Has anyone else noticed a large number hijacked e-mails? I must have a dozen e-mail contacts that I get bogus e-mails trying to direct me to web sites. From Yahoo addresses to Buckeye-express, it seems like they are getting everyones.
Hijacked E-Mails
Comments ... #
Yup had a friend distribute one recently. Change your password on all e-mail accounts immediately and delete all temp files, cookies, and recent history. Here's a free utility: http://www.geekstogo.com/forum/files/file/187-tfc-temp-file-cleaner-by-oldtimer/. It's safe when it asks to re-boot do it, needs to be done to work. As always back-up data before major changes. Establish re-store point and remove old ones via disk clean-up by choosing options/remove all but latest re-store point. Obtain latest Malwarebytes (again free) That utility best run by exiting internet connection for safety while running in safe mode for a full scan. In safe mode fire-wall and anti-virus will not be active so it's best not to have a web connection for the duration of the scan which can take some time. Lastly remove all friends you suspect browse porno sites. Just kidding on the that one these infections come from everywhere, but only open attachments that come from known sources. It's far better to have e-mail settings to be opened one at a time and not automatic. Good luck.
typical geek, up surfing at 5am, lol. Thanks, Mariner, you rock!
Ha! Nana, I thought the same thing. My guess is he went to bed at 5am. Thanks Mariner, I passed your info on. (He will read this when he wakes at 3pm. :)
posted by Molsonator on Aug 21, 2011 at 08:53:39 am #
A second vote for Malwarebytes, which has both free and premium versions. This antivirus software far outperforms any other program I have used, and it successfully removed two stubborn viruses my laptop picked up that other programs could not (Norton, Windows, and WebRoot all failed). As an educator I have to open a ton of files students send me, and unfortunately on occasion a student will unwittingly pass along a virus to me in an assignment (yes, I suppose it could be intentional, but I like to think most people are decent at heart).
Another good program (also free) to download now - while your computer is actually working properly - is RKill. This program has the ability to shut down some of those viruses that hijack your system, and it was a lifesaver to me on several occasions.
posted by historymike on Aug 21, 2011 at 09:39:25 am #
I'm sure it's unrelated to this thread, but yesterday I saw this tweet
WARNING: 44,000+ hotmails, yahoos, facebooks and more leaked by @neatstuffs: http://me.lt/0c0UT
Follow the links, and you can download a blob of text, so you can check to see if any of your accounts are on the list. Regardless, this is why Mariner's advice is good, especially with changing passwords.
I know someone with an AOL account that got hacked. Yeah AOL is so ick but she uses it.
posted by Linecrosser on Aug 21, 2011 at 11:35:18 am #
Nope not a geek, am an early riser (mornings' more peaceful until all the world wakes up.) First puter i ever flew was an IBM mainframe in 1971 so have a bit of history with machines. Do like to see all the black hats put in their place.
Linecrosser posted at 11:35:18 AM on Aug 21, 2011:
I know someone with an AOL account that got hacked. Yeah AOL is so ick but she uses it.
Instead of the AOL e-mail account being hacked, it's possible that the person's contact info was leaked from another website. Amazingly, some websites store passwords in plaintext like Sony. Since some or many people use the same password for every site, it's possible that the password associated with a user's e-mail address at one site may work for that person's e-mail account.
Analysis of the passwords leaked from rootkit.com and Gawker shows that password re-use is extremely widespread, with something like 30 percent of users re-using their passwords.
Some hackers dump things at pastebin. If you scroll down that page, you'll see e-mail addresses and passwords taken from a couple websites. The one site uses plaintext passwords.
Good post jr. Most corporate IT networks demand mandatory change of password every 30,60 at most 90 day intervals with no repeating or even similarity from the previous passw. If you google strong password the advice is good to mix up Caps and symbols with numbers. Seems like a pain but if you make a game of it you can come up with interesting combos that are difficult to crack. Worst ones are correctly spelled words like "welcome." Then you be askin' for it babe.
