Hackers!! (Rant)

[LowThudd]

Some scuz bucket hacked my e-mail account and sent some link to everyone in my list. Prolly some zit faced kid who thinks he's accomplished something in life. What a jackarse! Anyonelse had this happen? And yes, I did now change my password it is now "EffuStu". j/k lol

 

[Mac]

If I had to guess it's probably not some would be hacking leet speaker in highschool and wayyy more likely to be some malaysian crime syndicate. Just sayin..

 

[rogerdugans]

Make sure you run any antivirus software you have after updating it.
Might want to also run an online scanner like HouseCall - Free Online Virus Scan - Trend Micro USA .
I've had good luck with that one on infected machines I was fixing for various people.

I am going to go with the odds and guess that you use Outlook or Outlook Express for email- turn off the "Message Preview" option if its running- it allows executable code to run when you select an infected email.

If you KNOW you were hacked by some kid, ok, but more likely is one of the bots/scams going around, or someone you know is infected and it was sent to you.

It sucks to have to deal with that crap- my family and many of the people who know me ask me to fix stuff frequently.
And then they go back to not following instructions again afterwards.

 

[dwillings]

Do you use Microsoft Outlook or something of that sort? Or are you using an online service like Yahoo or MSN?

 

[LowThudd]

If I had to guess it's probably not some would be hacking leet speaker in highschool and wayyy more likely to be some malaysian crime syndicate. Just sayin..

Dude! Your back! Glad to see you, and I;m not sure what language this is: eGt outimpm peymant with oyur talment online

Make sure you run any antivirus software you have after updating it.
Might want to also run an online scanner like HouseCall - Free Online Virus Scan - Trend Micro USA .
I've had good luck with that one on infected machines I was fixing for various people.

I am going to go with the odds and guess that you use Outlook or Outlook Express for email- turn off the "Message Preview" option if its running- it allows executable code to run when you select an infected email.

If you KNOW you were hacked by some kid, ok, but more likely is one of the bots/scams going around, or someone you know is infected and it was sent to you.

It sucks to have to deal with that crap- my family and many of the people who know me ask me to fix stuff frequently.
And then they go back to not following instructions again afterwards.

Do you use Microsoft Outlook or something of that sort? Or are you using an online service like Yahoo or MSN?

Thanks for the trend micro. I have Norton anti virus, but I'll give it a shot.


No outlook, I use live mail. but I often surf while I have my e-mail open. My other live mail accs were not hacked. I changed my password, and haven't had any trouble since. I think maybe my password was to simple, and I made the mistake of using it for more than one acc. Not any more.

 

[dwillings]

It sounds like to me your just a victim of phishing. You probably opened an email containing a link to a third party site and bam, they have your account.

 

[skri11a]

I think you nailed it lowthudd... PW was too simple and too frequent. Anyway, if you've run at least your installed virus scan, the housecall scan, malwarebytes scan and possibly super-antispyware scan, then your pw was guessed. Double check that your alternate email address, in your email account, is one of yours and you're probably past this problem.

 

[skri11a]

It sounds like to me your just a victim of phishing. You probably opened an email containing a link to a third party site and bam, they have your account.

It's not that easy... at least spell out how it works... You'd have to enter your specific info for whatever site they were phishing you for. It would have had to be an email, from your email provider, asking for your user info, on a site the email provided the link for.

 

[dwillings]

Lol which is the definition of phishing.

"In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing is typically carried out by e-mail or instant messaging,[1] and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Phishing is an example of social engineering techniques used to fool users,[2] and exploits the poor usability of current web security technologies."

 

[skri11a]

Lol which is the definition of phishing.

"In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing is typically carried out by e-mail or instant messaging,[1] and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Phishing is an example of social engineering techniques used to fool users,[2] and exploits the poor usability of current web security technologies."

Which is exactly my point. You don't just open an email with a link and "bam they have your account".

 

[Kevin Freeheart]

You don't just open an email with a link and "bam they have your account".

Yes, actually they can.

First, let me point out that you do NOT need to have control of an account in order to send e-mail AS that account. So a very common tactic of spammers is to log which accounts click those links. Every link gets a unique identifier and loading that link CONFIRMS that your e-mail address is valid and capable of accepting incoming messages.

They then send messages using your address to other people. Because you use it, it's less likely to be flagged as spam in the beginning and it's more likely to cause backscatter which (since they know you open links in spam!) is a good potential lead.

