Samsung account hacked?

So a few mornings ago I woke up to an email saying my spotify account had been accessed from Russia, I knew it was not me that logged in so I reset my password, My spotify account is linked to my samsung account as well as a few other accounts like amazon and stuff, so I changed all of my passwords accross all of my accounts and set up 2FA on accounts where it was not set up previously. Since changing my password to all of my accounts I have twice had a notification from Samsung which shows my password has been locked out due to 2 many incorrect password enteries being entered, I havent had any notification elsewhere for any of my other accounts just only seems to be my samsung account. was wondering if anyone else has had anything similair, I mainly use my samsung account for smartthings and my mobile telephone.

Are you sure these emails are actually from who you think they are? Is Samsung’s domain samsung-mail.com? Remember, if samsung has not registered a domain called samsung-mail, then anyone can do it. I could call myself samsung-warnings or something like that and scam you. Check the raw header of the data and make sure its path looks genuine. And if you do want to reset a password, NEVER do it by clicking the link in an unsolicited email. Always go to your account first and check that you really do have the problem the email tells you that you have.

Another clue is that the letter is addressed to “Dear Customer” instead of using your name. This is another sign of a scam. And it means they have not really hacked your account or they would have known your username and been able to make the email more convincing.

@Inge_Jones, yes, that belongs to Samsung. The same email address is used for the verification codes for signing in.

Samsung Account SA.noreply@samsung-mail.com

@DeekB, that seems to be, someone has your previous password and trying to sign in. Make sure that you never use the same password ever again anywhere. And yes, it means someone is trying to access your Samsung account.

1 Like

Wow… I bin anything that starts “Dear Customer”, for the reasons stated. Perhaps they could reconsider their emails.

1 Like

Then I guess, you haven’t tried to login to the IDE for a while then…

It doesn’t send me unsolicited emails - or hasn’t done so far. Obviously if I have said I need to reset my password, or triggered an email in similar way, or I have typed in an address, I feel safer than something unexpectedly turning up in my mailbox. So far, although I have had a few emails from various accounts telling me my account has been compromised and locked, in no case has there been anything wrong with my account when I actually try logging in to check. So I have always been right to be suspicious so far

The emails are 100% from Samsung, I couldnt log into the IDE for smart things, Also got the same you need to reset your password prompt when logging into IDE with my samsung account.

I am usually quite risk averse with things like this and got no idea who has managed to get my password and from where but I have as I indicated in my first post changed the password for all of my accounts and have will never use that password again, I also use different passwords for each account I have like E-mail, and online banking acocunts and amazon so it seems like only my samsung account was breached, As above my spotify is linked to samsung and I think thats how they have managed to access both, I am going to unlink my spotify from my samsung account as I guess the breach could have been from any one of those accounts.

Tagging @SamsungZell

You could lash your email address in here (https://monitor.firefox.com/) and check to see if it gives any worthwhile info. It can be hit and miss though.

2 Likes

Thanks, Shows I have been a part of a breach from Adobe from 2013 and drop box on 2012 but was only added to the database in 2016, quite some time ago but thats not to say there could have been a more recent breach that hasnt been discovered yet. I think I am safe for the time being as I have changed many passwords and set up 2 factor authentication on some of my other accounts that did not have it but thanks all was just wondering if anyone else had anything similair recently.