I hope this is the right place to ask. Sorry if it isn’t.
So my brother got the typical ‘scam’ e-mail. The e-mail has the correct password of my brother and all the ‘‘I have access to everything, photos etc…’’. Now i get that this is probably a breach and his data may have once been leaked which is true because I checked it on https://haveibeenpwned.com/ . BUT here is the catch. His e-mail account, league of legends account, snapchat, old instagram account and battle.net account all got hacked. We can’t manage to login anymore and the password/username and even e-mail all got changed since we don’t get the login verification codes anymore to the e-mail he used (we were able to recover my brothers e-mail account with his backup e-mail account and we resetted the password instantly, we also saw here that there were successful login attempts into his e-mail account). We also have contacted Riot Games already since this is the only important one for him and hopefully we get that account back. We are also busy transferring every important account to a new e-mail account who we have secured in all possible ways. Now i know those e-mails are 99% a scam but since my brother actually got hacked on some accounts and even the one he uses daily (league of legends) I’m kinda scared the ‘scam’ e-mail may actually be true or is it bad timing? Can someone enlighten and help us please. My brother is panicking.
Hey, so same thing happened to me about 2 weeks ago, email was in 6 data breaches and unfortunately use the same password as well, hacked my email and started resetting all my passwords ( instagram, LinkedIn etc…) I eventually got him out to avoid them trying to scam my friends on instagram. And changed the email password set up 2FA, Authenticator app and passwordless email (best idea in my opinion). After doing all that I received the same exact email from some scammer and have read many stories just like this so I don’t think it’s a coincidence must be the same person that’s hacking you. Just make sure to set up a new alias to the email account so they can’t try to log in anymore or recover it. And set up passwordless email so it can only be entered through your Authenticator app. You’re going to keep getting spear phishing emails so BE CAREFUL and do not click any links, some of them will have usernames and gamer tags because of the info they picked up on you from the email. Also check any websites that might have your debit/credit info saved on it, I saw the hacker tried to buy some stuff online and wasn’t successful. I went nuclear and just factory reset my phone and got a new debit card, new email and permanently deleted the old email after I recovered all the accounts I could remember. Good luck if you need any help message me! PS: check the “blocked emails” list on your email, they must have added some to it, and check email forwarding as well.