Gimnicher Computer Services
  • Home
  • About
  • Testimonials
  • Technology Blog
  • Newsletters prior to 2015
  • Remote Support
  • Contact
  • Search this Site

Email Hacked

3/8/2020

0 Comments

 
Over the past two weeks, I’ve had two customers hacked in very similar ways. Both involved the hacker gaining access to my customers’ email accounts and then sending emails out to all of their contacts. One was a sbcglobal.net account and the other was an att.net account. Both these email systems are actually implemented by Yahoo, so really they were both hacks of Yahoo accounts.

In the first case, my customer was pretty sure that she fell for a phishing attack in which she thought she was entering her email password for a legitimate reason (securing her account), but really she was entering her password on a forged website made to look legitimate. In the second case, my customer had no idea how the hacker got her email password. Yahoo has had several massive attacks where accounts and passwords were stolen, so perhaps that is how it happened. 

In the first case, this is the email the hacker sent out from my customer’s account:

Subject: Favor…..<customer’s name>

Hi there,

I need a favor from you. I’d appreciate if you could email me back asap.

Thanks
<customer’s name>

If replied to, this was followed by: 

I need to get a Nordstrom Gift Card for my Nephew, Its his birthday but i can't do this now because I'm currently traveling. Can you get it from any store around you? I'll pay back as soon as i am back.

Kindly let me know if you can handle this.

<customer’s name>

In the second case, this is the email the hacker sent out:

Subject: Help…...<customer’s name>

I hope your week is going great? Actually, Please I need to get an eBay Gift Card for my niece, its her birthday but I can’t do this now because I’m currently traveling, Can you help get it from any store around you? I’ll pay back as soon as I am back. Kindly let me know if you can handle this so I can tell you how much to get.

Thank you so much,

<customer’s name>

If the victim (i.e, the person receiving the email) falls for this, the hacker will then ask for the gift card numbers after which they can easily drain the gift card of it’s cash value.

Upon being contacted by my customers, here is what I did and what you should do should this happen to you:

1) Via any web browser, log into your email account
2) Change the password. If you used the same or similar password on other accounts, change them there too. Pick great passwords!
3) Check all your email settings to make sure they are correct. In particular:
  • Check the reply to field to make sure it is your email address
  • Check if an automatic forward or automatic reply has been set (if you can’t find these settings, you may need to change your email view to basic; this is the case on Yahoo)
  • Check email rules and filters to make sure none have been set
  • Check your signature if you have one
  • Check your account recovery information
  • Add two factor authentication
  • Change the answers to your security questions so that they are false. You should do this here and everywhere. It can simply be done by adding another word to the end of your security question answer.
4) Email all your contacts and let them know you have been hacked and to ignore any emails asking for gift cards or looking unusual in any way. Encourage them to call you if they receive a strange email from you before replying to make sure it really came from you.

In my customers’ cases, I found the following settings:
  • Every email was automatically forwarded. In one case, a gmail account had been created in the customer’s name to receive the forwarded emails
  • A rule with the name of “.” was created to move every received email into either the Archive folder or the Trash folder
These settings meant that every email my customer received would be sent to the hacker and deleted from my customer’s inbox.

This hack can happen to anyone. Be vigilant in case it happens to you!
0 Comments



Leave a Reply.

    Author

    Hi!  This is Steve. I've created this blog to share technology information relevant to you: the home or small business user of computers and mobile devices.

    Archives

    January 2023
    November 2022
    June 2022
    October 2021
    June 2021
    November 2020
    September 2020
    August 2020
    June 2020
    May 2020
    March 2020
    February 2020
    January 2020
    December 2019
    October 2019
    September 2019
    August 2019
    July 2019
    June 2019
    May 2019
    April 2019
    March 2019
    January 2019
    November 2018
    October 2018
    September 2018
    June 2018
    May 2018
    April 2018
    March 2018
    January 2018
    December 2017
    November 2017
    October 2017
    September 2017
    July 2017
    June 2017
    May 2017
    April 2017
    March 2017
    February 2017
    January 2017
    December 2016
    November 2016
    October 2016
    September 2016
    August 2016
    July 2016
    June 2016
    May 2016
    April 2016
    March 2016
    February 2016
    January 2016
    December 2015
    November 2015
    October 2015
    September 2015
    August 2015
    July 2015
    June 2015
    May 2015
    April 2015
    March 2015
    February 2015
    January 2015

    Categories

    All

    RSS Feed

    Subscribe to our mailing list

    * indicates required

This site follows Gimnicher Computer Services’ standard Privacy Policy and Terms of Use.
​Redwood City Business License Tax # 48438

Copyright © 2015