Online Fraud, Safe Shopping, Internet Security, Identity Theft

My parents in NL got defrauded via a Wattsapp scam. Those are on the rise there.

Luckily all the money was recovered!

Those people pretend to be kids/family that need urgent help and they targeted them in Dutch, not sure if the UK has these going atm, but yet another sign everybody can fall for them.

How many login attempts to a wordpress website would be cause for concern?

I usually get about 10-20 per day. I use Limit Login Attempts Reloaded plugin on the site in question.

All attempts are usually in batches from a single IP which then gets blocked after x tries so I presume it's low effort automation rather than specifically being targeted. Anything I can do to ensure security? Password is pretty solid, though it's stored in Chrome. My Chrome password is also pretty solid as these things go and I keep an eye on where it's being accessed.

I'm guessing not but do you have anything like a WAF in front of the site that can limit access to only the IPs that need access to the login page?

I don't know much about WP but I presume it has its own way of limiting access to certain IPs. Can you lock it down further?

Another option is to move the login page to a different, non-standard URL (ie. not wp-admin or wp-login or whatever it is). That should get rid of a lot of bots.

Thanks (nerd).

The moving location is an obvious/free one I didn't think of so will look at that first before a firewall. Though yes, a plugin limiting to only my IP would be interesting too (presuming that for someone to either fake my IP or take over it I'll have bigger problems than who is accessing a WP site for a project I haven't shared yet).

I know some of the linux control panels have built-in IP restriction but I don't know what you can do with Wordpress (probs a plugin though). We generally don't have our admin login pages on things like /login.aspx or whatever just to stop bots finding obvious targets.

How many login attempts to a wordpress website would be cause for concern?

Oooh... one of my favourite topics.

Sign up to Cloudflare and use a Firewall Rule to protect /wp-admin if not from a certain IP (your home IP).

Done.

But otherwise Wordpress sites normally see massive login attempts in two ways:

1. Attempting to brute force the website
   
2. Attempting to brute force any ssh access
   
   

The first you can solve with a firewall rule.

The second, install fail2ban and configure that... if more than a few SSH attempts fail to auth in quick succession the IP of the client can be banned automatically for some period of time.

That's what I said.

:P

Savage way to find out he's blocked you.

Let's be honest, has anyone NOT blocked me? Even I'm tired of my posts. banned

What did hippy say?

He said: "I wonder how flammable this Middle Earth box is..."

Depends on the attack roll and maybe the Critical Strike roll.

I know enough about this stuff to chuckle at that. :)

My daughter has had 130 quid taken from her account in a series of Alibaba and Apple online purchases. She hardly uses the account, can't work out how her details were available.

Now 2-10 day wait to see if the bank will give her her money back.

Weirdly I got a confirmation to my email for a booking through booking.com. The name on the booking wasn't mine, but when I logged on to booking.com I was able to locate the booking using the confirmation number and pin in the email. That meant I was able to cancel it.

I don't store credit card details with them, so no payment was made, so I'm not quite sure what was achieved. I've changed my password and set up 2-factor authentication, but I have no idea if there's anything else to be done. I'm not sure if I need to tell booking.com, but they seem to be effectively uncontactable, so meh.

Anyone on here have a certain set of skills that would be useful in tracking people down?
Is that allowed?
I'm guessing prob not...

I will find you and I will kill you.

You're going to lie on top of him?

Only if there's consent.

So all of a sudden my computer seems a little all over the place - the Wiggle website just tried to talk to me in Romanian and a quick search on google shopping showed me items in russian/prices in rubles?

I normally have a VPN running but didn't start it up today after an update and all of a sudden I'm paranoid...! Checking my IP and location via a browser correctly shows me as being in London...

Edit: also looked up for a shop and google defaulted to suggest shops near Yekaterinburg, also in Russia…

Been meaning to do a full clear reinstall of OSX on that computer and this might just nudge me to do it now…

For anyone who is using LastPass and hasn't seen their recent blog, someone has managed to access the entire database of encrypted passwords in a breach in October.

If your master password is weak or is duplicated anywhere, then they may have access to your entire vault.

Mine is pretty secure but it's still the last straw for me and I'm off boarding to Bitwarden and changing 500 odd passwords now that they've been imported.