The Ever Growing 'Email Hacked' Problem
Some time back I started receiving emails with no subject and just a link in the body of the message. The link is usually a 'shortened' link so I have no idea where that link would take me if I was foolish enough to click it. The email appears to come from someone I know or have had contact with in the past.
So what is going on here? It is probably one of two things. The sender's computer has been compromised or what is more likely, the sender's email account has been hacked. A remote third possibility is spoofing, but since the user's address book is being used to send the spam emails, this is unlikely.
It Gets Worse!
The hackers now take over the user's email account. They may do one or more of several things. They may put an email forward on the account. Now if recipients who try to warn the account holder that a spammer is using their account to send spam, the email goes to another account and the account owner never sees the warning. The hacker may change the account password and the secret questions to the account so the account owner can no longer access the account and may never regain access.
So now if the account owner has not downloaded his contacts and messages to his/her computer, all is lost.
So how did all of this happen? The most likely scenario is the account owner had a weak password on his/her account that the hacker was able to break. So many folks use an easy password because they want o remember it without much trouble. Even worse they use the same password for every site that requires a password. So once the hacker breaks the email password, the scoundrel now has access to a lot of other sites!
Another way the hacker could get the password, there is a Trojan/keylogger on the user's computer. So even if the user has a very strong password, everything the user does is sent on to the hacker by the Trojan/keylogger.
The days of carefree web surfing and easy to remember passwords are over! Now we need industrial strength security software and really difficult passwords. The password situation requires users to get and use a password keeper. There are some really good free keepers available.
So if you care about your email account with all of the messages and contacts, then get busy and secure it with a difficult to guess password.
Here is a list of sites for passwords. Not exactly light reading, but important!
- Choosing a Pretty Good Password
- Microsoft Online Safety
- Microsoft's Password Checker
- Microsoft's Guidelines for Passwords
- Another site to check out your password, Password Meter
- This site has a chart on how long it would take to crack a password based on # of characters.
- Never Use These Passwords
- Ask Leo What's a Good Password
- How I'd Hack Your Email Account