“But, I just opened an email from a friend of mine and…” The first indication that anything was wrong was when you got a call from a friend of yours complaining about an email he’d just received from you. “Your email account must have been hacked because I really don’t believe you meant to send me an ad for Viagra. “ The second indication was you received a slew of undeliverable emails that were returned and you hadn’t sent any of them. You blushed to read some of the messages. What had happened?
Of late, the MO for these attacks seems to be sending an email from one friend to another and including, not a virus itself, but a link to website that has the infection. But you say, “Friends don’t spam friends”. The subject line of the email can be something as innocuous as “hey” or “hello”. Once you open the email, you’re enticed to go to the infected website with a line like “Wow, look at this”. If you close the email and delete at this point, you’re OK, but once you click the infected URL, the deed is done. Once that happens you’re part of the chain., sending bogus messages of your own.
You’ve been hacked or at the least, one of your friends has been hacked. In the case of a friend being hacked, he may be sending out spam using names from his address book (you) as the sender. This is not quite as bad, since your PC is not compromised, but it can still be embarrassing. But let’s assume you have been hacked. The first thing you need to do is change your email password and quickly; the thing worse than having your password hacked is having your password changed. Now you can’t get into your account, but the hacker can. The only way out of this dilemma is to talk with your email provider. In the case of Bellsouth (att.yahoo mail) that’s easier said than done. You’ll also have to convince them that you are the real owner of the account (SSN, security questions, date of birth, etc).
Once your password is changed you’re safer, but not done. Do yourself a favor, go ahead and choose a safer password this time. Now you understand why you don’t want to use the same password for all your accounts, especially important ones like email and banking. Now check all the other settings of your email account. For example if it allows forwarding, make sure no one is forwarding to their account without your knowledge.
Now run your regular antivirus scan to see if any malware was installed. I also recommend running some other cleanup tools like MBAM that I’ve described in previous columns. Super-Antispyware is another good free cleaner of malware. You’ll want to monitor your emails closely for a while and look for any suspicious incoming or outgoing.
Till next week, send your questions to:
geekspeak@mchsi.com & See GeekSpeak by Jim Hall at http://hallsts.com where you may comment directly on my blog
Written by Jim Hall. Email your questions to geekspeak@mchsi.com . You can find Jim online at HallsTrainingSolutions.com