Everyday Tips from the ComputerMom 

May
 2013
 
Join Our Mailing List
Wow, what a month we've had.  I hope that none of you, your friends, or your families were adversely affected by the events at the Marathon.  Like many of you I both watched the race and had friends running in it - this thing just hit way too close to home. Such a tragedy on what should be a lovely celebratory day really puts the rest of our problems into perspective.

This month I had several calls from clients with email spoofing questions, which seem to be happening with more regularity, so I've decided to focus today's newsletter on email hacking.  I hope this clears up some confusion and gives you some tools to help keep your email accounts safe.

Here's to a pleasant and uneventful May!

Regards,
 
Julie Marto 
508-359-8176
www.thecomputermom.com
www.facebook.com/thecomputermom

P.S. With Windows 8 still causing a flux in the market, and touch screen computers still relatively rare and expensive, I'm sticking to my advice to hold off buying a new computer unless you absolutely must. Don't forget that a flat rate drop off optimization of your old machine can get it back into shape to tide you over for the short term!
Help - My Email's been Hacked!

I can't tell you how often I've heard this line in the last few years. Email theft has become big business, as a way for criminals to send spam, spread viruses and other malware, and try to scam people out of money.

There are many different forms of email hacking or spoofing, some more serious than others.  Each one requires you to take different action - or no action at all.  In this issue I will try to go over a few of the most common problems and how to approach them.

Do I have a virus?

This is almost always the first question I hear from the victim of an email hacking. Although  you should always run a full virus scan and check for spyware on your computer if you suspect you have a problem, the answer, surprisingly, is probably not.

Often the first sign that your email account is being misused is a pile of returned emails in your inbox.  If you don't recognize any of the addresses that have bounced, it's most likely you are not hacked, your return address is being spoofed, or forged. However, real email hackers will send their spam messages to everybody in your address book, and most address books contain some out of date address. If the bounced email was sent to your real contacts, your account has been compromised. 

If you are using an email program that works from your computer, like Outlook, Windows Live Mail, or Outlook Express, check in your sent mail and see if you have messages there you don't recognize.  If you don't, chances are that the messages are being sent at the server level - not from your computer, but from your account on the web.  If you do have a virus sending spam from your computer, you might get a warning message from your internet provider like the one below.  If you get one of those, you have a big problem - disconnect the machine from the internet immediately and call me for a virus removal!

Xfinity Bot Warning Notice

 
Email Providers So if I don't have a virus, what happened?

By far the most common reason you are sending spam to your friends is that your email log in information has been stolen and your account is being used by the hackers at the server level.  There are many ways for criminals to steal your email credentials, including:

If you recognize yourself in any of the above bullet points, you are putting yourself at risk.  Don't forget, your email address is not just where you get email, but it is often the gateway to your other online accounts, including banking and financial accounts.

The easiest way to fix this is to log into your account on a known clean computer and change all of your credentials - not just your password, but all of your security questions, and your backup contact information.  You should also set your cell phone number to receive a text in the event of future credentials changes. 

There is a possibility that the criminals have changed your email password and locked you out of the account.  If that has happened you will need to get in touch with customer service for your email provider.  If you are using a pay provider like Comcast or Verizon you can contact their 800 numbers.  If you are using a free provider, you can use these recovery links for Gmail, Yahoo, Hotmail/Outlook.com and AOL.

spearphishing Or perhaps I'm not even hacked!

Have people been getting spam from "you" that has your name on it but a different email address?  Then you haven't been hacked at all, your email address has been spoofed.

Someone - or more likely someTHING, a "spam bot" - has made a connection between your name and your contact list.  Once that connection has been made emails can be sent from dummy or stolen accounts pretending to be you, to people you know, in the hopes that they won't see the incorrect address and will act on the spam they are receiving. This type of targeted spam is called "spear phishing".

I've been seeing a lot of this lately, as you can see from the email in the image above - I'm pretty sure my husband didn't send me the link to that amazing site! This particular instance seems to have been caused by a Facebook problem.  With more and more social media sites in action out there the opportunities for this type of connection harvesting will only increase.  

Unfortunately, once you have been spoofed there is really nothing you can do to stop it, although you could potentially send an email to your contacts letting them know this is happening and cautioning them to look out for the fake emails and not click on any links.