Your Email has been Hacked!

When I first wrote this it was to help inform a couple of people about email getting hacked. This is happening more and more. My recommendation is the same, but now I have to add the caveat that you need to know where your browser is taking you. I've had "IT" people get their email passwords captured by a number of different methods. (The methods could be whole articles themselves.) Use a program like keepass to keep track of your passwords on sites. Keep them different, and change them every couple of months.

ORIGINAL -- Recently I have had a number of friends and some customers complain about their email being hacked. A lot of it has been AOL (I'm not pointing the finger) and some of it has been Gmail. I decided to write this to point out what I've discovered, and to educate people about the causes, concerns and probably change some of the behavior.

A good friend of mine Dick R. was the one that really got me digging into this, and I promised him that I would post my information. Dick got an e-mail which he inadvertently opened and it launched a website on his home system (which he, as most home users are, is an administrator). The website then quietly launched another browser session and opened AOL, and captured both his email, the password and his contact list. Dick went on vacation for a week, when he got home his friends all told him he was spamming them. I haven't seen the application or the website, so I can't tell you exactly what was done. But we have discovered this much -- his email was hacked.

What happened next is even more insidious. Every one of Dick's friends in his contact list got an email, the same one Dick got. Telling them to go to such and such website to purchase pharma. The email suggests that "s*x must be great in Canada!" and promotes a Canadian Pharmacy. There is even a link that takes you to the Canadian Pharmacy. Except none of this is really in Canada.

Here's the Truth about this.

  1. The Website is FAKE. It isn't even hosted in Canada. It is in the Netherlands.
  2. The owners well they appear to be in Russia -- but we aren't sure of that.
  3. The site is selling all the "s*x drugs. (You can guess the names -- I just don't need this site associated with them.)
  4. They have a functioning order taking system -- it will charge your card if you make a purchase. Just don't ever plan on getting any pharma. And you may start getting other charges for stuff you didn't really order.
  5. The Website URL changes a lot, almost daily, I suspect it is getting reported often, so they would have to do that to stay ahead. It changes to names like: kilretnud.com, ruxbeehlo.ru.gg to name a couple.
  6. The site says it's endorsed by the "Canadian Board of Pharmacy," WOW. I checked, there is NO Canadian Board of Pharmacy or Pharmacists.
  7. I also checked Dept. of Commerce and there is no HQ for the company in Mobile. LA, or Canada, eh.
  8. A google map search showed that there is no building at any of the 3 addresses they list as offices. One of the areas, the address doesn't even exist, and another area is all residential. Okay, no 10 story hi-rises there.
  9. The website uses an HTTP address and not an HTTPS address. (Red Flag for me)
  10. There is no contact phone number listed anywhere on any of the webpages, nor in any of the phone directories I tried. 3 huge offices and NO phone. I think not. SCAM.
  11. The only contact is via an email form.
  12. Fortunately, all of Dick's contacts weren't all deleted. This has happened to other victims of this same SCAM, email is hijacked and then all the contacts are deleted. In some cases the perpetrators get the account deleted.

So now Dick is dropping AOL and getting a new email address; he is telling all his friends that his email was hacked, re-adding all his contacts. And spending some extra time with his banks to make sure that he keeps all of his money. And I'm wiping some of his computers to make sure there are no traces of this. As I find out more, I'll update my information here.

Why is all of this important?
Just as you wouldn't go walking in a "bad" neighborhood alone at night. Don't go surfing in a bad neighborhood. How do you know if this is a bad neighborhood? Good question. Here is what you need to learn, know and do.
Learn

  • Learn who you are doing business with. Check them out. Don't make a huge purchase with a new business unless you are willing to cancel your credit card, and loose some money.
  • Do commerce with known systems behind them, paypal, amazon, google-checkout.
  • Learn how to contact them if there is a problem.
  • Learn if other people are having problems.
  • Learn how to setup filter rules for SPAM.
  • Learn how to send out emails without including everybodies email in the body of the message. Delete them.
  • Learn how to send BCC email (Blind Carbon Copy)
  • Don't give out personal information unless you know who is getting it.
  • Learn the return policies of companies (if they don't have one, don't buy.)
  • Learn how a personal firewall works, install one. Get a good one, from a reputable company.

What you need to Know

  1. Organized Crime is on the Internet. They want your Credit Card data, your personal information, your money. Stay away from websites in other countries. China, Russia, Korea, Taiwan are some examples. Unless you know why you are there and what you are looking at.
  2. What the .ru, .tw, .gg, .ch mean.
  3. Emails that tell you to send this to 15 friends are designed to do one thing, CLOG the Internet.
  4. How to read the URL or where a link goes, mouse over it and see if the names match. http://Not.the.same.website.com Mouse over this link and see what the status bar shows. Click on it.
  5. Whoops -- gotcha on that last one. Know where a link is going before clicking.
  6. HTTP or HTTPS? HTTPS means that the site is (S)ecure. To get an HTTPS the company had to purchase a certificate from an authorized company. VeriSign, Thawte, Geotrust, DigiCert or create there own. If they created their own, make sure that the Company Name, matches who you are doing business with, make sure the websites match. NEVER, and I mean NEVER stay on a site that you don't know, and doesn't match the name of the site. This one is http://vconsult.us which is the vConsulting Group, okay close enough. If you go to http://vtechnology.org you will get this same site. Yes, that is the way it is meant. But don't purchase anything from vtechnology.com -- the websites don't match. I don't mention vtechnology on my site (Not yet, anyway!).
  7. NEVER give your credit card information to an HTTP: website. HTTPS: that's okay.
  8. Don't open emails that you don't want, didn't ask for, or are even slightly suspicious of.
  9. When you purchase a new computer INSTALL Anti-Virus software. Immediately, this wouldn't have stopped Dick's problem, but it sure helps. By the way he has AV software. We are getting him better protection.
  10. Use the filtering in your email to filter SPAM away from you, delete it, quarantine it.

Okay, so what do you need to do?

  • Don't let your browser store passwords. It is a pain, but you need to remember them, or get an application that will store them encrypted.
  • Keypass is a good application to store passwords, or write them in a book.
  • Don't forward email to groups of people. Nobody got rich sending a message to 15 friends. If you need to bless your friends, pray for them, or send a simple, "Hi, I was just thinking about you." Say something original.
  • Don't use the same password on every site. Here is something I do, and it is easy. Use the name of the website and add a personal phrase together to form the password key. This is an example of my key. Phrase = N0way! Website=Amazon. My password would be="N0way!+amazon", Website=Borders, Password="N0way!+borders", Website=Gmail, Password="N0way!+gmail" Hopefully, you get the idea. It's easy and I don't have to write anything down.
  • Change your password every 3-4 months. Make that a habit.
  • Don't do your banking at the library on a common computer.
  • Keep your computer up to date with patches and virus definitions.
  • Please don't launch those games that come through email. Remember the snowball fight --- one of the versions had a virus. How about the Wack-a-Mole, it had a system to control your computer.
  • It is time to upgrade to a newer OS, Windows 7 is out and I would recommend purchasing it, or switch to a Mac or Linux. But you need to educate yourself. XP is still good, but maybe it is time to start thinking about a new computer.
  • Contact the Credit Companies (Experian and the like) put a freeze on your credit reports. Unless you are planning on buying something huge, or applying for a credit card. That way someone else can't take a loan out in your name and buy a house.