, , , , , ,

What do you do when you or someone you know has been hacked or spoofed?

Email accounts can be hacked or spoofed

Email accounts can be hacked or spoofed

I’d like to tell you that I’ve never clicked on a link I shouldn’t have clicked on, but that would be a lie. Do you realize that even a close friend can accidentally give you a virus with an innocent suggestion to download a screensaver, sign a petition, watch a video or read a joke? I’m likely more cautious than many, but a lawyer’s recent predicament from a common phishing scheme made me realize that I’ve actually not been cautious enough! See this ABC News video or read the article about the lawyer but the ugly facts are:

  1. He clicked on a malicious attachment.
  2. $289,551.00 was withdrawn from his bank account.
  3. He’s (probably) not getting his money back!

Combine this with the fact that last week, 6 of my contacts had their address books accessed and all of their contacts, including me, got phishing emails. I needed to get a deeper understanding with additional lines of defense.

I learned my 6 breached contacts all use America Online (AOL) and their accounts were “spoofed,” not hacked. Your account has been spoofed when contacts receive emails that appear to originate from you but actually come from someone else’s email account. Your name and (possibly) your email address appear in the “From” field even though the email was not sent by you. Since spoofers send malicious links and attachments, recipients are put at risk when they open these.

I've blocked out her name for her protection, but this is a recent email I got from my friend, Bonnie

A recent phishing email I received from a contact who is also a friend

What should you do if your email is spoofed? (or what should you tell your contacts if you receive a spoofed email with their name on it)

1.  Change your password and make it a good one

“Gotta treat your password like your panties: make ’em exotic, keep ’em secret & change them often!”

2.  Report the email as spam

3.  Delete your email address from your address book

  • I don’t know why AOL makes this suggestion but I did it anyway. After all, I know my own email address.

4.  Scan your computer for viruses and spyware – even on an Apple device

  • There was a time when viruses on Apple products were unheard of, but times have changed. Cyber criminals are more sophisticated and while Microsoft operating systems are more susceptible to infection than Apple’s operating system, Mac users are at risk too. I confirmed this with regular and senior technical support advisors at Apple.
  • In addition to computers, devices such as Androids, iPhones, memory sticks (USB drive) and even cameras are at risk.

After hours of research, I installed a security product and ran a scan on my devices. My smartphone was clean, but the news was not so good for my MacBookPro. See below:

Sadly, my anti-virus program located 9 threats on my MacBookPro

Sadly, my anti-virus program located and removed 9 threats on my Mac

I researched the threats to try to figure out how they got onto my Mac:

  • I accidentally installed Genieo, adware that tracks and guides activity to commercial sites and deals
  • I unknowingly installed adware with YTD, a free app for downloading YouTube videos. I deleted the app but I needed the antivirus software to remove the adware it left behind
  • I can’t be sure how I ended up with Trojan.GenerickKD but this type of virus comes from a program that imitates another well known program or from a program that has or pretends to offer a useful service such as a screensaver, an application update etc. Once installed, the Trojan goes into action with functions ranging from nuisances such as changing desktop icon positions, to more serious ones such as disabling keyboard or mouse to destructive actions such as stealing data or erasing files. My Trojan may have originated from DocuSign, an online service I’ve used several times.

How do you know if your email account has been hacked?

  • You can’t access your email
  • You see emails you didn’t send in your deleted or sent mail
  • You see MAILER-DAEMON rejection notices for emails you didn’t send
  • You see contacts you didn’t add
  • Contacts are missing
  • Account folders are empty or missing
  • You get an image challenge when you try to sign in or send email
  • Some emails you send are not accepted and returned
  • You go offline while signed into your account
  • Your display name has changed
  • Your email signature has a link you didn’t add
  • You’re not getting new mail

What should you do if you suspect your email account has been hacked?

1.  If you can access your account, change your password and your security question(s)

2.  If you can’t access your account:

  • Follow directions from your mail provider’s site
  • Change your password and security question when you regain access

3. Notify your contacts and suggest temporary caution with your emails

4. Review email settings/signature to confirm absence of malicious links

  • Identify link addresses by hovering over links
  • Delete unrecognized forwarding email addresses
When I hovered over the link, it was clear it did not come from USPS

Hovering over the label link revealed a non-USPS address. The lawyer who had money stolen would have benefited from this example I shared several years ago, right?

5.  Hopefully you don’t store sensitive account information in folders but if you do, change user names and passwords on those accounts

6.  Scan your PC, Mac, Tablet or phone with an updated anti virus program

7.  Monitor your email account as well as all other financial accounts regularly for signs of breach and trouble

8. Monitor your credit via a paid service or by getting as many as 3 free credit reports per year. You may request one per year from Experian, TransUnion and Equifax.

In addition to virus protection, I installed safe browsing add ons to my Chrome and Safari browsers. Safe search results get a green light and I’m noticeably warned before entering a risky site. I also get other information such as who’s tracking me.

A green, yellow or red traffic light lets me know if it's safe to go to a given site

A green, yellow or red circle lets me know if a site is safe or not. I get additional information such as  who’s tracking me as I surf

 

I’m given a hard-to-miss warning regarding a risky site I’m about to enter. I don’t enter it to be safe!

The lawyer who’s $289,551.00 poorer is proof of the seriousness of a simple misstep. Armed with new knowledge and new protection tools, I feel more confident about my online safety. If you’re reading this, I’ve shared my knowledge with you. In turn, please help educate others by sharing this information so more people can avoid the serious consequences of cyber criminals.

Until next time,… Stay Cyber Safe!

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *