One afternoon, Talinda discovered that she couldn't log on to her eBay account because the password had been changed. Soon after, she got an email from PayPal reporting that someone was trying to change the password to that account. Though such emails are often spam, sent by cyber criminals in an attempt to "phish" for user data, a call to PayPal confirmed it was real. No one had taken the Benningtons' money, but someone was trying to gain access. The PayPal rep told her to notify her local police.
"This person is hacking into everything," Talinda thought. "Are they watching me now? Are they here?"
In August, Chester got an automated text message from Verizon Wireless, his cell phone provider, confirming a new password for his online account. Like most phone companies, Verizon allows subscribers to manage their accounts on the Internet and view lists of incoming and outgoing calls. To open this type of account, users need only go online, fill out a form, and choose a password.
But Chester had never opened an online account for his Verizon mobile phone; he got his bills the old-fashioned way, by snail mail. So why was Verizon confirming a password change?
Suspicious, Chester and Talinda logged on and changed the password, promptly receiving an SMS verification of their change. Then another notification informed them that the password had been changed again. So the couple changed it back and got another confirmation. When they got yet another text message announcing yet another change they had not made, the Benningtons logged on and found a question written in the space where the password should have been.
"Who is doing this to you?" it read.
