"Me time," ahhhh...
So there you are, dinner is over, the night is winding down, the kids are settled, and you’re going to get in a little “me time” with the computer. Maybe do a little online shopping, catch up with family and friends on Facebook, perhaps tend your crops in Farmville or finish up that long neglected game of Scrabble. Into the comfy chair you go, kick off the shoes, and ahhhhh…
But hello, what’s this?! Why are all your friends emailing to tell you that you’ve been sending them spam?!
Chances are your mail account has been hacked and a spambot is using it to send spam messages out, not only to your contacts, but potentially to thousands of others as well! Hackers use a variety of techniques, including phishing and social engineering, to trick you into handing over email account passwords or even causing you to unwittingly infect your own computer with trojans, worms, or other viruses that give the hacker control of, and from that vantage point, access to your email account. This problem is rampant in the AOL mail, Yahoo mail, and Hotmail communities, but is not limited to those domains and can also be seen in gmail, comcast, and verizon email accounts as well.
STICKYFIX Solution: Don’t let email hackers and spambots ruin your night (or your reputation depending on what kind of spam the bot is pushing). Here’s how to immediately take control of the situation, recover your email account, and secure it from future attacks. We’ll take it in that order, follow me…
- Take control – Check your system for viruses, trojans, or malware. One of the ways bots can get into your mail account is by using a type of virus called a key-logger that captures your email password and transmits it back to the bot. Checking for and eliminating local infection is important because further recovery steps may prove ineffective until the “spy” has been eliminated from your computer. In addition to performing a full system scan with up-to-date antivirus software, I also highly recommend that you install at least the free version of Malwarebytes and run a full scan with that as well. If either your antivirus or Malwarebytes reports finding anything suspicious, use those tools to fix, quarantine, or remove the offending elements. Now here’s the important part: If you do find and eliminate one or more bad guys, don’t rest on your laurels yet. Instead, completely shut down your computer and wait about five minutes then restart your computer and run both scans again. If you come up clean the second time around, you’re probably in good shape and can continue to the next step. However, if you again find viruses, trojans, or other malwares, this persistence may indicate the presence of a far more sophisticated type of virus called a rootkit. In this case I would recommend that you hire a professional computer service technician who has the tools and experience for dealing with this specific type of threat. One last thing before we move on: If you access your email account from more than one computer, it is important that you scan them all as described above. You may find yourself with multiple infected computers and it only takes one to recapture and transmit your new email password back to the bot!
- Recover your email account – Okay, Whew! *wiping brow*, you’ve made it to step two, so I’m going to take it that you were successful with step one. Congratulations! This next step is fairly straightforward but requires that you know the password for your email account. (don’t laugh, you’d be amazed at how many people type in their password once, click the “remember my password” button, and then promptly forget it). In this step you need to change the password on your email account. By doing so, you lock out the spambot as it has no means of recognizing the new password (thanks to step one) and so you have stopped the flow of spam. If you know your password, you can usually log into the webmail interface for your mail provider and change to a new password. If you don’t know your old password, you may be able to use a password recovery or password reset wizard that will send you new information via email, or you may need to get assistance from the tech support organization for your mail provider. Assuming you do have access to your account, go ahead and change your password, but before choosing a new password, read forward into step three about dictionary attacks and the importance of strong passwords.
- Secure yourself from future attacks – simply changing your email password and doing nothing else may temporarily solve the problem, but leaves you vulnerable to repeat attacks with similar results. There are measures you can take to protect yourself, your email account, and the people in your email address book. First, use strong passwords. A strong password is typically made up of six or more characters and includes both uppercase and lowercase letters as well as numbers and special characters such as @, %, or &, if supported. Strong passwords are less vulnerable to “dictionary attacks” where the hacker or bot works its way through a list of common passwords or other relevant word lists. As you might imagine, having a password of “password” or “password123” is far more guessable than a more random combination of words and numbers such as “Josie200doG”. The important thing is to come up with a password that’s easy to remember but hard to guess! In my case, Josie is my dog and 200 is my house number. You can see it would be easy for me to remember, but very difficult to guess! Another common way hackers gain access to your computer or email account is through social engineering. Social engineering refers to a form of trickery that plays on your values and trust. For example, you may get an email telling you your shipment from Amazon has been billed to your credit card and will be arriving next week and offers you access to a tracking website. The tracking website is a fake, but gets you to “log in” using your email address and password. Of course, if you fall for it, you’ve just handed your password over to the hacker and so, let the spamming begin! Why is this so effective? Well, if you actually are expecting a package from Amazon, your defenses are down, but if you’re not expecting a package you might think that there’s been some mistake, and you need to get it corrected because you didn’t authorize them to bill anything to your credit card! Either way, you find yourself logging into the fake tracking site and handing over your password to the bad guys. To avoid this possibility, never log into secure websites by following links in emails, even if it appears the email came from the correct source. Instead, always use your own links, favorites, or bookmarks to access those sites, or type the URL of the site (eg www.amazon.com) directly into the address bar of your browser. And lastly, when you get an email from a friend with a cryptic subject like “check this out” and nothing in the email body but a single website address, it’s a safe bet that you’re looking at an email sent, not by your friend, but from a bot through your friend’s hacked email account, and you can also bet that if you click that link, you will end up infected as well, so before you “check it out,” call, text, or email your friend and ask if they really sent this, and if the answer is no? Share this article with them because their email account is hacked and sending out spam.
This article was written by Andy Trask, Owner, and Chief Customer Caregiver at Stickynote! Tech Services. Based in Mansfield Massachusetts, Stickynote! Tech Services is a local provider of in-home personal technology services to individuals, families, and small businesses in Southeastern Massachusetts including the south shore, Cape Cod, south coast, greater Taunton area, greater Attleboro area, lower Route 128, and lower Route 495 up to the Franklin / Bellingham area. Need help? Call Stickynote today to experience world-class service!