Guys, I'll make this as short as possible. About a month ago the Seeking profile I'd been using for many, many years got hacked in some weird way. Most notably, there appeared overnight about a thousand new entries on My Favorites list of SB profiles all over the country which I had seemingly favorited while I was sleeping! The result was I was banned from the site, with no recourse. Claiming "suspected fraudulent activity", my account was deleted and I was told not to inquire because all inquiries would be ignored. My repeated attempts to contact Seeking Support finally received an apologetic reply saying their policy is to simply delete all profiles suspected of suspicious or fraudulent activity. Also, due to their commitment to customer privacy, they would not, could not, investigate the problem. They acknowledged that sometimes legitimate users get caught in this process and advised me to create a new profile with a new email/username combination. The balance of my unused Premium Membership $ would be refunded and I should pay for the new account with a new credit card. I did all that. My new Premium account went live and I began using it.
I used the new account successfully for about 3 weeks. Yesterday the exact same thing happened. A thousand or so, new additions to My Favorites list appeared! Again my account was deleted and I was instructed to create a new one. I did so. This second new account went live in Standard mode, browsing only, until payment for Premium status was accomplished. This time, Seeking support instructed me to inform them of my new email/username combination and they would simply apply my unused $$ to the new account. I did so. While waiting for them to upgrade my account to Premium, I once again received the dreaded "your account has been deleted" message, "due to suspicious or suspected fraudulent activity." The account was only live, in restricted "Standard" mode, for a few short hours before it got deleted. So I never had a chance to even use it, let alone commit any suspicious or fraudulent activity.
That's where things stand as of now. I have reported all this to Seeking support and asked them for guidance, but I'm not holding my breath. My first profile was in use for nearly 2 decades, my second was in use for 3 weeks, and my third for about 4 hours! Does anyone of you guys know what I should do? Am I being attacked by some malicious person? Is a bot of some sort infecting Seeking's software? Would a professional webmaster take one look at this situation and say, I know exactly what this is? Should I enlist a few Priests and a Rabbi to perform an exorcism on my computer? Maybe a witch doctor too for good measure? I am at a loss. I obviously can't create a new email/password combination every day, especially now that it's proven to be an exercise in futility. As I think you all know, Seeking has been an important part of my life for a very long time. I don't want to lose it.
What are your factors common to each account? Credit card? Specific device? IP address? Is it possible spyware is installed on your machine?
Hey buddy, thanks for these questions. With the new account I created a month ago I made sure there were no common factors. I created a brand new email address on protonmail, new password for Seeking, used all new text in the profile as well as new photos, paid with a different credit card, etc. I also updated my Kaspersky malware protection which has detected no spyware on my devices. I don't know what you mean by IP address, but I did download and use a VPN.
Wow. That is a great, if worrisome, suggestion. Sweetman: Do you have malware / spyware protection on your computer? Maybe go to a reliable computer security company near you.
.
My only "negative" against this idea depends on whether uses his computer for more valuable stuff. I.e., if you were a hacker who hacked his credentials using spyware, would you annoy him with SA disruption or would you empty his bank accounts and buy a bunch of stuff on-line but have it shipped to your PO Box in Russia?
.
Sweetman: are your non-SA accounts secure? Any evidence of hacking?
.
Rockford: If he gets a security dongle, hackers might still get his keystrokes using a key-logger program but can the also capture and use encrypted dongle-to-SA login info?
What are your factors common to each account? Credit card? Specific device? IP address? Is it possible spyware is installed on your machine?
I'm no expert on SA (and I don't have an SA account) but two solutions come to mind, based on mainstream sites:
.
1. http://en.wikipedia.org/wiki/Multi-factor_authentication
You might be familiar with the idea already. When you log in to your [bank, investment, email, etc.] account, they send a (usually) 6-digit code to your cell phone as text or your email address as an email message or sometimes a phone call with a computer voice speaking the digits to you. You usually set up that option from your [bank] account Security Options page or sometimes you choose the radio button (o) text (o) email (o) phone call from the login page ... but the phone number and email are already registered in the Account info, not entered during the login.
.
