Strange… and also a little scary.

A few days ago I got notification from Google to my phone that there were three failed sign-in attempts for my email address.

I was creeped out. I was scared. I wasn’t even near my computer at the time.

So, I went to my computer and I changed the password. I tried to think about who might be trying to log into my email address and I really wasn’t sure.

Tonight I got another notification from my phone that there had been three failed login attempts for my email address.

Now I’m sitting here really scared that someone, or some thing is trying to gain access to my email.

I’ve enabled two step verification for the time being, and again changed my password.

This is a really off feeling. I really don’t like it. It’s making me feel really anxious. I’m not sure what I should do. What I can do. What can I do?

52 thoughts on “Strange… and also a little scary.

      1. I don’t know if you use any password managers but I used 1password for ages to generate arbitrarily long and complex passwords, now I’m letting my mac/phone generate and save my passwords. 2-factor authentication on things like email is definitely essential, so I’d recommend sticking with it.

        Liked by 1 person

    1. hi,
      I also had tech issues โ€“ someone requested a new password for my Facebook account (I havenโ€™t used in ages) and then the same with Instagram today. Try not to worry โ€“ just make sure you inform them it wasnโ€™t you and put in a 2-step verification to feel safer.

      Liked by 1 person

  1. Noooo, that sounds awful! I don’t really have advise just some questions to ask yourself that might help you narrow things down.
    Have you signed up for any new websites recently? Does Google show you from what location the failed attempts are from? This might help you determine if it’s a bot or something as opposed to a real person who is targeting your account specifically. Good luck!

    Liked by 2 people

    1. Google doesn’t show where the failed log-in attempts are from. All it says is that there were three back-to-back.
      It’s the email address that I use for applying for jobs. I think that’s why I really don’t know who it could be. Because I apply for jobs, and I made a post earlier this week about seeing an uptake in job scams, I reaaaaaaally don’t know what it could be.
      Also though, because it’s the email address I use to apply for jobs, there’s a lot of personal information on it.

      Like

      1. Gotcha. Sounds like a bot, maybe? It’s happened to me before, but no one ever got into anything. You changed your password so I think you’ve done all you can do. Just keep an eye out for any similar notifications! Google I think will let you know whenever a log in is successful from a new device/connection. You will most likely be completely okay

        Liked by 2 people

  2. Login attempts aren’t personal. They’re bound to happen to anybody at some point. There will be automated systems guessing usernames/email addresses and passwords. Or they will have taken the email address from a data leak from some company, or some other public place. That happensโ€” those leaks are useful to those people just to have a list of email addresses to try. Whatever it is trying to login may not even know that it’s a valid email account.

    As long as you use a password manager and have unique, long passwords for everything you really don’t need to worry.

    Also you can put your email address in here and see if it’s linked to any known data breaches:
    https://haveibeenpwned.com

    I did the same after login attempts on my old facebook account, and found that my email address returned results on that site!

    This is what it says when I search with my email address:

    “Breaches you were pwned in

    A “breach” is an incident where data has been unintentionally exposed to the public. Using the 1Password password manager helps you ensure all your passwords are strong and unique such that a breach of one service doesn’t put your other services at risk.

    GeekedIn: In August 2016, the technology recruitment site GeekedIn left a MongoDB database exposed and over 8M records were extracted by an unknown third party. The breached data was originally scraped from GitHub in violation of their terms of use and contained information exposed in public profiles, including over 1 million members’ email addresses. Full details on the incident (including how impacted members can see their leaked data) are covered in the blog post on 8 million GitHub profiles were leaked from GeekedIn’s MongoDB – here’s how to see yours.

    Compromised data: Email addresses, Geographic locations, Names, Professional skills, Usernames, Years of professional experience”

    Liked by 2 people

    1. I’ve previously used the Pwned website, which is why I have such unique and weird passwords to start with. That being said when you reminded me tonight I checked and it says I have three breaches. Though it won’t tell me where. And, since I use this email address for applying for jobs, it literally could be ANYWHERE. Which is sad. and scary. and stupid. ugh

      Liked by 1 person

      1. Ah ok! Sounds like you were ahead of the game ๐Ÿ™‚.

        Interesting that you had 3 breaches! That could well be why you’re getting these attempts then. And yes, once it’s in the recruitment system, then it could be anywhere!

        You just have to see your email address itself as not a sensitive piece of information. Start from that assumption, and build your security measures around it. It certainly helps to highlight the need for strong passwords and 2-factor authentication, when you think that way!

        It’s only a positive thing that you get notifications about attempted logins ๐Ÿ˜†โ€” it’s good that these measures are in place, compared to back when we wouldn’t get these notifications. That’s my optimistic take! ๐Ÿ˜„

        Liked by 2 people

  3. Sending hugs….
    You can probably contact google, and remove all devices from approved devices but yours. And the 2 step verification should help. You should also make sure there are no viruses on your device.
    It really does sound creepy…
    Take care of yourself…..
    Love, light, and glitter

    Liked by 2 people

    1. I don’t actually log into any device that isn’t my own, so I’m safe from that perspective. Than kyou for the tip though! I will scan my system for viruses later today.

