to cancel before XX amount of days or getting overbilled by a company. 2 Link to comment Share on other sites More sharing options...
MrJ2U Posted August 20, 2021 Author Share Posted August 20, 2021 Just now, ericthai said: use another one for Netlfix Thanks, reminded me I need to change that password to. Ugh. I'm getting a password manager tomorrow. Some good ideas about the virtual cc. Thanks buddy. 1 Link to comment Share on other sites More sharing options...
ericthai Posted August 20, 2021 Share Posted August 20, 2021 24 minutes ago, MrJ2U said: Thanks, reminded me I need to change that password to. Ugh. I'm getting a password manager tomorrow. Some good ideas about the virtual cc. Thanks buddy. send me a message and I'll send you a link where we both can get $5 Link to comment Share on other sites More sharing options...
david555 Posted August 20, 2021 Share Posted August 20, 2021 1 hour ago, ericthai said: I started using virtual credit cards. I use a free service and have multiple cards. I use one card for ebay. when I make a purchase I change the limit on the card from $0 to the amount I need, make the purchase and then turn the card back to $0. I use another one for Netlfix, the netflix card only allows 1 transaction a month of no more than $15. I use them for trail memberships too. They are linked to my credit card which I have fraud protection on that too. I like this as my CC info is not being used all over the net. Sometimes it is a pain to login change the allowed amount and then go and change it back to $0 afterward. The nice thing is using it for free trails, no more forgetting to cancel before XX amount of days or getting overbilled by a company. Same way i do , a much more effort , but the safest way , limiting the limit in the time you do not need to order or pay , same i do for PayPal , no automatic payments , and for Lazada pay on delivery ..... 2 Link to comment Share on other sites More sharing options...
mtls2005 Posted August 21, 2021 Share Posted August 21, 2021 Use unique passwords Change them often Use 2FA for EVERYTHING, incl. log-in. Have notifications turned on for EVERYTHING 1 Link to comment Share on other sites More sharing options...
MrJ2U Posted August 21, 2021 Author Share Posted August 21, 2021 9 hours ago, ericthai said: send me a message and I'll send you a link where we both can get $5 I just bought Dashlane last night. Transfered all my password through chrome. Found two of my accounts on the Dark Web. Thanks anyway. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now