The idea is the person logging in ALSO has to be holding your phone in their hand to read the code and type it in to the computer. The hackers probably cannot "steal" or redirect SA's text message to your phone. If you get a text message with the code but are NOT trying to log in, it screams, "SOMEONE IS TRYING TO LOG IN TO YOUR ACCOUNT!! Contact SA with date/time of this text!!"
.
Oh ... some messages that pop up on your phone app are more like, "Are you trying to log in? Click [Yes, it's me] or [NO, it isn't me!]" Be careful NOT to hit Yes to allow the log in IF IT ISN'T YOU!!
.
DOES SA OFFER A MULTI-FACTOR AUTHENTICATION OPTION?
.
2. Some companies offer added security using a HARDWARE security key (dongle).
http://www.techradar.com/best/best-security-key
http://www.pcmag.com/picks/the-best-security-keys-for-multi-factor-authentication?test_uuid=00yyZwi7Jhwj42oJG5A1uwg&test_variant=b
.
The big on-line companies offer them at NO COST to customers who have been hacked.
.
Roughly, the company [bank, AOL, Omaha Steaks, ...] sends you a thing that looks like a small USB drive to your physical USPS or FedEx address. When you log in to the site, the USB thing must be connected to the computer while you are logging in and are connected. Needless to say, hackers would need an EXACT clone of the dongle which has a lot of encrypted, hard or impossible to crack code on it.
.
I know someone who's email was hacked many years ago and the dongle was the best solution for them.
.
Hmmm ... it seems like you can create your own USB Security Key device even if SA doesn't offer it directly. You buy one from Amazon or whatever and program it with info relevant to your SA account login. SA has to get the typed in log in info AND the encrypted info from the dongle to complete the login. I think. Can anybody explain that better, please?
.
ASK SA TO OFFER YOU A MORE SECURE OPTION, such as (1) or (2) above. It is likely that other users would like it, too, even if they haven't been hacked YET. It would keep SOs, family members, co-workers, et al. from using their computer and "accidentally" logging in. If you let a co-worker use your computer and they snooped around and tried to log in to "Sweetman's Special Account" and they guessed your username AND maybe even guessed your password ("Hmm, ... his childhood pet's name was Rover ... let's try that. ... Aha! I'm in!"), they would still need the text message code or dongle or whatever to access the account.
.
Others might know of other current security options for SA to offer.
.
Good luck.
Guys, I'll make this as short as possible. About a month ago the Seeking profile I'd been using for many, many years got hacked in some weird way. Most notably, there appeared overnight about a thousand new entries on My Favorites list of SB profiles all over the country which I had seemingly favorited while I was sleeping! The result was I was banned from the site, with no recourse. Claiming "suspected fraudulent activity", my account was deleted and I was told not to inquire because all inquiries would be ignored. My repeated attempts to contact Seeking Support finally received an apologetic reply saying their policy is to simply delete all profiles suspected of suspicious or fraudulent activity. Also, due to their commitment to customer privacy, they would not, could not, investigate the problem. They acknowledged that sometimes legitimate users get caught in this process and advised me to create a new profile with a new email/username combination. The balance of my unused Premium Membership $ would be refunded and I should pay for the new account with a new credit card. I did all that. My new Premium account went live and I began using it.
I used the new account successfully for about 3 weeks. Yesterday the exact same thing happened. A thousand or so, new additions to My Favorites list appeared! Again my account was deleted and I was instructed to create a new one. I did so. This second new account went live in Standard mode, browsing only, until payment for Premium status was accomplished. This time, Seeking support instructed me to inform them of my new email/username combination and they would simply apply my unused $$ to the new account. I did so. While waiting for them to upgrade my account to Premium, I once again received the dreaded "your account has been deleted" message, "due to suspicious or suspected fraudulent activity." The account was only live, in restricted "Standard" mode, for a few short hours before it got deleted. So I never had a chance to even use it, let alone commit any suspicious or fraudulent activity.
