This occurred on Kraken. These are the details:
- I discovered 'Username request' and 'Password reset request' emails in 'Deleted Items' email folder. Note: this is not the 'Junk' folder, and the emails where from several hours before. The only way to get to that folder is by manual deleting items, AFAIK?
- When I reviewed the login history to my outlook.com email account, only my home IP was able to successfully login - so I believe other parties did not get my email login credentials
- When tried to login to Kraken, the password was indeed changed. However, since I have 2FA I believe they were not able to login (i.e. 2FA is not required for password change there). To be able to change the password, it is required to know the Username. Since password was change, I believe the intruder was able to read the contents of the received 'Username request' email. (i.e. I guess for some reason they were not able to remove the items from trash-bin, for some reason)
- PC running Windows 10, McAfee Total Protection
- Email account on Microsoft's outlook.com, 2FA enabled (no SMS). But, I always have a chrome tab opened and logged in.
- One other note: I did not receive any notification on my mobile about these incoming emails (i.e. prior to being deleted), how is this possible? (Android, outlook app)
So my question: What type of threat is this? Is there a remote access to my PC, or is this some malware able to access my opened tabs on chrome (i.e. read, delete messages)?
(b.t.w After contacting Kraken about this, I froze the account for the meantime.)
Thank you for any advice.