Question I need help? Someone tried to login to my Bet365 account yesterday and it got locked?

[DreamRJ]

Can someone help me please?

For some weird reason I tried to login today and it said incorrect login details so I did the reset password and then I was able to get back into my account.

Here comes the weird part. When I got back into my account I went to live chat and asked did someone try access my account and that is why I was unable to today and had to reset my password and they said someone tried to login yesterday and the automatic 3 failed attempts locked my account.

So I want to know how or why would someone try and login to my account? The first thing that comes to my mind is they wanted to get all my personal details? phone number/name/address etc?

But then my question is how did they know my email or username and if I had an account at Bet365?

I did a malware scan just now and no threats found on my PC either.

But I am seriously worried.

Do I need to be worried?

 

[dunover]

Sounds like a hit or bust go - they didn't have access to your e-mail but had maybe seen your u/n around. So had a few goes based around the u/n by say adding a 1 or 2 to it thinking you might have used it as a pw too like many (unfortunately) still do.

 

[megadam]

I'd check if you email isn't part of a recent password dump/leak. haveibeenpwned will let you check if your email is part of any compromised lists, if it is likely a bot just chancing it's arm using your email across every/any service with any known associated passwords.

 

[DreamRJ]

Ok thanks for replies. I did check that and nothing was found for bet365 and my email etc. So just concerned more than anything.

 

[satchnz]

Could be any number of things from someone peeking through your window as you log into b365, to someone with a very similar username to yours misspelling theirs and not noticing until they tried their password three times.

Much more likely to be the latter, and I wouldn’t worry unless it happens again.

 

[MichaelN]

I think they tried to hack it, but there's no access to the mail, so you have to be careful.

 

[L&L-Jan]

@DreamRJ happens a lot more lately, same here. One thing I had noticed, all attempts are on accounts that you can find here: Have I Been Powned.

So you are only safe if you make sure, any leaked PW is outdated. Keep a unique PW for all your online logins.

Friday I changed the login for a player because her account keeps getting locked. Did a search: over like 180 breaches, her email, name, pw etc was found in over 180. FYI: Normal customers who have this issues, I can find in like 10 - 15 breaches max. There it remains like 1 attempt.

Obv each breach is sold to a different buyer on the dark web with different intensions. So if its only your bet365 account, your probably very safe.

Cant remember if you hold an account with us, but if you do I can check if potential hack attempts occured on the account(s). Just send PM with username and ill pick it up.

 

[DreamRJ]

@DreamRJ happens a lot more lately, same here. One thing I had noticed, all attempts are on accounts that you can find here: Have I Been Powned.

So you are only safe if you make sure, any leaked PW is outdated. Keep a unique PW for all your online logins.

Friday I changed the login for a player because her account keeps getting locked. Did a search: over like 180 breaches, her email, name, pw etc was found in over 180. FYI: Normal customers who have this issues, I can find in like 10 - 15 breaches max. There it remains like 1 attempt.

Obv each breach is sold to a different buyer on the dark web with different intensions. So if its only your bet365 account, your probably very safe.

Cant remember if you hold an account with us, but if you do I can check if potential hack attempts occured on the account(s). Just send PM with username and ill pick it up.

Was that bit being sarcastic? you know I hold accounts with your brands Jan haha.

I will be back to playing at All British in a few days. IT is also my birthday on 11th November. Hint hint wink wink haha.

Anyway yes for sure you can check for me.

 

[Webzcas]

Funnily enough just been having a similar chat regards online security with my 17 year old son.

Everyone needs to ensure that you use unique passwords for ALL sites and email accounts you own and access. Therefore if one is compromised, your other accounts are still safe.

Also employ 2FA on all accounts that have this facility. Ideally do not use text / sms message as a 2FA option, use something like google authenticator.

With regards your mobile phone. Ok you have a pin code and touch / face id enabled, brilliant. What about your actual sim card for those that do not use e sims ( Vast majority of people )?

If someone has your sim card, they have access to your phone number. Password protect your physical sim card.

I have read and heard horror stories of people having their phone stolen, whilst they were on it and minutes later, their bank accounts have been emptied.

You can never ever be too paranoid about security.

Lastly, use a decent password manager or even better go old school and do what I do. Use a local excel sheet, password protected of course and store all your passwords in there.

For added security this is stored on my NAS which has RAID 5 redundancy and is backed up every night to an encrypted external drive. This external drive is then swapped with another every month which is stored off site.

Yes the above may all seem extreme, but if you value your data, your online accounts et al, then you can never be too secure imo