"Discover Cooking, Discuss Life."

Go Back   Discuss Cooking - Cooking Forums > The Back Porch > Off Topic Discussions
Click Here to Login
Reply
 
Thread Tools Display Modes
 
Old 01-18-2007, 12:09 PM   #1
Head Chef
 
lulu's Avatar
 
Join Date: May 2006
Location: England
Posts: 2,039
Please read, re security

I just found out that my email/ebay/paypal etc etc accounts have been violated. I used a variation on the same password for all. I have been advised to tell people on internet forums in case they have done a similarly stupid thing re passwords..as the violation may happen to them too.

While I am sure none of you lovely people are the culprit I am warning you all. Also, I am momentarily without email access, so if anyone contacts me you are not talking to me but my fraudster

When I have a new email I'll let mods/admin know, is that ok?

__________________

__________________
In omnibus amor et iustum
lulu is offline   Reply With Quote
Old 01-18-2007, 12:11 PM   #2
Chef Extraordinaire
 
kitchenelf's Avatar
 
Join Date: Feb 2002
Location: North Carolina
Posts: 19,725
Send a message via MSN to kitchenelf
That is fine lulu - we can change it for you. PM any of us and we will get it done for you. I hate that happened!!!!!!!!!
__________________

__________________
kitchenelf

"Count yourself...you ain't so many" - quote from Buck's Daddy
kitchenelf is offline   Reply With Quote
Old 01-18-2007, 12:14 PM   #3
Head Chef
 
lulu's Avatar
 
Join Date: May 2006
Location: England
Posts: 2,039
Me too! I literally have tears of anger that some one did this, I mean I stopped my card, but its the fact that they have my email account now, can read things that people sent to ME and might be personal, and have my friends' addresses.....grrrrrrr

but, they picked on the wrong person this time.....
__________________
In omnibus amor et iustum
lulu is offline   Reply With Quote
Old 01-18-2007, 01:41 PM   #4
Master Chef
 
SizzlininIN's Avatar
 
Join Date: Sep 2004
Location: USA,Indiana
Posts: 5,023
So sorry lulu! There's probably no way to catch the culprit is there?

Sure it isn't someone that knows you well? I know of a friend and his wife was having an affair and turned out her very good friend helped him tap into her email and messanger accounts because she knew her so well she figured out her passwords. He didn't do anything fraudulent or steal though he just read her emails from and to the guy. Not saying you had or are having an affair..... just the only example I know of where someone tapped into someone elses email/messenger accounts. Neverless.........I'm so sorry your having to deal with this.
__________________
Se non supporta il calore, vattene dalla cucina!
SizzlininIN is offline   Reply With Quote
Old 01-18-2007, 02:19 PM   #5
Head Chef
 
Join Date: May 2006
Location: Spain
Posts: 1,167
Gosh lulu, that's terrible news. I have no idea how these things happen, so it's a trap I could easily fall into too. I had a message inviting me to join another group to do with cooking, but it wasn't at all obvious who had recommended me. I visited the site but decided not to join. I wasn't even too sure about visiting the site, if the truth be told. The Web is a strange place - it can potentially put you in touch with so many other people, like this site, but create suspicion and havoc as well. I hope you manage to get everything sorted out.
Snoop Puss is offline   Reply With Quote
Old 01-18-2007, 02:52 PM   #6
Head Chef
 
lulu's Avatar
 
Join Date: May 2006
Location: England
Posts: 2,039
Oh well, it happened real time as I was emailing it became obvious something was going wrong and I managed to stop my cards immeadiately etc etc. Its my email account that annoys me.....all my address and contact details of people. I kind of hope that the person is a real fraudster, rather than someone who will be bothered to send abusin=ve emails to my address book or something. I'm not sure and it all happened very quickly, but it seems my ebay.co.uk account was violated first then hotmail, so looks like it is a money thing.....so as crds are stopped that's taken care of.

Just have to decide what to do about email etc now.
__________________
In omnibus amor et iustum
lulu is offline   Reply With Quote
Old 01-18-2007, 03:03 PM   #7
Sous Chef
 
Lynan's Avatar
 
Join Date: Jul 2006
Location: New Zealand
Posts: 502
Send a message via MSN to Lynan
Oh Lulu I am sorry!! That must be so distressing.

