My email address is being used to enroll for online services. Should I be concerned?

Just before Christmas I received the following message in one of my GMail accounts:

attempt was blocked
******** [redacted by me]

Someone just used your password to try to sign into your account. Google blocked them, but you should check what happened.

I signed into that account and looked at the activity (not by clicking the link in the message, of course) and indeed there was a sign in attempt blocked from the Philippines.

I gather this means that an attacker entered the correct user name and password for my account, but was likely blocked because they couldn’t pass the MFA challenge. Or maybe Google’s fraud detection is actually decent and it knows I’ve never been to the Philippines? Either way, I immediately changed the password and (as far as I know) the attacker didn’t gain control of the account.

However, in the 2 weeks since then, I have received several email verification requests from various online services that I never signed up for — Spotify, OKCupid, a Nissan dealership in Pennsylvania (that one’s interesting), and a few others I’ve never heard of before. Someone out there is actively using my GMail address to enroll for these services.

The account in question is not my main account, and while the password on it was admittedly weak, it was also unique (I never used it on anything else). I changed it to a password that’s much stronger now.

Should I be concerned about this?

Also, if the attacker didn’t gain control of the account, why use it to enroll in all these services?

How concerned should we be about RFID skimming?

I’ve heard/read several pentesting stories where the pentesters clone RFID badges. I’ve also seen some articles saying RFID skimming is a negligibly small problem. The RFID skimming I’m talking about is where someone walks up to you to skim your card or “fires” a “skimming beam” from a distance, and not where you actively (unintentionally) put your card on/in a skimmer like on ATM machines.

How common is RFID skimming? How concerned should the average Joe be about it?

(If I have some money, especially if I have access to some confidential data, I would definitely get anti-skimming stuff, but that doesn’t sound like most people)

Google SMS verification codes broken on a loop – should I be concerned?

So this is a little out of the ordinary. Not sure what to make of it. I’ve enable 2-Step Verification on a Google account.

When opening mail or other G-related services, it sends an SMS(text message) to my cell, with a code. That code is used to complete the login to mailbox… But obviously you already knew that !

A few weeks back, few minutes after a successful login, I received the same code again. Figured it was a cell provider glitch. Then again. And again the same code. So on for a day or so.. weird, but didn’t think more of it, life goes on.

Except that now everytime loging in to Google, same happens, which is concerning.
I ruled out the phone itself as a cause (iPhone), it’s in good health, recently restored to factory settings, and the glitch is only with codes from Google.

I’ve made an illustrated screenshot, with timestamps visible.. see for yourself 🙂

For clarity : while receiving the SAME code again i’m still logged in and experience no disruption on the web.

From the Google help :
Note: If you received multiple verification codes, only the newest one will work. If you requested multiple verification codes, keep in mind that it might take some time for the latest code to arrive.

Usually when you request a code again, it’s supposed to send a new one, so doesn’t look like someone is trying my account over and over again.

Any of you smarties have a clue what might be in play?

enter image description here

Are airlines responsible for Airport security or Airports concerned or third-parties on terminal-side?

In Indian Airports, all sort of terminal-side security is done by CISF . They do all the frisking and baggage screening etc. I am concerned more for the terminal-side security rather than airside where it comes under the airlines domain.

Is it similar in the rest of the world or are airlines responsible? Some notable incidents I recall are the recent Brussels Airport attack, and the 2015 Sabiha Gökçen Airport bombing. I would suspect most airports now are under some sort of integrated command and control center modeled on the American system after 9/11 rather than have disparate silo-based security which may have holes that both terrorists and criminals may be able to get through.

Why is my VPN behaving like this and should I be concerned?

I recently started using NordVPN and have noticed something strange.

Sometimes when I connect to the VPN service in my system tray it will show a wifi connection and other times an ethernet connection. In both cases I am connected to my home router by wifi.

In case 1) where it shows a wifi icon in the corner it will display

1) “My router name” on top and “Unidentified network no internet access”.

enter image description here

2) Then in the internet settings it shows this

enter image description here

And it shows

3) this in the status for each connection:

enter image description here

When I check different websites ipleak etc. it shows my VPN ip and VPN DNS, I cannot see any leaks this way.

At other times the opposite will happen and instead of having a wifi icon showing it will display as an ethernet connection and the following will now happen:

1) “My router name internet access” is on the bottom and “unidentified network” now says “internet access” and is on top.

2) My network settings now displays this

enter image description here

enter image description here

and my status for both connections now show this


enter image description here

Notice how it now says ipv4 connectivity as internet for the VPN connection (ethernet 2).

Also in this case websites such as ipleak show my ip/dns as the VPN ip and there appears to be no leaks.

In both cases the bytes are increasing for both connections.

I have had both cases (wifi icon and images 1-3/ethernet icon and images 4-6) happen fairly regularly and even change whilst I am on the VPN. I have had no disconnects or anything like that.

I have a few questions:

A. Is this normal for a VPN to do this? (What is causing this behaviour)

B. Am I safe in both cases (as I cannot detect any leaks from ipleak and other similar sites even in the first case when it says no internet access for the VPN connection in its status menu) or should I be concerned for security/privacy?

Thank you.