Call Ozdachs at 415.347.6479|

Your Email Has Been Hacked… Just Yawn??

Another friend’s Yahoo email account was broken into this morning.

Phishing Link

Link in the Email

My clue was that he sent me an email at 4:11 am.  And, the only content of the message was a link to a page on the Internet that runs a PHP programming script.

The message was sent to me, his sister, his ex across the continent, and bunch of other people I don’t know.  The email had a long TO: list that looked like a random group of emails from my friend’s address book.

So, another person’s email account was compromised.  Probably hackers went through and guessed his password.  Or, maybe his email address and password were stolen from another site that had been broken into. Do we, or he, care?

The recipients of the email shouldn’t worry, as long as they don’t click on the link and visit the site in Latvia (.lv).  I am sure that waiting on the .php destination page there is a malicious script that will try to infect the computer of any visitor that goes there.  Even so, you’d probably have to also click on a confirmation box to run a program before you got into trouble.  If you receive an email like this, you’re okay so long as you delete it without clicking on any link.

My friend, however, has a few worries:

  1. First, he needs to stop the damage.  He should go to Yahoo and try to regain control of his account.  If they bad guys are nice, they didn’t change the password. He can log into Yahoo and pick a different, stronger password. Some bad guys are not so nice.  They will change the email password so that you’re locked out of your own email account.  In that case, you’ll need to contact Yahoo (or whoever owns the hacked site) and ask them to help.
  2. The bad guys controlled/control his email account for a while.  If they are truly evil, their programs visited all of the major banks, credit card companies, online stores, investment houses, etc.  They typed in my friend’s email address, saying that they had lost their password. Many stores and financial institutions responded with an email link to reset the password.  The bad guys, who had access to the Yahoo email account, clicked on the reset password link, created a new password, and gained control of my friend’s financial resources.My friend should go to every place he used the Yahoo address and enter a different email address for the account. He should also look over recent transactions to make sure his account hadn’t been compromised.
  3. The bad guys could go to every online store, and see if the combination of the email address and Yahoo password logged them in.  If my friend reused that password anywhere where he also used the Yahoo email address, that account is vulnerable.  My friend should change the password everywhere he used the same credentials he used for his Yahoo email account.
    He should also look over recent transactions to make sure his account hadn’t been misused.

You should use unique passwords for every site, especially sites like banking or ordering sites which remember your credit card number.  When you use unique passwords, if a site is broken into you have to change your password for that one site.  If you share passwords among sites, you have to change that password on every site it’s used when it’s compromised on any of the sites.  — from a post about Kickstarter being hacked

My earlier post recommends that you sign up for the free password management program, LastPass.  I am going to suggest, really suggest strongly, that my friend do that today!

By |2014-03-13T13:52:57-07:00March 13th, 2014|Consumer Tips|0 Comments

Today's Phishing Trips

Two phishing attacks are hitting my in-box hard today.

Facebook Phishing AttackOne tries to trick you into logging into your Facebook account to see the new features available to you. This is a really clever angle since earlier this week Facebook unleashed a site redesign which has been widely panned in part because Facebook didn’t pre-announce the changes or explain them.

This phishing email sounds like Facebook is responding to criticism by telling you of changes and inviting you to learn more about them.

Of course, if you do click on the link, you’ll go to a site that looks like Facebook but is, in fact, a fraudulent site somewhere in the European Union. The crooks want you to give up your Facebook user name and password. From there they’ll have access to your Facebook account and can post and send messages coming from “you” to trick your friends into giving up more information. Or worse.

The second attack is an email supposedly from the FDIC telling me that my bank has been taken over. According to a warning I heard on the radio, if you click on the link to the phony FDIC site, you’re asked to put in your bank account number and other identifying information. Guess what happens after you do this?

Practicing Safer Computing

FDIC phishing attackHere’s how I quickly spotted these messages as phony:

  1. I hovered my cursor over the links. Microsoft Outlook pops up a message showing the real destination of any link when the cursor is held over it. In these cases the destination started out with “” or “”, but the location kept going and in both emails ended with a “.eu”. This means I’d be taken to crooked sites in the European Union and not to a business or government site in the US. (Check out an earlier post about a phishing attack for more information on uncovering where a link is really going to take you.)
  2. The FDIC mail was sent to an email address that I don’t use for banking. [email protected] simply is not used for those activities, so why would I get messages in that inbox?
  3. I wasn’t expecting email from either organization. I don’t click on links in email when I am not expecting the message. Even when I do get a notice from my real credit card companies or bank, I don’t click on their link. Instead I type the address in myself (or use my bookmarked location).
  4. I am getting multiple copies of each message. They’re being sent to every email address I have displayed on the Internet, and I think I am getting multiple copies to the same email account. No real sender would be so unselectively spammy.

Yeah, I could wind up falling for tomorrow’s phishing attack. I know no one is immune. But, these two didn’t get me. Don’t let them get you!

By |2009-10-28T12:22:49-07:00October 28th, 2009|Scams|0 Comments
Go to Top