Originally Posted by
Nazdoom
Any idea for the rest of us sitting ducks on how you think they got access? Did you log in through any email links or download any new software?
Curious, do you know if they changed your Aeroplan password in order for them to log in?
Do you remember logging in with your Aeroplan number while on any public wifi recently, say in a lounge or airport or Starbucks?
If not phishing, I'd assume they got in was through discovering your email password. Any idea how that could have been compromised?
Hopefully better awareness of how this is happening will prevent further victims
They did not change my Aeroplan password, nor did they change the email address to which Aeroplan sends marketing and ticketing emails. They did add a hotmail address of their own to the ticket file for sched changes.
I use the Chrome browser. The browser populates my user names and passwords for most sites. I think this was the Achille's Heel of my internet activities. If someone knew my Google username and password, all password fields would auto-populate, and my Gmail would be an open book. It had been over a year since I changed my Google password...my bad. (Yup, I changed it last night).
I'm sure it's not from phishing. I don't click on any links from emails. I open a browser window from the site's homepage (that I type into the browser address bar) and proceed from there.
I have used public wifi (United Clubs, Gaylord National Harbour) recently. I usually use ipVanish VPN when utilizing public wifi, but sometimes when I use the VPN my downloads/uploads go to zero (seems to depend on the public wifi network)...so I have to turn it off....and I can't watch Netflix/Hulu with a VPN on...so that leaves my computer open/vulnerable while wasting time in airport lounges watching streaming media.