I have recently downloaded CCleaner to back up Ad Aware and Spybot to hopefully keep these sorts of things from happening. Not sure if even that is a 100 % guarantee but please everybody, make sure you are running something similar as your virus checker does NOT stop these people. It stops virus's only.
I am not a computer literate person by any means, just made sure that I am as well protected as possible. Im sure there is someone here who has great PC knowledge and can enlighten us all further!
__________________
In the book of life, the answers are NOT in the back.
Lynan is offline   Reply With Quote
Old 01-19-2007, 12:02 PM   #8
Sous Chef
 
Join Date: Nov 2005
Location: North Carolina
Posts: 891
I'm so sorry this happened to you lulu but thank you for the warning and advice.
__________________
Fresh Cooking From Your Garden
RMS is offline   Reply With Quote
Old 01-19-2007, 12:26 PM   #9
Executive Chef
 
boufa06's Avatar
 
Join Date: Oct 2006
Location: Volos, Greece
Posts: 3,467
Lulu, sorry for your ordeal but cheer up! It does have quite a bit of educational value that should help you cope with such problems better in the future.

Unfortunately, the situation is probably worse than you think. For sure, it is not wise to use the same password or slight variations for different accounts. Neither is it wise to use simple passwords deriving mainly from your name or the names of your family members, pets, etc. Nevertheless, even if you use strong passwords, you cannot be sure that you will stay out of such trouble forever after. To reach a higher level of security, you need to spend quite a bit of time educating yourself on PC security matters. For most of us, this is easy to say and difficult to do.

Now for the good news. If your email account was merely hijacked, consider yourself lucky. Imagine what would have happened if those who compromised your PC lurked quietly in the background waiting to capture credit card, bank, or paypal account numbers. Then they could do much more damage to you than just reading your email. Seriously, I do think that using sensitive info over the internet is not compatible with a low overall PC security level.

I don't want to get into technical matters most of which are beyond me anyway. I do hope that you find some way in the future to at least minimise potential damage from such intrusions.
__________________
The proof of the pudding is in the eating!
boufa06 is offline   Reply With Quote
Old 01-19-2007, 12:59 PM   #10
Head Chef
 
lulu's Avatar
 
Join Date: May 2006
Location: England
Posts: 2,039
Hi Boufa,

They got to ebay account first! But its ok, for reasons best kept private, apart from my own security on the internet the next ringfence (banks etc) are very secure...so despite having to change email address and bank account details and close paypal and ebay accounts I have not lost any thing else....yet! In fact, I have "people" watching my accounts now, in the hope they will catch the fool....one wrong move and they're caught!
__________________
In omnibus amor et iustum
lulu is offline   Reply With Quote
Old 01-19-2007, 01:06 PM   #11
Assistant Cook
 
Join Date: Nov 2006
Location: Long Island, NY
Posts: 35
How horrible. Thanks for the warning.
__________________
You can't shout down a troll.
You have to starve them.
ttbeachbum is offline   Reply With Quote
Old 01-19-2007, 01:23 PM   #12
Head Chef
 
Toots's Avatar
 
Join Date: Feb 2006
Location: Austin TX
Posts: 1,580
My hair literally raised up when I read this lulu! I have used the same ebay password for YEARS and I changed it today. I'm sorry this happened to you but I'm glad you came here and told us.

I hope they catch whoever did this to you.
Toots is offline   Reply With Quote
Old 01-19-2007, 01:48 PM   #13
Senior Cook
 
ncage1974's Avatar
 
Join Date: Jul 2006
Location: Central IL
Posts: 264
...i deal with this type of thing every day.

I am a computer programmer by trade and deal with every part of computers from building to software. Security is my specialty. So many people get taken by phishing email its alarming. The number of phishing emails have gone up dramatically. No only that you have thinks like keyloggers/trojans/worms/ect. First thing never ever click on a link in an email for account verification for anything your worried about security related....like banks, paypal, ebay ,ect. If they say there is a problem with your account and you think its legit then go to your web browser and type in the web address for the site and navigate to wherever you need to. Never click on attachments in email especially with extensions like (exe, bat, ect). Don't even click on it if you know the person. My exgf wasn't every computer literate and i would get hordes of emails from here because she would click on any attachment and here computer was just full of email virus. So even if you know the person their computer might have been infected. Get a good antivirus program. I recommend kaspersky.... it is definitly the best. But if you can afford it there is a free virus program out there called AVG.

Some other things you can do to help is to run Firefox instead of internet explorer. Yes microsoft has improved security with their latest version 7 but there are things that still concern me. For example....ie7 still allows a web page to read information on your clipboard. Why? I have no clue. This is stupidity to allow this. Im sure there are corporate custumers that use it though. Anyways firefox does not allow this.

I think the direction of the current hacker community is into social engineering. Tricking the user to do something they should not. Only thing i can advise you is to be careful. Look for things that stand out. Even with phishing protection on the newest web browsers...these are not fool proof.

Ncage
ncage1974 is offline   Reply With Quote
Old 01-19-2007, 02:08 PM   #14
Executive Chef
 
boufa06's Avatar
 
Join Date: Oct 2006
Location: Volos, Greece
Posts: 3,467
Quote:
Originally Posted by ncage1974
Security is my specialty. So many people get taken by phishing email its alarming. The number of phishing emails have gone up dramatically.

