Hello - ATTENTION
Despite i'm IT specialist (I use unique and strong passwords) i became VICTIM of HACKERS via fishing.
This could help you in similar situation or to prevent it..
1. There is FISHing site https://www.bittŗex.com/ (notice weird `r` )
2. I clicked at it because it was first link on google search (advertised)
3. You enter your email (login ) into the fishing form
4. Their site ask for two factor auth code which you receive via phone, but this code is in fact for changing google mailbox password - not for the login into the service itself!
- at this point i COULD detect the fraud (i was surprised they know my phone, but i haven't breaked off)
5. They change your google account password and login into it.
6. They use bittrex forgotten password, and click confirmation link in your mailbox.
7. Now they have access to both your mailbox and service itself..
- all this happened in minutes after abuse..
- you can't login into your email neither to bittrex (or other service)
- in my case iPhone ask me for password to Email client because it wasn't able to download emails.. which was very lucky!
- don't panic! work fast..
- first change password in google account
- change password in bittrex (or service)
- be cautious, if anything look suspicious or surprising think before act.
- enable 2factor authentication in google for future safety
- enable 2factor authentication is service (bittrex) too
- as always - don't use same password in all accounts (this make this even simpler for hackers)