Tuesday, August 03, 2010
Hacked inbox, the sequel
In my post of 6-7-10, I reported that my Yahoo account had received a chunk of delivery failure notices that alerted me that a batch of spam emails had been sent to my contacts from my inbox; thank goodness for the dead addies it turned out that I still had in my address book, because the heads-up their delivery failures gave me is what alerted me to the hack and allowed me to take the correct action quickly.
When a delivery failure notice appeared in my OTHER Yahoo account today, my blood pressure shot up... rightfully so, because it WAS in fact proof that that account had also been hacked. Either this was a different hacker or they'd refined their technique...
It just now occurred to me that the fact that I saw emails with dates from 2 years ago in my Trash folder as part of the nightmare of the original hack probably meant that the hack program was trying to delete my inbox, and the sheer volume of emails bogged it down, or it timed out, or whatever... thank God for the failure notices, or I could have lost who knows how many old emails. !!!!!!!!!!
OK, so, the current hacker did NOT delete my Sent or Trash folders; they ONLY deleted their own emails from my Sent and Trash folders.... if I hadn't gotten the delivery failure notice, I'd literally never have known I'd been hacked. There was another difference, too; NOT all my contacts were used, because if they had been I'd have gotten a spam email to my primary account.
Which brings me to my husband's recommendation for hack detection; put your own email addies in all your contacts lists. As I saw, though, apparently some hackers don't use ALL the contacts, so... have some dead addies in there, or even make up fake ones, like nospam@spammersreallysuck.com, so that you'll get those crucial delivery failure notices.
And; do NOT use your email passwords for anything else, especially when you sign up on unknown sites.
AND; make sure that your passwords to already-hacked sites like Twitter and Facebook don't get used for anything important.
I hope this is the end of it...
When a delivery failure notice appeared in my OTHER Yahoo account today, my blood pressure shot up... rightfully so, because it WAS in fact proof that that account had also been hacked. Either this was a different hacker or they'd refined their technique...
It just now occurred to me that the fact that I saw emails with dates from 2 years ago in my Trash folder as part of the nightmare of the original hack probably meant that the hack program was trying to delete my inbox, and the sheer volume of emails bogged it down, or it timed out, or whatever... thank God for the failure notices, or I could have lost who knows how many old emails. !!!!!!!!!!
OK, so, the current hacker did NOT delete my Sent or Trash folders; they ONLY deleted their own emails from my Sent and Trash folders.... if I hadn't gotten the delivery failure notice, I'd literally never have known I'd been hacked. There was another difference, too; NOT all my contacts were used, because if they had been I'd have gotten a spam email to my primary account.
Which brings me to my husband's recommendation for hack detection; put your own email addies in all your contacts lists. As I saw, though, apparently some hackers don't use ALL the contacts, so... have some dead addies in there, or even make up fake ones, like nospam@spammersreallysuck.com, so that you'll get those crucial delivery failure notices.
And; do NOT use your email passwords for anything else, especially when you sign up on unknown sites.
AND; make sure that your passwords to already-hacked sites like Twitter and Facebook don't get used for anything important.
I hope this is the end of it...