Email hacked + Why?

[AlamoShooter]

So I got an email from a friend that I haven't talked to in a while but we will be shooting the same event next month

So I clicked on his suggested link = Dang !*! Some spam Viagra sounding stuff.

The next hr I got another one from one of his close friends in the same town.

Today I have people calling me on the phone to say = You Got Hacked!

Why? did they hack my email ? was it to steel my address book to sucker people to look at the add and bump up the hits ? Or is it something more sinister ?

[Classic_jon]

If your friend had an Address book then it may not have come from you.

When you clicked on the link, it told them that your e-mail address was a valid e-mail and then they take that information and run with it.

What a lot of Spammers are doing is putting your e-mail address that they got from your friends address book in the "reply to" address of the e-mail. If I wanted to I could put spam@spamer.com as the reply to address on my mail client at work and it would send the e-mail out with that as the reply to address. It is not that hard to do with the way e-mail is set up right now. This is why a lot of people are pushing for the "rules" on e-mail to be changed. The system and methods as they sit right now were never really designed to deal with Spammers.

The only way to find out if it is "you" is to have someone that knows computers, and what to look for, look in the e-mail "header." The Header will tell you what e-mail server and potentially what e-mail address it is coming from for real. As an example, At my office my mail server gets Spam from 50 different "reply to" addresses all over the united states, but when you look at the headers, it all is coming from one spammer server in Argentina.

I know you are probably gun-shy about links right now but, for more information on E-mail headers http://whatismyipaddress.com/email-header

Edited May 10, 2012 by Classic_jon

[Graham Smith]

To elaborate on what has already been said, there are two types of "stealing" going on.

One is called "spoofing" where they take a valid email address and use it as a return address for mail sent from a different account. This is the most common type of "theft" because it's very easy to do.

The other kind is where someone actually cracks your email account. This seems to happen frequently to Yahoo accounts which is why it is a good idea to use a strong unique password if you are using any of the common free email services. There are a lot of tricks but the simplest thing is to use a passphrase you can remember but mix up the upper and lower case and substitute some numbers and symbols for letters. Simple example:

bR1@nEn0$f0rUMr0cK$

Edited May 10, 2012 by Graham Smith

[sdm74]

My mom has terrible problems with her aol email.

she closed everything, and I still get bogus email from there at her address.

[gose]

The only way to find out if it is "you" is to have someone that knows computers, and what to look for, look in the e-mail "header." The Header will tell you what e-mail server and potentially what e-mail address it is coming from for real. As an example, At my office my mail server gets Spam from 50 different "reply to" addresses all over the united states, but when you look at the headers, it all is coming from one spammer server in Argentina.

Not even the headers will tell the whole tale a lot of the time, since spoofing the "Mail from:" is about as easy as setting a "Reply to". The use of open relays or hacked servers on "known" domains also makes it harder to track down where it's really coming from.

Three tips to keep your accounts and computers safe:

a ) Use strong passwords. You are way less likely to get your accounts hacked if you come up with some really good passwords and write them down a note you stash somewhere in case you forget.

b ) Dont reuse passwords for different accounts

c ) Dont use that poor excuse of an operating system from Redmond, if you absolutely have to, stay away from the shitty email client and browser that come with it.

Edited May 10, 2012 by gose

[AlamoShooter]

Thanks Guys

I went to a computer outfit that has helped me in the past. He did not think that I had much of an email problem - it looked like the spoof thing to him. He got my unit and screens looking good with a program called "Unhide"

But I did do the better pass word. my old one was kinda week with just one # in it. Now I used #s and spelled a word back-wards in it.

What looked the worst about my problem was an email with an invoice attached that was sent to me was delivered to a friends email. The friend forwarded it to me so I still got it. and that happened all before I changed my email.

[3quartertime]

Moved for archival purposes.