That was all wiped out this past December, when we discovered that our account had been hacked and some random stranger drained our entire rewards account to nothing. We are talking about $6,000.00 absolutely gone. I can tell you it knocked the wind right out of me. My husband and I were in complete disbelief as we processed what happened. We tipped-toed around the children, frantic whispered conversations, as we tried to keep them from hearing the terrible news.
How did it happen? My email account was hacked. That's it. By somehow guessing my password, the thief was able to go through my emails and glean little pieces of information that would guide them on best how to steal from me.
Not only was my rewards credit card hacked, they also managed to log into my rarely used Ebay account and set up a number of fake auctions. In that case Ebay was suspicious and shut down the auctions. Can you imagine the liability I would have been under if the auctions had been allowed to go through?
Fortunately, my email provider detecting some unusual activity going on in our email account froze our account and called to inform us. By that evening, with a new password in place, I began to get a series of emails "thanking" me for my purchases. It turned out a woman in Ontario had been purchasing gift cards on my rewards card for months. Because of her access to my email account, I had never received any of the previous emails that would have alerted me that something was up.
We've been dealing with the credit card company for months. Since actual money wasn't stolen from us it seemed at first that they were not taking this matter seriously. Even despite the fact that we had this woman's name and address from the emails. According to them, they have never heard of this happening and insisted that we must have given out the information in a phishing scam.
However, after many phone calls, we finally have received our entire reward point balance back onto our card. I can't tell you how thankful and relieved I am. This is something you always think of happening to someone else but after being hacked several times this past year, I realize that no one is safe from the jerks of the world who have nothing better to do than screw over the little guy.
This is what I've learned and my tips for keeping your information as safe as possible.
#1. Do not use the same password for more than one account. In our case, we used the same password for our email, ebay and the rewards site.
#2. Do institute 2 Step Verification. This is where you use your cell or home number as back-up. Whenever someone requests a password change, you will get a text with a number that has to be entered before the password will be changed. If you didn't initiate the password change request, you know something is wrong. My Apple ID account was hacked twice. The first time I meant to set up the 2 step verification but I didn't get around to it. I did change my password to something I thought would be difficult to guess but less than a month later, my account was stolen again. That time I definitely set up 2 Step Verification and I haven't had any problems since. Gmail and Facebook also offer this service.
#3. If any of your accounts get hacked, change your passwords to everything! You have no idea what information the hackers may have gleaned from your accounts that will help them guess your passwords. I was advised to change my email password back when my Apple account was hacked but after spending 20 minutes on hold with my email provider I gave up and meant to call back again. I wish I had.
#4. Make your passwords tough. I know it's a pain using uppercase, lowercase and symbols but if it makes a hacker's job more difficult, it's worth it.
#5. Make sure your anti-virus program is up to date. You do not want to run the risk of getting a virus. Even if you have had a virus and cleaned it up, it it still possible for it to remain on dormant your system for years.
Sure my life has gotten just a little difficult with all the password changes. It's hard to remember all my account passwords and their variations so I've had to create a password book. However, if it keeps my information safe, it's worth the trouble in the long run.
How about you? Have you ever been hacked? Please share your story in the comments.