Am I safe ?

[BitcoinSupremo]

I just opened my email to check it as I do every day and I saw 3 different IP had logged in my SKRILL account. I immediately didn't change password but added 2FA Authentication for Skrill. There is no way they to have find my Google password as I have it with 2FA too.
Am I safe or should I also change the password ?

[1714092981]

1714092981

[1714092981]

1714092981

[1714092981]

1714092981

[1714092981]

1714092981

[1714092981]

1714092981

[1714092981]

1714092981

[Potato Chips]

I think the question is why not? The 3 different IP logins is an enough proof that you should be doing "everything" you can to secure your account.

Layered security is always recommended so that if A got bypassed, you've still got other protectors (B,C etc..).

[BitcoinSupremo]

I think the question is why not? The 3 different IP logins is an enough proof that you should be doing "everything" you can to secure your account.

Layered security is always recommended so that if A got bypassed, you've still got other protectors (B,C etc..).

I understand what you say, but shouldn't 2FA bypass the login password and should not let an intruder to log in. Probably the intruder wanted to withdraw some amount of money as my mining income I withdraw with Skrill and it is not little I have to withdraw as you can see from the addresses below. That was my luck now and I think to have stopped him with 2FA, will be quiet in one week to check if there are any logins from new IP-s again.

Addresses of my mining activity(which of course I don't mind sharing some of them)
https://blockchain.info/address/1KEe2CG6YEYAGQ8GjnKDyh6ATF4EA5hoxp
https://blockchain.info/address/1DBhYqKdZQFb86bY5LACzP7HYCw2A6fiFM

Did also change the password for a better security measure.

[npredtorch]

Now that you turned on the 2fa security, basically you're safe. In any case, never write the auth key in public and just keep it for yourself.

I'm not familiar with skrill specifically on how they send a notification for logs but, with that 3 logged in, was it a success or a failed?
If it was a success and your funds is still complete, maybe you've logged in on your own account with a different IP? on a different place or maybe you have a dynamic IP?

[BitcoinSupremo]

Now that you turned on the 2fa security, basically you're safe. In any case, never write the auth key on public and just keep it for yourself.

I'm not familiar with skrill specifically on how they send a notification for logs but, with that 3 logged in, was it a success or a failed?
If it was a success and your funds is still complete, maybe you've logged in on your own account with a different IP? on a different place or maybe you have a dynamic IP?

I know my IP as I have 2 static IP-s which I use one at home and one at work. All IP logged successfully but my Skrill had 0 USD in it. The intruder was just logging every several hours with the hope to find some btc deposited there through Electrum and to send to his Skrill email address. I think I am safe too now and as you see I have more than 1000 USD sitting there in my btc addresses, but I will withdraw them in December when that amount will be 10.000 USD or even more based on Bitcoin price.

[Mahanton]

Now that you turned on the 2fa security, basically you're safe. In any case, never write the auth key on public and just keep it for yourself.

I'm not familiar with skrill specifically on how they send a notification for logs but, with that 3 logged in, was it a success or a failed?
If it was a success and your funds is still complete, maybe you've logged in on your own account with a different IP? on a different place or maybe you have a dynamic IP?

I know my IP as I have 2 static IP-s which I use one at home and one at work. All IP logged successfully but my Skrill had 0 USD in it. The intruder was just logging every several hours with the hope to find some btc deposited there through Electrum and to send to his Skrill email address. I think I am safe too now and as you see I have more than 1000 USD sitting there in my btc addresses, but I will withdraw them in December when that amount will be 10.000 USD or even more based on Bitcoin price.

By just using up our common sense having those number of log-in attempts we would normally be worried or being alert. Good for you that you had set out 2fa,if not then say goodbye to your funds and thats why its always been suggested on all people to set out this security feature because we wont even know on when hackers would able to bypass or known our account details.It inevitable on some cases no matter how careful we are on securing our log-in details.For now you are safe but as i have read above you had changed your password which is a right thing.

[audaciousbeing]

Now that you turned on the 2fa security, basically you're safe. In any case, never write the auth key on public and just keep it for yourself.