That's where things stand as of now. I have reported all this to Seeking support and asked them for guidance, but I'm not holding my breath. My first profile was in use for nearly 2 decades, my second was in use for 3 weeks, and my third for about 4 hours! Does anyone of you guys know what I should do? Am I being attacked by some malicious person? Is a bot of some sort infecting Seeking's software? Would a professional webmaster take one look at this situation and say, I know exactly what this is? Should I enlist a few Priests and a Rabbi to perform an exorcism on my computer? Maybe a witch doctor too for good measure? I am at a loss. I obviously can't create a new email/password combination every day, especially now that it's proven to be an exercise in futility. As I think you all know, Seeking has been an important part of my life for a very long time. I don't want to lose it.
-- Modified on 4/4/2023 4:31:47 PM
Thanks for these ideas. No, Seeking does not offer two factor authentication. The dongle idea is new to me and sounds like a great thing. Seeking does not offer it. But if I understand what you are saying, if I had a dongle I would have to use it every time I logged in. That would not be much of an inconvenience,. Moreover, if my account experienced the same problem, it would be proof that the problem was not on my end, but was in fact on Seeking's end. Is that a fair assessment? Seeking does not offer a dongle option but you seem to think I could use one anyway, right?
I'm not an expert on this so I hope that someone else can post reliable info here. Also, you can check with your local IT helpers and just put it in the context of "... my bank account" or "... my Amazon account."
.
So, the OLD dongle I'm thinking of was preloaded by the Big Company, e.g., AOL or Your_Bank. The encrypted stuff matched their internal services so the newbie, non-technical customer didn't have to do anything other than plug it in. The little bit I've read about the newer do-it-yourself dongles appears to be a way to pay-for-it-yourself and follow the instructions to secure each site you want to secure. BEFORE trying SA again, I'd suggest trying an account where there is better tech support, maybe your bank or similar. Just tell them you're concerned about being hacked and want to set up and use a dongle. Once you've worked out how to secure the bank account, THEN try signing up and securing another SA account.
.
Also note that many of those dongles are small, portable, and can be carried on your key ring so you can pretty much use them anywhere, even on someone else's computer, ... I think.
.
If you also use an SA app on your smartphone, it looks like some of the dongles are USB-C that can PROBABLY be used on a PC (or Mac) with a USB-C and ALSO on a newer smartphone that has a USB-C charging/data connection (instead of the older Micro-USB).
.
Good luck! Please let us know what you find out or ask here for more detailed (and reliable) help!
Thanks for these ideas. No, Seeking does not offer two factor authentication. The dongle idea is new to me and sounds like a great thing. Seeking does not offer it. But if I understand what you are saying, if I had a dongle I would have to use it every time I logged in. That would not be much of an inconvenience,. Moreover, if my account experienced the same problem, it would be proof that the problem was not on my end, but was in fact on Seeking's end. Is that a fair assessment? Seeking does not offer a dongle option but you seem to think I could use one anyway, right?
Guys,
Seeking DOES have two-factor identification, if you go into settings and security. It is only offered when you log in from a new device. Oddly I have it enabled but haven't gotten anything recently (maybe still using same devices).
It also offers verification from Google Authenticator, which I have not used but which could be an option.
Rockfordfile, Imposter, Scaramouche, thank you guys for thinking about my problem and offering your ideas. I appreciate it immensely. My malware protection is up to date, I've got Kaspersky running on all my devices: Desktop pc, laptop pc and android phone. I was unaware that Seeking has 2FA. My plan now is to create yet another account, with my VPN turned on, using a new email/password combination, and as soon as I do so, activate the 2FA before I even pay for Premium status. I'm not certain they would send me a verification code after creating a new account. If they don't, I will change my new password in order to trigger the 2FA response.
If I do this, and once again experience the same problem even after taking these precautions, wouldn't that indicate that my accounts/devices have not been hacked, but SA has been?
I agree that it makes no sense for a hacker to go to the trouble of messing with my SA account. But I've seen zero other suspicious or fraudulent activity of any sort. To me, this argues that my devices and my account were NOT hacked, but instead, that Seeking was hacked and they won't acknowledge the fact. Does that seem correct? Where are Seeking's servers located? If they are outside the US, they might not feel compelled to be transparent about data breaches.
Th dongle idea is fascinating. I'm going to do some research on the subject cuz I know I don't understand it. If my account could not be accessed without plugging in a dongle, that would seem to offer a lot of protection. Anyway, thanks guys, I'll keep you posted.
