Well I hate to be negative and complain all the time but I think I deserve a pass for today as it was not a good time. Some people prefer to wake up peacefully and deal with stressful tasks later on, you know, have some time to let your mind hit realization of all the stress and filled schedule of the day but not this morning for me. I promptly woke up from a notification on my phone, a PayPal notification. Hmm I wonder what that could be. . . Discord has billed me for $99.
I woke up to a compromised discord account. But first let me tell you how this initially came to be. My computer has many issues with the network and tends to lose connection (Hard Wired) even after replacing a router, using WiFi USB and updating my drivers so it just became a common occurrence for me. This morning I had woke up randomly and saw that discord had been logged out, I didn't think much of it as maybe my loss of internet connection had caused discord to somehow log me out for security or something alike. Around five minutes later, I get the PayPal notification and my heart sunk, I've never had to deal with something like this so I had to work with the technical knowledge I had to minimize the destruction about to occur.
Immediately, I went onto PayPal and deleted all of my card information, the only real thing I knew I had to do to hopefully stop this situation. The hacker had went into my account and deleted my phone number so my first attempt at trying to get in had been curbed. However, I acted quick enough to use my email as a recover luckily and was able to get in. On a good note, none of my other settings were messed with and no messages trying to coerce my online friends had happened, that was quite frankly my biggest worry.
Somehow, I had not put on 2FA in which I could have sworn I had enabled. But nonetheless I have now turned that on, if you do not have 2FA on for anything that involves your money, do it.
All in all, I got away pretty dang lucky on this one with my nimble reactions and coordinated adjustments. Only one purchase actually went through and I am currently in the talks to get this taken care of (Haven't heard anything all day so I'm a little ticked at Discord). I don't want to involve PayPal just yet but I will act in the next day if I don't get any update. From the information I was able to gather, it's sadly something I won't really get justice for, as this came from somewhere in Portugal.
Some lessons I learned for Discord, and some things people can learn from if not already implemented.
*Don't use numbers in sequence
*Long passwords are better
*Slam your keyboard and save that as the password, nobody will get into that
*If you are going to use a weak password, enable 2FA for gosh sake
*Long passwords are hard to remember, but that's why KeyPass is a thing, save them somewhere encrypted