Account compromises are really, really uncommon unless people are dumb enough to use a dictionary word as their password.

I recall laughing when I learned that the most common password is "password1".

 

[dwillings]

I'm not going to argue this anymore, I've made my point.

 

[LowThudd]

Not sure if it's related or not, but I had to restore windows to factory defaults after some problems w/ my Linksys B router(nearly bricked my acer). But I was having no issues before I started using the router. Finally got my 'puter working again and all my files back, and actually it's running smoother than when I got it. lol Anyway, all is good now, and I just keep my e-mail closed when surfing(used to always have it open), and I don't use that e-mail acc for anything hazardous anymore.

 

[rogerdugans]

It used to be that you had to click on a link on a website to get compromised.
Now all you have to do is view the page.

It used to be that you had to open an email and click a link to get compromised.
Now all you have to do is preview the email.

It used to be that you had to DO something with your computer to be compromised.
Now all you have to do is have your computer connected to the internet and be on.
Seriously.

The only certain way to never get infected is to NEVER connect to the internet and never connect ANY external drive- dvd, cd usb, anything.

Using Apple is not a guarantee, using linux is not a guarantee.

However, security can be as intricate and involved as you want to be- how paranoid are you? (Not meant as an insult, just descriptive.)

I am fairly paranoid so I have hardware and software firewalls and manually do updates.
I watch where I go and what I do.
I use different passwords and rarely replicate them.
I don't do anything with facebook or other social media either.

I NEVER open emails from those I don't know.

 

[LowThudd]

Now that I think about it, I may have opened an e-mail in my spam folder, as I was expecting an e-mail and never got it. Good point on all that. I am just going to keep making system image disks as I upgrade my software/apps and use them if needed. I try to avoid paranoia if I can help it. The 'three letter' beaurocrocies cause me enough as it is. lol

 

[skri11a]

Ok. I'm not trying to start a pissing match but we need to clear some things up. Too many IT professionals like to spout out absolutes because it keeps the calls to a minimum. I do the same thing. However, as long as we're typing this stuff out and it's public record, let's go ahead and get "technical" because, in the long run, it could actually help those that want to know.

The first thing we need to do is create a baseline. Let's say, at minimum, you have a perfectly patched installation of XP. That is to say, service pack 3 and all automatic updates. Anything that we're talking about here that can't be done to XP-SP3 can't be done to vista or Win7 either.

Yes, actually they can.
No, actually they can't. I'll get in to the why later.


First, let me point out that you do NOT need to have control of an account in order to send e-mail AS that account. So a very common tactic of spammers is to log which accounts click those links. Every link gets a unique identifier and loading that link CONFIRMS that your e-mail address is valid and capable of accepting incoming messages.

Yes, you're right, I don't need to know you're account info to "spoof" your address. I can make up ANY address I want (including your address) and send email as that address. This requires no interaction from the holder of that address. You're also right that those links, once clicked on, can glean a good amount of information about the person that clicked on it. The confusion here is this; The only way opening an email ('opening' includes the reading pane or auto-preview), WITHOUT clicking the link, is if there is an embedded image in the email that is located on a remote server. Once that image loads, the spammer knows that email address is valid. VBscript, java, flash etc... will not auto preview in patched windows installations. Therefore, there is NO WAY that opening an email can install any nefarious software on your computer without your consent. Which means there's no way to open an email and "BAM they have your account." Again, anyone can spoof your address without EVER interacting with you at all.


They then send messages using your address to other people. Because you use it, it's less likely to be flagged as spam in the beginning and it's more likely to cause backscatter which (since they know you open links in spam!) is a good potential lead.

This is true, except I'm not sure how backscatter plays any role here. Backscatter is how you know someone is sending messages from your account. You get non-delivery reports from addresses you never sent to.

Account compromises are really, really uncommon unless people are dumb enough to use a dictionary word as their password.
I'll agree with this completely. I will add though; for some reason, yahoo accounts tend to get compromised a lot and honestly, I'm not sure why.


I recall laughing when I learned that the most common password is "password1".
It's sad, and unfortunately, so true.

It used to be that you had to click on a link on a website to get compromised.
Now all you have to do is view the page.
If you visit a page that has been written to compromise your computer, you're right. If a page has an advertiser that has written nefarious code, you're right. Even legitimate sites can infect you if one of their ads is compromised. A fully patched computer is much less likely of falling victim to rogue installs, however.