Suggest trying Malawarebytes and looking for a trojan horse virus. They sometimes can be difficult to uncover. A trojan can easily be monitoring your key strokes. No matter who many times you changes things, you will just give the trojan the new information.
Good luck!
...and we're not talking about the Trojans we all know and love! I have relied on my wife's expertise (she's a retired computer professional) to install security on our devices. She recently upgraded our Kaspersky subscription. I will ask her if that has Trojan virus protection or if we need Malwarebytes as well.
I had a PC with a trojan and McSafee could not find it. Malawarebytes did (on the second try).
Personally, I do not trust Kaspersky.
When I knew more about computers than I do now, I know that I routinely ran more than one protection software. I even remember a case on a Mac where I knew the virus from the activity and tried a few things but -- with advice from usenet -- Malwarebytes was the only software that had figured out how to find it and remove it.
.
But getting back to the current circumstances, please correct or advise on the following:
EVEN WITH A KEY LOGGER OR SIMILARLY EFFECTIVE TOOL, the hackers will know sweetman's username, password, and his keystrokes picking out POTs and his messages to them. HOWEVER!
1. If using 2FA via text message to his cell phone, hackers will not be able to get past the "Enter the code from the text message here [ _ _ _ _ _ _ ]."
2. If using 2FA via EMAIL to his email, hackers might already know his email account, username, and password. From their classroom in Moscow, they could log into his email, enter the code into the SA login, and delete the email and s-man would not know about it. I.E., DO NOT USE EMAIL DELIVERY OF THE 2FA SECURITY CODE.
3. If using 2FA via phone call, it should also be OK, like a text message, assuming the hackers can't redirect the phone call to Moscow.
.
4. If using a security dongle, is there any way for hackers to access and download the "contents" of an attached dongle? If I was writing a script for a bad spy movie, the hackers would be able to see that a "device" (dongle) was attached to a USB port and is now Drive:X. They enter commands to copy everything on Drive:X (the dongle), compress it, and ftp it to their computer in Moscow. Now they can complete their unauthorized login. ... Or am I leaving out important steps?
.
I.e., if s-man is using a dongle, do the hackers have any way to log in if they have s-man's username and password but do NOT have the actual dongle?
Suggest trying Malawarebytes and looking for a trojan horse virus. They sometimes can be difficult to uncover. A trojan can easily be monitoring your key strokes. No matter who many times you changes things, you will just give the trojan the new information.
Good luck!
http://themerkle.com/top-6-types-of-biometric-authentication-we-may-all-use-soon/
Top 6 Types of Biometric Authentication We May All Use Soon.
-- Modified on 4/8/2023 6:52:57 PM
Thanks so much for thinking about this and taking the time to share these ideas. I will ONLY use 2FA from my phone! As for the biometric login protection, in all the spy movies I see, the bad guys have already killed the good guy and chopped off his finger or head to use for the bioscans! Extreme need calls for extreme measures, and if you need those bioscans in order to get into the vault full of gold or get the nuclear codes to start or stop WW3, then what's one little murder compared to the magnitude of the task at hand, right? But it makes me think all over again, there's no benefit to My Hacker in doing all the crap I've experienced. Why bother?? I still think all my problems with SA are due to their internal software fuckups, not an outside hacker. And I have evidence! More on this tomorrow, meanwhile, Happy Holiday weekend everybody, I'm going to chill out and ride my motorcycle all day.
I think that your VPN might be logging you in from a different country or State each time you log in thus triggering the spammer bot in sa and kicking you out
That's an interesting theory. I thought VPNs worked to anonymize your IP address which would hide your identity, not trigger a spammer algorithm. When this mess all started I was not keeping very complete notes. So I don't recall if I used the VPN consistently or not.
VPNs protect (hide) your real IP address and provide some other features.
Let's say your REAL IP address is R (short hand for the longer ###.###.###.### kind of number).
A VPN routes all of your activity through another computer (server) so it looks like your computer has IP address C in location C in country C.
R connects you to C; C connects you to SA; SA sees your location as C.
.
Some VPNs let you choose different countries or automatically keep changing the locations.
Your Real IP address is R and, over many years, your 10,000+ SA logins all came from R.
