SWAPD Account Security - Two Factor Authentication

Your account is your responsibility.

This announcement is in no way tied to any active events, but we’d like to take this opportunity to remind all of you that you have an option to enable Two Factor Authentication for your SWAPD account.

We operate in an industry where hacking and scamming attempts are quite common. To be a step ahead, ensure that not only your social media accounts are secure, but also your buyer & seller profiles. In this instance, your SWAPD account.

How to enable Two Factor Authentication?

  • Navigate to your Account Preferences
  • Click Security
  • Enable/Manage Two Factor Authentication

What are some good Two Factor Authentication Apps?

  • Authy
  • Google Authenticator
  • Microsoft Authenticator
  • Duo Mobile

What do I do if my SWAPD account gets hacked?

Contact @Administrators on a secondary account (if you are no longer able to log in), or write to support@swapd.co via email.

Please also take a moment to review your active sessions/logins within your security settings, and ensure that the login activity on your account is recognizable. Remember to also frequently update your passwords. Never use the same password on multiple websites.

19 Likes

Bumping for visibility. Make sure you go through your active logins in your security settings on SWAPD, rotate your passwords, and enable 2 Factor Authentication :+1:

1 Like

Pinning this, as it appears someone is actively looking up our users on leaked password sites, and finding passwords they can use to log into your accounts. This is NOT a security flaw with SWAPD. If you get phished by password re-use, it’s your fault, and your fault only. Don’t become a victim.

2 Likes

And just to justify this warning, one of our members lost 1000 USD last night because someone logged in as him and posted his crypto address during a ticket payout. And this is not fully confirmed yet, another member may have lost a whole bunch of social profiles bought on SWAPD, and it seems it’s because he used the same pass for everything, including his SWAPD login.

9 Likes

Bumping this as again, someone got hacked today and the attacker stole the accounts mid-transfer. We’re not 100% sure yet, but it seems that this unfortunate incident did happen. Please remember to have a strong password and enable 2FA.

1 Like

And another story from last night. One of our members had a TROJAN that injected the hackers BTC address during paste. Here is how it happened:

  1. Ticket nearing closure, transfer completed.
  2. Moving on to payout.
  3. Seller drops his BTC address.
  4. We payout.
  5. We close the ticket.

Later on, the seller says he never received the money and the BTC address he posted wasn’t his. We didn’t believe him as there was no edit history. But after digging deeper the seller himself uploaded a video where he found that he is unable to copy and paste his own BTC address, anywhere. He would go into his notepad, copy and address, paste it in the ticket, and a different address was injected. Of course, he didn’t notice it with the whacky way BTC addresses are constructed. I have to say that is one of the most clever pieces of malware I’ve ever seen in my life. Pure evil.

Moral of this story:

  1. Don’t download from torrents.
  2. Buy your software, don’t pirate.
  3. Have strong passwords.
  4. 2FA until you die.
1 Like