Hacker News new | ask | show | jobs
by mbrameld 3720 days ago
The email being compromised opened the door to his email being compromised. The door to his Namecheap account being compromised was apparently already wide open.
1 comments
levemi 3720 days ago
No, OP didn't have 2FA enabled on their namecheap account. It was namecheap's fault for improper handling of the social engineering attack but OP could have protected themselves by having 2FA
link
cname 3720 days ago
The article pretty clearly states 2FA was enabled for the Namecheap account in question. In fact, that is sort of the whole point of the article.
link
levemi 3720 days ago
Oh this comment by CIO led me to think 2FA wasn't...

https://news.ycombinator.com/item?id=11480221

You should not be able to overcome 2FA with social engineering wtf!

link