Well that was wierd: Reddit email

So I woke up from a siesta and found an e-mail titled:

"Please secure your Reddit account by resetting your password."​

I chuckled and put it in my SPAM folder wondering why it didn't go there in the first place. So I did some other chores and came back later. Always assume every link and the header are spoofed. So I was going to dump the text version. But first I asked Mr. Google about Reddit.

Using a Google link to Reddit, I requested a password change and sure enough an e-mail showed up so I changed the password. Then I logged in to check activity and found:

IP address Location Last Visit Organization
216.186.138.42 United States 2 minutes ago WideOpenWest
188.72.126.99 Germany 19 hours ago Trusov Ilya Igorevych
5.101.218.56 Russian Federation 27 days ago net for depo40.ru
91.242.217.227 United Arab Emirates 27 days ago Atigaservices-as
95.181.217.54 Russian Federation 27 days ago DepoDataCenter
5.62.155.17 Russian Federation 27 days ago DepoDataCenter
5.189.201.240 Indonesia 27 days ago Petersburg Internet Network ltd.
146.185.202.95 Russian Federation 27 days ago net for depo40.ru
5.8.47.112 Poland 27 days ago net for depo40.ru
5.189.203.98 Singapore 2 months ago Petersburg Internet Network ltd.​

Yeap, it looks like the bwilson4web account password was hacked. When is about "2 months ago". Where and how, let me count the ways.

No my hair is not on fire and I'm not rushing about changing my important and toy account passwords. But I notice two-factor authentication is becoming 'a thing.' I am OK with using e-mail but have no tolerance for cell phone number harvesting.

Oh well, a different problem from my normal fun-and-games.

As for that first e-mail, tainted, it is poison to me but the subject line is OK. If anyone sees a 'stranger than normal' posting ... just assume a hacker got it and move on. <GRINS>

Bob Wilson