- Apr 28, 2015
- 8,671
Probably yes, anyway I also created tunneling in that case.
People logging into my accounts despite 2FA being enabled.
- Thread starter Xeno1234
- Start date
Please provide comments and solutions that are helpful to the author of this topic.
- Status
Probably yes, anyway I also created tunneling in that case.
- Feb 7, 2023
- 1,737
Indeed, this is frequently the case.
Upon trying to log-in, services will gather information such as IP addresses, browser and device information and others. Because VPN changes your location frequently, services can become paranoid.
In addition, these emails do not mean log-in was successful. It may be someone attempting to log-in with old leaked credentials or they may have failed on the 2FA step. Email will still be sent.
I would advise @Xeno1234 to check for activity.
For example on Discord, has someone been messaged?
On Bitdefender portal, have any settings been modified? There should be full audit logs somewhere on Bitdefender portal where all activity can be inspected.
- Jun 12, 2023
- 699
- Feb 7, 2023
- 1,737
So you have no reason to be worried at all. Furthermore, attackers are unlikely to be interested in anything else other than cryptocurrency, information they can sell left and right (credentials) and payment information (although with 3D secure this is becoming less and less valuable as well). They may only be interested in Discord account if they intend on spamming and infecting more people. In your case, this hasn’t happened.
You are all good.
- Mar 2, 2023
- 794
@harlan4096 thank you for opening up this thread again, as this information regarding my question is very helpful and useful for me...daily, in that all of the above replies make sense to my less-than-IT proficient understanding 
- Jun 12, 2023
- 699
Thank you all so much. I wonder what made my logins say Denver, but if I was actively being hacked I think they would try to login again after February 13th.
- Feb 7, 2023
- 1,737
In many cases VPNs, even when you run them with the same location, will change IP addresses. This may cause alarms as well as they can see new IP address (depends from service to service). It is just one thing that has to be dealt with if you wanna be behind VPN. Security requires you to sacrifice convinience.@harlan4096 thank you for opening up this thread again, as this information regarding my question, is very helpful and useful for me...daily, in that all of the above replies make sense to my less-than-IT proficient understanding
It is saying Denver because activity was detected from there. Attackers will frequently utilise victim machines to attempt to brute force credentials and perform other nasties. This specific victim was in Denver and they are unaware what’s going on when they use their device.
Regardless, you’ve got nothing to worry about.
- Oct 3, 2022
- 380
That depends on where the VPN service has their servers located. You connect to a VPN, the VPN sends all your traffic to their server, and then the traffic leaves that server and reach towards your desired web site like gmail.com. What gmail sees is that you connected from that source - server, which happens to be located in Denver.
Last edited:
- Feb 7, 2023
- 1,737
Just for reference, here is my Outlook sign in activity (passwords have leaked before).
Nothing to worry about though.
Nothing to worry about though.
- Jun 12, 2023
- 699
Ok. I do remember I checked the accepted the verification emails from Denver, so it might have been a VPN I had or something, I don’t know.
I’ll just leave it at that. Thank you guys so much for the help, I can’t explain how worried and paranoid about this I’ve been.
- Feb 7, 2023
- 1,737
If you have any issues like these, feel free to drop me a PM in the future, or you can contact anyone from staff directly, all staff here is very knowledgeable.
- Apr 28, 2015
- 8,671
- Status
Similar threads
