|
Post by Mark O on Oct 8, 2011 13:46:56 GMT 9
I realize I'm probably preaching to the choir here, but I think there is nothing wrong with a friendly reminder about keeping our personal data secure.
Within the past few days one of our members had his e-mail address modified by a hacker of some sort by adding the numeral "1" to the end of his legitimate address. The hacker, posing as our brother member, sent out a very obvious fake e-mail requesting the recipients send him money, as he was robbed in Kuala Lumpur, Malaysia! Of course, being close friends, he would pay us back when he returned to the land of round door knobs! Really! (I suppose it would be cool to see the Petronas Twin Towers, but our member was not there!)
There really is no way to confirm that his e-mail address was picked from this site, as one has to be a member here to access that information, but it is available.
Now here is the key. Your e-mail address is accessible here IF YOU ALLOW IT. There is a way you can hide it, and the only ones who can see it are the staff members. We (yes, I am a new staff member) have been given that responsibility by Pat, the webmaster (MOW). It is not a responsibility we take lightly.
If for any reason you do not want your e-mail address to be viewed by any other member you can change it by going to your Profile. To do this, click on your user name, and you will see something like this...
Member's Bio - Modify Profile - Bookmarks - Social Networks
Click on "Modify Profile", and scroll down to "Account Preferences". From there you'll see many options including one labeled "Hide Email". The choice is yours.
Again, we don't know if our brother's e-mail was hacked from here, but these days we can never be to careful. I was hacked last December by foolishly completing an on-line survey. That was enough for them to get my credit card info, but I was lucky enough to find out quickly. The hackers didn't get my money, but it did cost me as I had to cancel the credit card, get a new one issued, and I ended up changing my e-mail address. What a PITA!!
Thanks for your support everyone!
Mark
|
|
MOW
Administrator
Owner/Operator
Currently: Offline
Posts: 5,821
Location:
Joined: September 2003
Retired: USAF, Civil Service
|
Post by MOW on Oct 8, 2011 15:41:20 GMT 9
Mark - Thanks for writing this up and putting it out.
ALCON - Mark is absolutely right in that you have the power to show or hide your email address from public view. I encourage everyone to go and check your profile and update/modify any settings you may not have been aware of earlier.
On another note, I honestly don't think the members' email was stolen from this site and used to broadcast out to other members. It was more likely stolen elsewhere and then his Contacts from his email account was hacked and used to broadcast out to all or some of those contacts.
This is a common problem now and you may have experienced it before without even knowing it: receiving email from a know contact and opening it only to find some worthless nonsense. But, but opening the email at times is all it takes to load a small program that allows someone to gain access to things like your contacts.
|
|
Jim Scanlon (deceased)
Senior Staff
FORUM CHAPLAIN
Commander South Texas outpost of the County Sligo Squadron
Currently: Offline
Posts: 5,075
Location:
Joined: July 2007
Retired: USAF NBA: Spurs NFL: Niners MLB: Giants NHL: Penguins
|
Post by Jim Scanlon (deceased) on Oct 9, 2011 0:32:10 GMT 9
I, too, got that spurious e-mail.
I hit reply and sent it back to whomever sent it.
My virus program, firewall and a couple of other things, didn't bring up a red flag, so don't know if it had anything bad in it, or was just an exploratory posting.
Either way, as MOW and Mark have said, be careful.
There are lots of people out there, who think it is fun to try to destroy your computer programs.
There are some that, if allowed, will shut down your anti-virus program and play havoc with your machine.
I got a "survey" not long ago, supposedly from the dealer where I get the car serviced.
Nope, wrong sending address.
I forwarded it to the dealer, to let them take care of it.
Happy computing.
Jim Too
:god_bless_usa
|
|
biendhoa
F-106 Expert
Currently: Offline
Posts: 304
Location:
Joined: March 2004
|
Post by biendhoa on Oct 9, 2011 2:38:23 GMT 9
No one And I mean NO ONE on this forum except the MOW should have excess to any information about about any member of this forum! :nono
|
|
MOW
Administrator
Owner/Operator
Currently: Offline
Posts: 5,821
Location:
Joined: September 2003
Retired: USAF, Civil Service
|
Post by MOW on Oct 9, 2011 15:21:41 GMT 9
No one And I mean NO ONE on this forum except the MOW should have excess to any information about about any member of this forum! That is exactly why the Alumni database contains no PII data to include email addresses that only I the database administrator can access. Same with this forum except for information at the members disposal to disclose or not.
|
|
MOW
Administrator
Owner/Operator
Currently: Offline
Posts: 5,821
Location:
Joined: September 2003
Retired: USAF, Civil Service
|
Post by MOW on Oct 9, 2011 15:29:08 GMT 9
I myself just received a different hacker message on my Yahoo, Hotmail and ancient kornet accounts from an old email address of Dick Stultz with Subject line "Re:All secrets of 30 hours of sex!". It also included old email addresses from an old Pat Perry address and several other old addresses from members AND non-members (friends of mine). These are results of email address lists being sold yet remaining in some rogue server for malicious a$$holes to use, and it is all based on your email account contacts list.
