Quote Originally Posted by Klaleara View Post
If they hit the scammers website from their computer, the scammers could have gotten their IP. Just, nothing they could really do with their IP lol.
Exactly, that's not "Hacking an IP" that's just seeing it.


Quote Originally Posted by Avatre View Post
That's also assuming the site that you are "logging" into has the spot to enter 2fa. If they don't, then there would be no way to get into the account. As I haven't even looked at those phishing links, I don't even know if they have a field for that.
They do, a friend with the token has been compromised one drunken night he wasn't too smart. He assumed the site just auto-logs in to a client with the credentials without human intervention, which would make sense considering the speed which would be required to use the information.