I’m not sure where to ask this question (I tried search engines but did not get an answer)
My phone received multiple codes that are from the 2fa set to protect online accounts. Obviously this shows that it helped stop someone from hacking into one of my accounts.
My question is, how do I find out where they came from? There is no identifiable information in the 2fa text itself. I have multiple accounts set up with this security feature.
I believe I should now go in and change the password on that account, but I don’t know which one it is.
Does anyone know how to reverse engineer where the 2fa code came from?
Could be a phising attempt. Were there any links in the SMS?
Or maybe someone just entered the wrong (your) phone number.
Probably safe to just ignore, if you want to be sure change the passwords for your most important services.
This is all I received. No other identifiers in the 2fa notices. I was hoping to find out what account they came from to change the password. This makes me think they know my username, password but were unable to get passed the 2fa code sent to individual cellphone. I still want to change the password if I could find the correct account.
Tbh I would just ignore that, unless you have an additional reason to believe your accounts were hacked.
Here is some advice I just found while searching. Seems good to follow:
“In general, take it as a sign to be more vigilant. An unrequested verification code is a giant neon sign saying, “Someone is trying to sign in to your account!” That means your username and password could be compromised.”
1 Like
One very odd thing is that both the texts offered the same 6 digit code. If this truly was to attempts to log into one of my accounts, and they were requesting a 2fa code to be sent, wouldn’t it have been two different 6 digit codes?
Also it didn’t specify the service that it was for
Have you checked https://haveibeenpwned.com/ to see if any of your account have been breached in the past ? If you reuse password, this might allow someone to try your user and pass on another website.
Thank you for this. Checking now.
Smells of phishing. The camel case in the first sentence looks odd. And other points people made. Most reputable places would identify themselves - at least those who send them to me do. Ie: “Your {bank name here} code is… Do not give this out to others if you did not request it.”
I’d imagine they’d hope you’d reply back, which then would probably bring additional questions of sending a copy of your ID, etc etc.
Be vigilant though.
That is interesting and very probable. Thanks.