I'll bet I could totally fool the hackers and make my password "password." They would never guess that one. <runs and hides>
posted by historymike on Aug 21, 2011 at 12:45:43 pm #
Hold on there, HistoryMike. If you use 'password' as your password, what do I get to use?
I had it first... you're just trying to copy. Like always.
posted by madjack on Aug 21, 2011 at 12:54:36 pm # 1 person liked this
I guess you should use Password1 madjack.
posted by Molsonator on Aug 21, 2011 at 02:17:35 pm # 1 person liked this
I got 481 mailer daemon failure notices all at one throw! They were to addresses that I have no connection with. The IP address in the header that was supposed to be mine was not mine. It came back to some bogus website. I have a minimal understanding of what's happening here. My address is a Yahoo - ameritech.net. I did change my email password. Next is Malwarebytes? When you start talking installing in safe mode I'm already baffled. Should I take my machine to my favorite, trustworthy computer guy?
I'd love to install Google Chrome too, but I have to use the Owens Community College network and they won't recognize that browser, or Firefox. Owens IT department has to be the worst of any learning institution. Behind the times, full of bugs (won't let you on with Windows7 and MicrosoftSecurityEssentials) and crashes a lot.
April 2011 story
In a wake-up call to security-complacent Apple users, the first browser to get hacked in the Pwn2Own hacker competition was Apple’s Safari, and it took just a matter of seconds.
Microsoft’s IE 8 fell to hackers later that same day. Firefox and Chrome were not hacked. The Opera browser has such a low adoption rate that it was not included.
Criminals want the biggest bang for their malware buck which means the dominant operating systems, browsers, platforms etc. are always going to be the better targets.
Windows, though it has slipped a little, is still so far ahead in user penetration rates that writing malware for any other OS is still a marginal proposition.
As with operating systems, the ongoing browser market shares have changed little in the past year. IE still takes the lion’s share with the only real contender being Firefox at this point. That said, much of the browser malware is written to hit multiple services.
From the criminal point of view, Google’s Android platform is beginning to look very interesting – particularly as Google does less than the other mobile platforms to test products offered through their market place.
For Apple lovers, the Mac OS and Apple device’s underdog status against PC’s and the Windows OS long served as a hardy defense against criminal exploits. But with predictions that the Mac OS will make stronger inroads, Apple is facing new threats.
This June 2011 black hat hacker discussion shows the one dude prefers to use Chromium -based browsers, specifically Iron.
Holland: If you have time and some patience the Malewarebytes utility is good to keep on your machine. www.malwarebytes.org The install instructions are straightforward just save to desktop or create a new file like "puter utility" and then run from there. It does need periodic updating and use to keep things running smooth. With the e-mail problem the best first solution is to boot your machine tapping the f8 key and your screen will give you prompts. Use the four arrow keys on the keyboard to highlight safe mode and then run Malewarebytes for full scan. You will be prompted to remove entries which are harmful and do it. Make sure you have set a recent restore point and you will do no harm to the operating system. It will be necessary to re-boot machine if anything is found by the utility. If you are receiving that many unsendable e-mails chances are strong you have an infection on your machine. There are several variants to the virus and the e-mail scanning anti-virus has yet to catch up to all of them.
In case your not familiar after you have high-lighted "safe mode" hit enter to start machine in that configuration.
Many thanks Mariner. I did get Malwarebytes (paid for it). Ran it in safe mode ( I had to go to startup-msconfig-boot and select safe mode as f8 function doesn't work in windows 7 pro and the reverse for normal startup). Odd, I had no infections.
If I get another round of returned emails this machine is going in to my computer guy. It wont be the first time he's saved my computer backside. Hubby likes to do some - ahem, cough, ahem, surfing, and worse yet, he and his buddies share things via email.
Lol now i got email from my old AOL account, but then AOL was the most conveluted system that ever was as far as i know.
posted by Linecrosser on Aug 22, 2011 at 09:12:33 am #
Login or create an account to post a comment.