I think the direction of the current hacker community is into social engineering. Tricking the user to do something they should not. Only thing i can advise you is to be careful. Look for things that stand out. Even with phishing protection on the newest web browsers...these are not fool proof.
ncage, in your opinion as a security specialist, besides phishing and social engineering, what part of the blame should go back to Microsoft and its various software ie. Windows, Internet Explorer, Hotmail, Word, Powerpoint, etc?
__________________
The proof of the pudding is in the eating!
boufa06 is offline   Reply With Quote
Old 01-19-2007, 04:22 PM   #15
Senior Cook
 
ncage1974's Avatar
 
Join Date: Jul 2006
Location: Central IL
Posts: 264
Quote:
Originally Posted by boufa06
ncage, in your opinion as a security specialist, besides phishing and social engineering, what part of the blame should go back to Microsoft and its various software ie. Windows, Internet Explorer, Hotmail, Word, Powerpoint, etc?
You asked a really difficult question here. So this is going to be a long winded answer. Do i think that microsoft has been lax in the past when it comes to security...yes. Generally microsoft to push revenue has tried to push lots of new features with every release. This only makes good business sense for a company trying to generate value for their stockholders. If they release a new version of their Operation System with no new features but only security related things...what will people say? Why am i apaying for bug fixes? So if they don't offer ne features they are paying programmers to update/fix their operating system and not having any new vehicle for revenue generation.

These New features make their software extremely easy to use but at the same time these features make it possible for hackers to fine new portals to attack machines. An example of a feature that makes usability is great but opens up a portal for attackers is allowing HTML (web pages) to be viewed as email. While it allowes interactive emails with animation and things like that it also allows easy attacks on your computer. Then you have the people in the community who are screaming right before microsoft is going to release a piece of software because they have software delays. Would you rather them release it and have all kinds of problems. My theory is its done when its done.

Here is another thing that microsoft has contend with. They have to add this new feature which will help productivity of a lot of its corporate customers and a lot of their customers are requesting it. They find later down the line that this was a bad idea. Well some of their big customers have millions of line of code based upon this technology and spent several million or more on. So do they disable this technology and risk some pretty major law suits probably or keep it open. Well in most cases they keep it open. Yes they can still disable it by default but i guarantee you a lot of users who don't know what they are doing will enable it. This has hit is where we work before :). Now who in the heck thought of allowing a web page to capture user clipboard data must have been half baked when he thought of this idea but microsoft is a big company and stuff can slip by. Im assuming they don't take this out because it would break a lot of systems.

That said microsoft has been a LOT better in the security arena lately. I would say at this point its even tops a lot of companies that you would think would be security oriented. I will give a good example. Oracle a VERY expensive database (multimilion dollar invenstment for companies sometimes) that has been hit lately with several complaints of all the security holes. Microsoft SQL Server i would consider to be pretty good. Microsofts new programming system (.Net) has had some bugs but has been pretty dang stable.

Ok then you hear those stories that the mac is more secure than windows...or linux is more secure than windows which i think are unfounded and here is why:

1) There are way way less linux/mac machines out there than windows PCs. Because hackers know that most users use windows thats where they focus their efforts

2) At least when it comes to Linux...people who generally know use linux know what they are doing. If they didn't they would be using windows. They generally do not fall for some of the simple things that someone without a lot of computer background would fall for.

3) There is no way to protect someone who won't think before they click. I know people who will open an attachment no matter what. That is why a majority of these security concerns exist. Hey if your going to run in front of a car how can i protect you? It all comes down to common sense in a lot of cases.

Ok the last issue i can think of is complexity. Windows and all the software yo use is EXTREMLY complex. It takes years with programming teams of hundreds of programmers to complete these systems. It is IMPOSSIbLE to code something this large and not have bugs. Its just the nature of the beast.

So do i think microsoft should be held accountable legally? No i do not. Now my opinion would change if there was a gaping hole and they just ignored it and left a lot of vulernable PCs open to attack.
ncage1974 is offline   Reply With Quote
Old 01-19-2007, 04:51 PM   #16
Executive Chef
 
boufa06's Avatar
 
Join Date: Oct 2006
Location: Volos, Greece
Posts: 3,467
ncage, thanks for your reply. It sure raises a lot of issues to ponder about. But from all that you have said, I do think that when you advise us as to what and what not to do, there might be room somewhere to mention that even the best efforts of the average DC members may come to no good because of built-in limitations that come with Windows and the standard Microsoft software. I didn't imply even remotely that Microsoft is legally responsible. I only tried to generate some comments by you that would suggest to other members that the problems they face may not be always of their own doing.
__________________

__________________
The proof of the pudding is in the eating!
boufa06 is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off





All times are GMT -5. The time now is 11:21 AM.


Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
×