It used to be that you had to open an email and click a link to get compromised.
Now all you have to do is preview the email.
Again, only if there are imbedded images, and the best they can do is confirm your address is valid.


It used to be that you had to DO something with your computer to be compromised.
Now all you have to do is have your computer connected to the internet and be on.
Seriously.
Despite the feeling of paranoia this incites, it's mostly true. New exploits are found everyday. However, linux and mac truly do encapsulate your environment to the point of making this almost impossible without your consent. Vista and Win7 have an almost comparable solution with UAC (user account control). If you pay attention to the prompts and what you're actually doing, you can avoid almost all calamity.


The only certain way to never get infected is to NEVER connect to the internet and never connect ANY external drive- dvd, cd usb, anything.
100% true, yet way too ominous.


Using Apple is not a guarantee, using linux is not a guarantee.
You're right, of course, there are no guarantees. Yet, using either of those OS's reduces your exposure to threat by a HUGE margin.


However, security can be as intricate and involved as you want to be- how paranoid are you? (Not meant as an insult, just descriptive.)
This is a common variable in security of any kind. The more security, the less functionality. The more functionality, the more exposure to risk.


I am fairly paranoid so I have hardware and software firewalls and manually do updates.
I watch where I go and what I do.
I use different passwords and rarely replicate them.
I don't do anything with facebook or other social media either.
There's nothing wrong with this stance. I'd consider all of that as "best practice." As far as social media, you should know EVERY level of privacy and security available before you start posting.


I NEVER open emails from those I don't know.
This, again, is a best practice... I'd even call it common sense.

It's Christmas Decoration night and I'm getting the evil eye for being out here on my laptop. I just want to say that common sense will save you from everything you can be saved from. There will be times when nothing you do can save you. I just had my cc hijacked and it was either from an e-cig vendor or the flowers I bought my wife for our anniversary. I am extremely paranoid online because it's my job and I STILL got compromised.

 

[rogerdugans]

Great additional information, skri11a.

I'm a computer hobbyist and primarily a linux user- one webserver infected with a server virus years back, one server that was hacked- once.
I also support family and friend Windows machines and have had to deal with many "minor" virus issues and a few major ones with them over the years.
(The above may explain my paranoia....)

The only other things I would add are these:
the jerks (virus/malware users) out there are basically one step ahead at all times, even a properly updated computer can get hit. *Defenses HAVE gotten better and the ethical folks looking for holes in order to get them fixed help this greatly, but the jerks who exploit problems are still a step ahead.

Most infections are random- they don't LOOK for your machine, but malware software simply looks for computers that are vulnerable. A system that is updated properly and used with some care and common sense is less vulnerable. People getting directed attacks is rare and usually big companies who have data the hackers want.

I surf and do all kinds of stuff on the interwebs, obviously- while fairly paranoid, I am not stopped nor will I ever be.

 

[Stosh]

I've been in the busines since 8086 and trash-80's were state of the art!!

Keep my OS, and anti-virus patched and up to date, firewall tighter than a
gnat's behind, pratice safe surfing(or so I thought).

Yet about 3 weeks ago experienced the same as LowThudd,
e-mail hacked and spammed to my entire address book.

I have to believe it is a e-cig related site, e-mail that I opened without
thinking. When a noob has asked about a "XKE-1500-Super Cig"
package for only $250, I've been guilty of googling the model for info.

There seems to be a site or two that has absolutly no regard for privacy,
legal business practices, seriousness of cyber-crime....

 

[LowThudd]

I've been in the busines since 8086 and trash-80's were state of the art!!

Keep my OS, and anti-virus patched and up to date, firewall tighter than a
gnat's behind, pratice safe surfing(or so I thought).

Yet about 3 weeks ago experienced the same as LowThudd,
e-mail hacked and spammed to my entire address book.

I have to believe it is a e-cig related site, e-mail that I opened without
thinking. When a noob has asked about a "XKE-1500-Super Cig"
package for only $250, I've been guilty of googling the model for info.

There seems to be a site or two that has absolutly no regard for privacy,
legal business practices, seriousness of cyber-crime....

Good point. And I have e-mailed a couple china based companies, and that may very well be what got me comprimised. I'll be making a new "Hack away" acc now for just that reason, and use it only when dealing with an unknown supplier.

 

[LowThudd]

done! UHackAway@hotmail.com. lol Probably an invitation for disaster, but I have no personal info associated w/ that account.