I came from Southeast Asia on May 2022 for work. The first day I got here, my company paid for me to stay in a hotel for a week (COVID quarantine). That first day, my Instagram was hacked immediately (is it because I used the hotel’s wifi? Note I didn’t have any SIM card yet) and my account started posting crypto advertisements. Luckily I noticed quick enough and my friends were also contacting me.
After that, I moved to my apartment. The second month I was there, all my Gmails were compromised, it started sending scam emails to people I don’t know. Again, I had to change all the passwords.
The fourth month I was in Japan, my credit card (it acts like a credit card but functions like a debit card) was compromised but fortunately I only had 10,000 yen at the time, and everything was lost. If I’m not mistaken it was on behalf on Youtube but a fake provider I guess? I never made transactions on Youtube nor Google. I contacted the bank and they could return it to me because the funds weren’t eaten up yet.
Now lately (for the past 6 months) on my Whatsapp, people with international numbers from US, Hongkong, China, Bangladesh, etc. started contacting me with work-related messages. “Hey I’m X from Y, would you be interested in working here?” It was my Japanese phone number, I just changed it in 2022, and I was really careful not to input my phone number information to any websites etc. aside from the really necessary ones. Company leaks? My friends also had a same experience on Whatsapp.
Note that my email, social media accounts, etc. all have 2-step verification on at all times. When I was in my previous country, I was always putting in information at all times carelessly but I never had anything like this. Am I the careless one? Is it Japan? What is wrong?
16 comments
Not to be offensive, but it sounds like it’s a you problem. Maybe you are making some critical security mistake.
I can’t recall hearing about anyone who got genuinely hacked or had their card skimmed or similar here. Yes, there are shady companies and establishments which will try to scam you, but that’s different, and you can avoid them by using common sense.
EDIT: Maybe all your issues are linked to the same one time hack, and they are all linked.
It’s you.
Whatsapp “online job” scams have been around for a while. Since Whatsapp is linked to your phone numbers, scammers just iterate over the numbers and send those messages.
It seems it is a fairly classic chair-to-keyboard interface issue.
As everyone is alluding to, it’s not that attacks are more or less frequent here. One thing you should look into is not about your “accounts got hacked” it’s more like “your device got hacked”. Simply put, if your computer or phone got hacked, it doesn’t matter how many times you switch your email password or whatever, whoever got into your device will spy on you and undo any protection you do. You need to think seriously about wiping out all your devices and then start again.
Unless you’re a very powerful individual, it will not be the country.
You know it already but it’s a you problem. Reset (wipe/replace/factory reset) all your devices and your accounts. And then use a password manager. Very likely one of your devices is compromised.
I get similar messages on Whatsapp around 2 times a month. Just block. Likely your number was on Facebook or LinkedIn or something similar and has been added to a scraper list. That list is used to mass send millions of people the same spam.
>I was always putting in information at all times carelessly
###
>Am I the careless one?
mods, can we start just deleting these posts ASAP? maybe increase karma requirements to post threads? these are getting out of hand.
It’s not Japan, more than likely: it’s something you’ve done/used. Where did you get your phone or computer?
I’ve had a [former] Twitter account hacked once, but I was only using single-factor authentication. That was, I guess, a lucky guess on the part of the hackers—I had an account early in the life of the service, and my username was short and likely one picked by many.
Otherwise, I’ve had some hacking *attempts* on servers, but they were all from Russia.
Lol sounds more like you have malware on your PC. I’ve never had that happen
Seems like you are really bad with your internet security. What kind of weird sites have you been to?
Of all the threads we get from people blaming Japan for things that happen to them, this has to be one of the most hilarious I’ve seen so far. No it’s not Japan, it’s you. You’ve done something and been majorly compromised across the board.
Your accounts are compromised. Do you perhaps use the same password for multiple accounts/services?
I’d be rebuilding/reinstalling all Operating Systems and resetting passwords afterwards to make sure to clear out any malware.
Use something like LastPass to generate unique passwords for each account. Use two factor authentication wherever possible to minimise risk.
This is not a Japan problem, this is a personal poor online security practice problem.
Hi,
Instagram unlikely to get hacked because of ‘hotel Wi-Fi’. [They use a thing called HSTS](https://securityheaders.com/?q=https%3A%2F%2Fwww.instagram.com&followRedirects=on) to ensure [end-to-end secured connection that bypasses Wi-Fi](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security). On most modern browsers, [you just can’t connect to Instagram insecurely.](https://hstspreload.org/?domain=www.instagram.com).
The main way this kind of thing can be hacked is (a) phishing sites (basically someone sends you to their own different website made to look the same and gets you to enter the password and MFA there), or (b) compromised device.
I’d normally lean toward phishing, but given the range of issues you’ve been having, compromised device seems plausible. Check you main devices (e.g. antivirus scan). Older devices (e.g. old phones that can’t be updated, jailbroken devices with ‘free’ apps, old Windows XP/7 devices or devices you never update) much more vulnerable – update if possible. Also look out for malicious browser add-ons/extensions.
WhatsApp thing sounds like unrelated noise. Most likely, attackers just hit all numbers in a range.
MFA is a great move. Keep doing that. Make sure you don’t repeat passwords across sites. A good password manager can be very helpful, but do first make sure your devices and browsers are secure.
Do you use the same email and password everywhere? If so it’s that. >90% of “hacked accounts” are caused by this. Some site with shitty data security got legit hacked and your password wasn’t encrypted or something and then it got sold to everybody who thinks they are a hacker.
Got check out haveibeenpwned.com
Source: this is my job
I started randomly getting spam whatsapp messages on my Japaness number too! I assumed some company that had my phone number had a data leak or something. I’d never gotten a single spam whatsapp message and ten bam from about 3 months ago I started getting multiple a week