|
Title: MtGox Account Pending Review, Support Implies Compromised Account? Post by: Crazy on June 04, 2013, 08:14:27 AM Hey everyone, would appreciate some advice.
Yesterday I attempted to withdraw a small amount of BTC to handle some bills. To my surprise, I was greeted with the following message: "Your account is currently pending review, please visit https://mtgox.com/forms/verification" At first, I thought this had to do with their new push to "verify" everyone to comply with some new regulations that maybe I haven't heard of... I contacted their support staff via e-mail and asked why I needed to verify my account when I wasn't attempting to withdraw/deposit fiat, and I wasn't dealing with a large amount of BTC (<50). In their response, they told me I was accessing my account via TOR. Now, I know this wasn't the case because I never accessed my account using TOR, so I told them that. They continued on to tell me a TOR IP + an IP in China had accessed my account. I asked them... why wasn't I notified? If my account was flagged for suspicious activity, why wasn't I sent an e-mail or some notice to change my password? I didn't get a response directly, but was told that the red banner with "Increase your account security now by visiting our Security Center!" in it, was my notice. To me, this looked like a general bulletin. Why would I consider it a bulletin? Because it's under a general bulletin message about May 30th deadlines. If I'm wrong about that, please someone let me know. In any case, I asked for an IP log and received the following in an e-mail... my IPs are redacted but the "suspicious IPs" remain... Flagged for AML: IP address 37.130.227.133 110.90.187.153 2013-06-01 06:33:00 71.xxx.xxx.132 2013-06-03 22:02:10 96.xxx.xxx.155 2013-06-03 08:41:53 This list was followed with: "Could you secure your account quickly ? In order to avoid further none authorised connection ?" I changed my password and will proceed with the verification process regardless of my desire to refrain. Anyway, my question is... should I consider this response sincere, or is this a tactic they're using to force site-wide verification? I did some deep digging on my PC to see if I could spot any suspicious files, but came up with nothing. While I do visit seedy sites and maintain such company online, I've considered myself secure for awhile, so I'm hesitant to believe the response from support. In either case, I'll be formatting for peace of mind, but would really appreciate some feedback from the community. Has anyone else encountered this issue? Title: Re: MtGox Account Pending Review, Support Implies Compromised Account? Post by: Maged on June 04, 2013, 09:01:11 PM Get Google authenticator for your phone or buy the Yubikey. Clearly, your security practices aren't as good as you think they are, so do what you can to stop the inevitable theft NOW.
|