Using a VPN, SA sees that you (sweetman) sometimes log in from "C", sometimes from "D", ... etc.. That didn't trigger any problem issue to SA.
.
So far, even you use a VPN and log in from multiple virtual locations, SA has no reason to block or cancel your account. The downside is, a hacker trying to login from IP address H (for hacker) in location H in country H isn't blocked or challenged by SA, either. SA computers do NOT 'say,' "Hmm ... this account holder has never logged in from H before. Must be a hacker! Deny login! Cancel account!"
.
SA did not cancel your account because of an alleged login from some VPN location or server. SA canceled your account because of alleged abuse (that was perpetrated by a hacker).
.
I think that, if you figure it out and get it set up, 2FA or security hardware (dongle) is the way to go to protect your next SA account.
That's an interesting theory. I thought VPNs worked to anonymize your IP address which would hide your identity, not trigger a spammer algorithm. When this mess all started I was not keeping very complete notes. So I don't recall if I used the VPN consistently or not.
In regards to computer viruses and hackers, have you considered an Apple computer? I’ve had an Apple computer and IPhone for a while but used to use computers using Microsoft software. With Microsoft, I needed so much anti-virus software and would pick up a virus. Since owning my Mac, I haven’t had a virus and haven’t worried much about hackers.
A dear friend of mine, who was also a Sugar Daddy on SA told me the same thing several years ago. He was a huge fan of Apple products and finally convinced me to buy an Apple laptop. I was very enthusiastic ar first, but even with his expert help, I could not figure out how to use it. Everything was so different from what I was used to, nothing was intuitive. I gave it a really good effort for a couple of months, then finally I gave up after something I'd been working on for hours mysteriously disappeared and I never figured out why. I gave up and gave the thing to one of my SBs who loved it. Then I went back to Microsoft PCs.
I didn't read any of the replies before my first thought was that it seems like an issue from the SA side. No one is stealing your SA info, I guess, whatever that could be and there is no monetary gain from having access to your SA account. Unless, someone has it in for you and disrupting your SA lifestyle is their sole purpose. No sane person is going to add a thousand different favorites every time you create a new account. So, that is some bit of a program doing that to your account.
Have you looked on reddit for instance? There's a subreddit called sugarlifestyleforum and maybe there are other ones to check out there, too. Possible that others are having the same issues as you are and that could shed some light on the issue since SA is not admitting to anything. At least you got thru to support for assistance. What was the suspected fraudulent activity? Having, suddenly, 1000 favorites couldn't be the issue. SA is helping you, but not telling you what the issue is that is causing you to repeatedly have you account deleted.
Carl, I agree with you 100%. It just "feels" like a major glitch on SAs part. In fact, one of the recent emails I received from [email protected] admitted as much, and said: " We apologize for the inconvenience. It seems there was an administrative error that resulted in the deletion of your account ". As for the suspected fraudulent activity, SA has been silent on telling me what the issue is. In fact, they have said more than once that they cannot/will not investigate, citing that doing so would violate their commitment to their user's privacy. Seems like a weak excuse, but there you are. I woulda thought they'd be eager to track down the source of the problem.
If this is a glitch on SA, I can't imagine I'm the only one affected. So your suggestion of talking to others on reddit is worthy. I've never been on reddit, so it would be a new thing for me to navigate. One reason I've been posting my adventures on here is that I figure some others here on this forum might have had the same experiences. But so far no one has said so. Nevertheless I truly appreciate the helpful ideas and thoughts you and others have offered.
One last data point: I was contacted by a SB I had one bcd with last year and I told her that my profile had been accidentally deleted on SA. She said she had the same problem! I need to talk to her to find out if it's at all similar to my experiences.
It might be too soon to tell, but I'm back on SA with a fully functional profile again. This time I'm using a VPN, I got verified with their Au10tix.com thingy, using a new email address, and a new phone number (a burner), and I'm using their 2 Factor Authorization. Every step of the way was a giant pita. I want to take a minute to thank all of you who helped with your ideas ans d suggestions, it really helped. And I know I've been using up too much bandwidth here on this problem, so thanks for tolerating all these posts. Hopefully, this will be my final word on this thread!
No worries Sweetman, we’re here to help our bros