Please read, re security

The friendliest place on the web for anyone that enjoys cooking.
If you have answers, please help by responding to the unanswered posts.
See posts with no answers
lulu

lulu

Head Chef
Joined
May 29, 2006
Messages
2,039
Location
England
I just found out that my email/ebay/paypal etc etc accounts have been violated. I used a variation on the same password for all. I have been advised to tell people on internet forums in case they have done a similarly stupid thing re passwords..as the violation may happen to them too.

While I am sure none of you lovely people are the culprit I am warning you all. Also, I am momentarily without email access, so if anyone contacts me you are not talking to me but my fraudster :angry:

When I have a new email I'll let mods/admin know, is that ok?
 
That is fine lulu - we can change it for you. PM any of us and we will get it done for you. I hate that happened!!!!!!!!!
 
Me too! I literally have tears of anger that some one did this, I mean I stopped my card, but its the fact that they have my email account now, can read things that people sent to ME and might be personal, and have my friends' addresses.....grrrrrrr

but, they picked on the wrong person this time.....
 
So sorry lulu! There's probably no way to catch the culprit is there?

Sure it isn't someone that knows you well? I know of a friend and his wife was having an affair and turned out her very good friend helped him tap into her email and messanger accounts because she knew her so well she figured out her passwords. He didn't do anything fraudulent or steal though he just read her emails from and to the guy. Not saying you had or are having an affair.....:LOL: just the only example I know of where someone tapped into someone elses email/messenger accounts. Neverless.........I'm so sorry your having to deal with this. :(
 
Gosh lulu, that's terrible news. I have no idea how these things happen, so it's a trap I could easily fall into too. I had a message inviting me to join another group to do with cooking, but it wasn't at all obvious who had recommended me. I visited the site but decided not to join. I wasn't even too sure about visiting the site, if the truth be told. The Web is a strange place - it can potentially put you in touch with so many other people, like this site, but create suspicion and havoc as well. I hope you manage to get everything sorted out.
 
Oh well, it happened real time as I was emailing it became obvious something was going wrong and I managed to stop my cards immeadiately etc etc. Its my email account that annoys me.....all my address and contact details of people. I kind of hope that the person is a real fraudster, rather than someone who will be bothered to send abusin=ve emails to my address book or something. I'm not sure and it all happened very quickly, but it seems my ebay.co.uk account was violated first then hotmail, so looks like it is a money thing.....so as crds are stopped that's taken care of.

Just have to decide what to do about email etc now.
 
Oh Lulu I am sorry!! That must be so distressing.:(

I have recently downloaded CCleaner to back up Ad Aware and Spybot to hopefully keep these sorts of things from happening. Not sure if even that is a 100 % guarantee but please everybody, make sure you are running something similar as your virus checker does NOT stop these people. It stops virus's only.
I am not a computer literate person by any means, just made sure that I am as well protected as possible. Im sure there is someone here who has great PC knowledge and can enlighten us all further!
 
Lulu, sorry for your ordeal but cheer up! It does have quite a bit of educational value that should help you cope with such problems better in the future.

Unfortunately, the situation is probably worse than you think. For sure, it is not wise to use the same password or slight variations for different accounts. Neither is it wise to use simple passwords deriving mainly from your name or the names of your family members, pets, etc. Nevertheless, even if you use strong passwords, you cannot be sure that you will stay out of such trouble forever after. To reach a higher level of security, you need to spend quite a bit of time educating yourself on PC security matters. For most of us, this is easy to say and difficult to do.

Now for the good news. If your email account was merely hijacked, consider yourself lucky. Imagine what would have happened if those who compromised your PC lurked quietly in the background waiting to capture credit card, bank, or paypal account numbers. Then they could do much more damage to you than just reading your email. Seriously, I do think that using sensitive info over the internet is not compatible with a low overall PC security level.

I don't want to get into technical matters most of which are beyond me anyway. I do hope that you find some way in the future to at least minimise potential damage from such intrusions.
 
Hi Boufa,

They got to ebay account first! But its ok, for reasons best kept private, apart from my own security on the internet the next ringfence (banks etc) are very secure...so despite having to change email address and bank account details and close paypal and ebay accounts I have not lost any thing else....yet! In fact, I have "people" watching my accounts now, in the hope they will catch the fool....one wrong move and they're caught!
 
My hair literally raised up when I read this lulu! I have used the same ebay password for YEARS and I changed it today. I'm sorry this happened to you but I'm glad you came here and told us.

I hope they catch whoever did this to you.
 
...i deal with this type of thing every day.

I am a computer programmer by trade and deal with every part of computers from building to software. Security is my specialty. So many people get taken by phishing email its alarming. The number of phishing emails have gone up dramatically. No only that you have thinks like keyloggers/trojans/worms/ect. First thing never ever click on a link in an email for account verification for anything your worried about security related....like banks, paypal, ebay ,ect. If they say there is a problem with your account and you think its legit then go to your web browser and type in the web address for the site and navigate to wherever you need to. Never click on attachments in email especially with extensions like (exe, bat, ect). Don't even click on it if you know the person. My exgf wasn't every computer literate and i would get hordes of emails from here because she would click on any attachment and here computer was just full of email virus. So even if you know the person their computer might have been infected. Get a good antivirus program. I recommend kaspersky.... it is definitly the best. But if you can afford it there is a free virus program out there called AVG.