I'm not familiar with skrill specifically on how they send a notification for logs but, with that 3 logged in, was it a success or a failed?
If it was a success and your funds is still complete, maybe you've logged in on your own account with a different IP? on a different place or maybe you have a dynamic IP?

I know my IP as I have 2 static IP-s which I use one at home and one at work. All IP logged successfully but my Skrill had 0 USD in it. The intruder was just logging every several hours with the hope to find some btc deposited there through Electrum and to send to his Skrill email address. I think I am safe too now and as you see I have more than 1000 USD sitting there in my btc addresses, but I will withdraw them in December when that amount will be 10.000 USD or even more based on Bitcoin price.

Its good that you have taken some precautionary moves to secure your account but for the mere fact that the account was assessed shows its vulnerable and I am sure if your account had some amount there, it would have been wiped out. While 2FA is a potent security measure to protect your account, for a targeted account, its not enough because an hacker can go ahead to intercept whatever code that would be sent and still access the account.

Instead of keeping your $1000 there to wait till December ( putting in mind every top notch security gets weaker by the day) why not keep it in an offline wallet that you know about alone after all keeping it on that platform or somewhere else does not stop bitcoin price from reaching $20000 or falling to $1000. #my opinion.

[BitcoinSupremo]

The bitcoin is secure, in an Electrum wallet but soon will transfer it to a hardware wallet. I have access only to that computer and it only has installed nicehash and Msi Afterburner. So it is free from viruses.

[semobo]

I just opened my email to check it as I do every day and I saw 3 different IP had logged in my SKRILL account. I immediately didn't change password but added 2FA Authentication for Skrill. There is no way they to have find my Google password as I have it with 2FA too.
Am I safe or should I also change the password ?

You know that there is a problem in your account that someone other than you tried to login to your account so change the password as well.But as long as you have enabled the two factor authentication the password is nkt only enough to login so if some got your password can't even login.
but change the password as well in my opinion.

[solarion]

I just opened my email to check it as I do every day and I saw 3 different IP had logged in my SKRILL account. I immediately didn't change password but added 2FA Authentication for Skrill. There is no way they to have find my Google password as I have it with 2FA too.
Am I safe or should I also change the password ?

Can confirm how many times you tried to logging into your wallet. I see the some log in attempt issue on various exchange but when I check the times I logged to wallet or exchange, both would be same thing mate.

If you add the Google 2FA security you do not need to worry about the security mate. Transaction, hacking all will not be a possible thing at all mate.
So do not worry about it mate.

[bL4nkcode]

It happens when you used the same email to register on any websites especially related to cloud mining sites or any related sites, they sold those email to any people/company/organizations. So if Skrill does have a feature to change email then try to change it since I can't assure that 2FA is enough, there are so many reports from exchanges or any sites related to crypto with the 2FA enabled accounts getting hack plus try to change your password to a strong one.

[npredtorch]

It happens when you used the same email to register on any websites especially related to cloud mining sites or any related sites, they sold those email to any people/company/organizations. So if Skrill does have a feature to change email then try to change it since I can't assure that 2FA is enough, there are so many reports from exchanges or any sites related to crypto with the 2FA enabled accounts getting hack plus try to change your password to a strong one.

@OP
Yeah, this must be it.
Your email might have recorded and listed on one of many untrusted sites (could be a re-seller of active emails).

Try to use https://haveibeenpwned.com/. Input your email and click on the pwned? button to check if your email have been breached.

[supermine]

It happens when you used the same email to register on any websites especially related to cloud mining sites or any related sites, they sold those email to any people/company/organizations. So if Skrill does have a feature to change email then try to change it since I can't assure that 2FA is enough, there are so many reports from exchanges or any sites related to crypto with the 2FA enabled accounts getting hack plus try to change your password to a strong one.

Yes,this might be the reason for the unknown login but I don't think they have the feature to change the email address,Am I right?

But I am little bit shocked that how someone can hack the two factor authenticated account without the authentication code it is impossible to login right?

[Lucius]

It happens when you used the same email to register on any websites especially related to cloud mining sites or any related sites, they sold those email to any people/company/organizations. So if Skrill does have a feature to change email then try to change it since I can't assure that 2FA is enough, there are so many reports from exchanges or any sites related to crypto with the 2FA enabled accounts getting hack plus try to change your password to a strong one.