      Liked by 1 person

  4. You probably submitted your email to a newsletter or registered for a website somewhere. Unfortunately there are nefarious webmasters out there that will try to signin to your email account using the same password you used to sign up for their site. Obviously they do this in an attempt to intercept account data so they can steal your social media account, transfer money or otherwise benefit. If your Google password is different from the passwords used on other sites you don’t have anything to worry about. Hope this helps.

    Liked by 3 people

    1. Thanks! It’s the email address that I use for applying for jobs, so realistically, the nefarious system could be from anywhere….

      I think two -step authentication will keep me covered. At least for now. Thank goodness for weird passwords.

      Liked by 1 person

  5. Multi factor authentication all the way for peace of mind.

    I recently tried logging into my wifes email account (at her request!) I couldnt log in. Realise after 3 attempts I was using her married name rather than maiden name which is what her email address was in!

    Liked by 2 people

    1. Oh it’s definitely a legitimate notification. 9 years ago now an ex boyfriend got into my old email address and sent about thirty people in my contacts list a really awful lie about me that took more than a month to clear up. Ever since then I have been very vigilant about this kind of stuff.

      I was just having serious flashbacks when this happened, hence the overdramatic post.

      Like

  6. I have gone through similar situations. I followed the steps you have and also made sure I was logged out everywhere but my own device, I don’t own a computer or laptop. I’m sure everything is fine. It can be quite unnerving however.

    Liked by 2 people

    1. Lucky for me, I don’t ever log into anything that’s not my own device. (Thank you technology addiction and having to have it all for myself) That’s a really good point though to make sure you’re logged out from all devices and then log in only from your own device. Thank you for the tip/reminder.

      Liked by 1 person

      1. You’re welcome my friend! I admire your knowledge for technology. I do absolutely everything from this crappy Android. I’m grateful to have it though, at least I am connected to the world around me. I hope to purchase a laptop soon๐Ÿคž

        Like

  7. Unfortunately there have been LOTS of hacks lately! Now that the whole entire world is in lockdown, people have more time to be assholes and mess with other people. ๐Ÿ˜ฎ Sending good vibes your way.

    Liked by 4 people

      1. You are not kidding! I work in a place that has the police scanner running all day (tow truck dispatch) so we need to hear where accidents are… This morning the cops were called on a guy running around outside wearing nothing but a duffel bag. ๐Ÿ˜ฎ

        Liked by 1 person

    1. There was a no link to follow. It was just a notification from my phone saying “3 Failed Login Attempts”. Much like people get notifications of new text messages. If there was a link to change passwords, I would’ve been like…. yeah, okay, that’s not legit.

      Like

  8. Similar story for myself, in Dec 2019 I opted in for Disney plus, in Feb 2020 I checked my e-mail and somebody had requested multiple passcodes to change my password. This happened numerous of times even after the fact I called and told them about this privacy issue. I then just canceled it all about a few weeks ago and had them remove all of my information completely. So far no issues with them… except the same day I did that I received an e-mail from my Venmo, Pinterest, and an online boutique that an unknown user was trying to log in. I just continued to change my passwords … Really inconvenient and totally sucks! So I guess I have no set answer, just continue to check your accounts regularly and change passwords when needed.

    Liked by 2 people

  9. Just what you need with all of the other stress going on. I’m sorry you’re having to deal with this crap.

    I had a crazy thought… In one of your previous posts, you were talking about how your mother (reluctantly) used your computer. Do you think it’s possible that she tried to get into your email when you weren’t there? I don’t know why I thought about it, but it certainly would be easier if the call (hack attempt) came from inside the house (so to speak)? In any event, 2-step authorization is the way to go, and I hope this run of hack attempts stops. โค๏ธ

    Liked by 1 person

    1. My mom doesn’t know this email address.
      I break up my email accounts so that I don’t get an overwhelming amount of emails in any one account. So I have one for personal – that my mom and dad, brothers and family and friends know. Then I have one for applying for jobs – this is the one with the failed login attempts. Then I have one for this blog.

      Like

      1. It was a totally random thought, but it’s good that she doesn’t know that account. Not that she would try to hack it, but your mom sounds a little like mine, and I wouldn’t have put it past MY mom to try to hack my email if she wanted to know what I might be saying about her. I’m glad that’s not the case for you. ๐Ÿ™‚

        Liked by 1 person

      2. Your mom sounds maniacal. My mom’s bat-shit crazy, but she doesn’t do anything that’s like… behind the scenes. She’s very vocal about her distaste for me. lol

        Liked by 1 person

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s