Some other things you can do to help is to run Firefox instead of internet explorer. Yes microsoft has improved security with their latest version 7 but there are things that still concern me. For example....ie7 still allows a web page to read information on your clipboard. Why? I have no clue. This is stupidity to allow this. Im sure there are corporate custumers that use it though. Anyways firefox does not allow this.

I think the direction of the current hacker community is into social engineering. Tricking the user to do something they should not. Only thing i can advise you is to be careful. Look for things that stand out. Even with phishing protection on the newest web browsers...these are not fool proof.

Ncage
 
ncage1974 said:
Security is my specialty. So many people get taken by phishing email its alarming. The number of phishing emails have gone up dramatically.

I think the direction of the current hacker community is into social engineering. Tricking the user to do something they should not. Only thing i can advise you is to be careful. Look for things that stand out. Even with phishing protection on the newest web browsers...these are not fool proof.
Click to expand...
ncage, in your opinion as a security specialist, besides phishing and social engineering, what part of the blame should go back to Microsoft and its various software ie. Windows, Internet Explorer, Hotmail, Word, Powerpoint, etc?
 
boufa06 said:
ncage, in your opinion as a security specialist, besides phishing and social engineering, what part of the blame should go back to Microsoft and its various software ie. Windows, Internet Explorer, Hotmail, Word, Powerpoint, etc?
Click to expand...

You asked a really difficult question here. So this is going to be a long winded answer. Do i think that microsoft has been lax in the past when it comes to security...yes. Generally microsoft to push revenue has tried to push lots of new features with every release. This only makes good business sense for a company trying to generate value for their stockholders. If they release a new version of their Operation System with no new features but only security related things...what will people say? Why am i apaying for bug fixes? So if they don't offer ne features they are paying programmers to update/fix their operating system and not having any new vehicle for revenue generation.

These New features make their software extremely easy to use but at the same time these features make it possible for hackers to fine new portals to attack machines. An example of a feature that makes usability is great but opens up a portal for attackers is allowing HTML (web pages) to be viewed as email. While it allowes interactive emails with animation and things like that it also allows easy attacks on your computer. Then you have the people in the community who are screaming right before microsoft is going to release a piece of software because they have software delays. Would you rather them release it and have all kinds of problems. My theory is its done when its done.

Here is another thing that microsoft has contend with. They have to add this new feature which will help productivity of a lot of its corporate customers and a lot of their customers are requesting it. They find later down the line that this was a bad idea. Well some of their big customers have millions of line of code based upon this technology and spent several million or more on. So do they disable this technology and risk some pretty major law suits probably or keep it open. Well in most cases they keep it open. Yes they can still disable it by default but i guarantee you a lot of users who don't know what they are doing will enable it. This has hit is where we work before :). Now who in the heck thought of allowing a web page to capture user clipboard data must have been half baked when he thought of this idea but microsoft is a big company and stuff can slip by. Im assuming they don't take this out because it would break a lot of systems.

That said microsoft has been a LOT better in the security arena lately. I would say at this point its even tops a lot of companies that you would think would be security oriented. I will give a good example. Oracle a VERY expensive database (multimilion dollar invenstment for companies sometimes) that has been hit lately with several complaints of all the security holes. Microsoft SQL Server i would consider to be pretty good. Microsofts new programming system (.Net) has had some bugs but has been pretty dang stable.

Ok then you hear those stories that the mac is more secure than windows...or linux is more secure than windows which i think are unfounded and here is why:

1) There are way way less linux/mac machines out there than windows PCs. Because hackers know that most users use windows thats where they focus their efforts

2) At least when it comes to Linux...people who generally know use linux know what they are doing. If they didn't they would be using windows. They generally do not fall for some of the simple things that someone without a lot of computer background would fall for.

3) There is no way to protect someone who won't think before they click. I know people who will open an attachment no matter what. That is why a majority of these security concerns exist. Hey if your going to run in front of a car how can i protect you? It all comes down to common sense in a lot of cases.

Ok the last issue i can think of is complexity. Windows and all the software yo use is EXTREMLY complex. It takes years with programming teams of hundreds of programmers to complete these systems. It is IMPOSSIbLE to code something this large and not have bugs. Its just the nature of the beast.

So do i think microsoft should be held accountable legally? No i do not. Now my opinion would change if there was a gaping hole and they just ignored it and left a lot of vulernable PCs open to attack.
 
ncage, thanks for your reply. It sure raises a lot of issues to ponder about. But from all that you have said, I do think that when you advise us as to what and what not to do, there might be room somewhere to mention that even the best efforts of the average DC members may come to no good because of built-in limitations that come with Windows and the standard Microsoft software. I didn't imply even remotely that Microsoft is legally responsible. I only tried to generate some comments by you that would suggest to other members that the problems they face may not be always of their own doing.:)
 
You must log in or register to reply here.

Similar threads

Just Cooking
Copy Me That Data Breach
Replies
8
Views
6K
Ababy
A
Whiskadoodle
Recipe-- Saved—Duly Copy and PASTED??
2
Replies
21
Views
3K
Cerise
C
CWS4322
Lunch ideas
Replies
1
Views
2K
Alix
Alix
M
Greetings
Replies
9
Views
1K
garlicjosh
garlicjosh
Callisto in NC
The Jobless Thread
Replies
11
Views
2K
MexicoKaren
MexicoKaren

Latest posts

Back
Top Bottom