Yes,this might be the reason for the unknown login but I don't think they have the feature to change the email address,Am I right?

But I am little bit shocked that how someone can hack the two factor authenticated account without the authentication code it is impossible to login right?

Nothing is completely safe,so neither 2FA does not represent complete safety.There are some methods that hackers use to hack / bypass 2FA.

I advise OP to change his password,e-mail and everything else that have any connection with that SKRILL account.It's always wise to have separate e-mail accounts for different services,in this way we can prevent hackers to know which e-mail is connected with certain service.

[GoldenLad]

Personally, one login attempt from a different IP that I know nothing of will make me change my password not to talk of three, I may sound paranoid but at least, it's better than lossing my money. Though, the Two Factor Authentication can give you a sense of safety, but  you shouldn't completely depend on it. Just to be on a safer side, take the advice here and change your password to avoid unnecessary stories.

[milewilda]

It happens when you used the same email to register on any websites especially related to cloud mining sites or any related sites, they sold those email to any people/company/organizations. So if Skrill does have a feature to change email then try to change it since I can't assure that 2FA is enough, there are so many reports from exchanges or any sites related to crypto with the 2FA enabled accounts getting hack plus try to change your password to a strong one.

Yes,this might be the reason for the unknown login but I don't think they have the feature to change the email address,Am I right?

But I am little bit shocked that how someone can hack the two factor authenticated account without the authentication code it is impossible to login right?

Nothing is completely safe,so neither 2FA does not represent complete safety.There are some methods that hackers use to hack / bypass 2FA.

I advise OP to change his password,e-mail and everything else that have any connection with that SKRILL account.It's always wise to have separate e-mail accounts for different services,in this way we can prevent hackers to know which e-mail is connected with certain service.

Thanks for giving out that link which i didnt expect even 2fa can really be possibly breach by anyone.The thing here is that we should really changed all informations like passwords and emails.Once it has being breached by someone then they do already know that they can possibly attached those informations into other possible account of yours. Making different emails for a certain account is suggested.

[SellBuyAcc]

I guess it is safe now because you already make the 2FA, you do not need to change your password I think.
Anyway, make sure that you make an account to some site do not include any words that you use in password because hacker might use all info that they might see there.

[Kemarit]

I guess it is safe now because you already make the 2FA, you do not need to change your password I think.
Anyway, make sure that you make an account to some site do not include any words that you use in password because hacker might use all info that they might see there.

To be in the safe side, I would rather change everything related to that account, because we all know that hackers is really one step ahead of us. I wouldn't mind doing everything in my power not to give any advantage to them. As @Lucius have shared, 2FA can really be breached, which is very scary to all of us. The OP is just lucky that he doesn't have any funds deposited on that account, otherwise it will be wipe out in a snap of a finger.

[BTCeminjas]

I guess it is safe now because you already make the 2FA, you do not need to change your password I think.
Anyway, make sure that you make an account to some site do not include any words that you use in password because hacker might use all info that they might see there.

To be in the safe side, I would rather change everything related to that account, because we all know that hackers is really one step ahead of us. I wouldn't mind doing everything in my power not to give any advantage to them. As @Lucius have shared, 2FA can really be breached, which is very scary to all of us. The OP is just lucky that he doesn't have any funds deposited on that account, otherwise it will be wipe out in a snap of a finger.

Yeah, why not to change everything related to his account if there are 3 attempts to his account that possible to be a hack.
Good thing there is 2FA added that a make strong our account security that not possible to hack by the evil people that want easy money to have. To OP, if I were in your place I change everything passwords and others just for sure.

[leowonderful]

2FA's about as good as you can get with the methods Skrill offers for account security, and I have yet to be hacked on any account with Google and Authy 2FA enabled.

In the future, try to not always use the same email address or password for signing up on websites, and if your email does show up on a site like https://haveibeenpwned.com/, change your password and make sure it's sufficiently long (I always use passwords longer than 15 characters). I get emails stating that some of my accounts on very old crypto services have been logged into from unusual IP addresses every now and then (the sites don't allow those IPs to login), and I change my passwords to something unique every time, and these alerts have almost completely stopped coming.