The bottom line is always be suspicious not matter what. I get this email about from someone I know, but I know he would never send that so red flags up everywhere.
|
|
|
Post by lindel on Oct 11, 2011 11:00:17 GMT 9
Mark, MOW and the rest. Thanks for your patience and your discretion. My passwords have been changed, I've been trying to get in touch with someone at Yahoo about the bogus account and am dealing with the rest of the fallout.
The worst thing is that ALL of my contacts on that email list is gone. Since that was my primary, you can guess where that leaves me.
There is also a Yahoo F-106 group that the list owner has been hacked and I haven't been able to get to him to let him know. If any of you know David Rotthoff, please let him know.
|
|
|
Post by Mark O on Oct 11, 2011 12:33:38 GMT 9
Mark, MOW and the rest. Thanks for your patience and your discretion. My passwords have been changed, I've been trying to get in touch with someone at Yahoo about the bogus account and am dealing with the rest of the fallout. The worst thing is that ALL of my contacts on that email list is gone. Since that was my primary, you can guess where that leaves me. There is also a Yahoo F-106 group that the list owner has been hacked and I haven't been able to get to him to let him know. If any of you know David Rotthoff, please let him know. Like I said, I went through that whole, changing my e-mail thing recently. Up until last December I had used the same e-mail address since around 1998/1999. It didn't suck nearly as bad as I thought it would. I started the new e-mail address, and gave everyone in my book a two-week notice. On the designated day I stopped the old e-mail account then started exclusively using the new one. No complaints. Mark
|
|
|
Post by Gene on Oct 13, 2011 3:09:46 GMT 9
I myself just received a different hacker message on my Yahoo, Hotmail and ancient kornet accounts from an old email address of Dick Stultz with Subject line " Re:All secrets of 30 hours of sex!". It also included old email addresses from an old Pat Perry address and several other old addresses from members AND non-members (friends of mine). These are results of email address lists being sold yet remaining in some rogue server for malicious a$$holes to use, and it is all based on your email account contacts list. The bottom line is always be suspicious not matter what. I get this email about from someone I know, but I know he would never send that so red flags up everywhere. got that same email last week... it was already in the spam box...so i just deleted it...along with promises of fake rolexes and free money...
|
|
MOW
Administrator
Owner/Operator
Currently: Offline
Posts: 5,821
Location:
Joined: September 2003
Retired: USAF, Civil Service
|
Post by MOW on Oct 13, 2011 9:21:45 GMT 9
I myself just received a different hacker message on my Yahoo, Hotmail and ancient kornet accounts from an old email address of Dick Stultz with Subject line " Re:All secrets of 30 hours of sex!". It also included old email addresses from an old Pat Perry address and several other old addresses from members AND non-members (friends of mine). These are results of email address lists being sold yet remaining in some rogue server for malicious a$$holes to use, and it is all based on your email account contacts list. The bottom line is always be suspicious not matter what. I get this email about from someone I know, but I know he would never send that so red flags up everywhere. got that same email last week... it was already in the spam box...so i just deleted it...along with promises of fake rolexes and free money... And of course lets not forget the all important ones about "$1M has been added you're new account..." from Mohamed or some crap. Don't you wish we could be Tron and just go in a kill the crap out of these
|
|
|
Post by Diamondback on Oct 15, 2011 14:39:22 GMT 9
This is part of why I hold to one little rule: if you want my email or IM's, send me a PM and introduce yourself. Yeah, I been away several years, but I'm back...
|
|
MOW
Administrator
Owner/Operator
Currently: Offline
Posts: 5,821
Location:
Joined: September 2003
Retired: USAF, Civil Service
|
Post by MOW on Oct 15, 2011 20:32:51 GMT 9
This is part of why I hold to one little rule: if you want my email or IM's, send me a PM and introduce yourself. Yeah, I been away several years, but I'm back... Yes indeed He's Back! Glad to see you back T.
|
|
|
Post by Cougar on Apr 10, 2012 6:28:59 GMT 9
Many good ideas have been mentioned to help promote secure emailing, some of which are repeated below.
1. Never, ever reply to a spam message. This includes buying a product that is for sale or clicking the often-misunderstood "unsubscribe" link, which actually informs your spammer that you exist. If you can tell from the subject line that a message is spam, don't open it — delete it. Spam subject lines usually promise you a better sex life, a more youthful appearance, prescription drugs without a doctor's approval, love, thicker hair, or a better mortgage rate. They also use attention-demanding punctuation, such as exclamation marks or all caps.
2. Don’t click any links in a spam email. Spammers often have multiple, unique pages on their sites. Often, when you click a URL in a spam message, this tells the spammer that you — and only you — received the message he or she sent.
3. Disguise your email address. Don't put your email address in plain text on your Web site. An effective way to trick the spiders that traverse the Web to harvest email addresses is to disguise your email address by stripping out periods and "@" symbols. For example, "YOURNAME AT YAHOO DOT COM." You can also make the "@" an image, which will prevent crawlers from identifying it. You make also wish to disguise it in your signature file, in case your recipients forwards your email.
4. Don’t forward an email from someone you don’t know to a list of people. You remember those "forward this email to 20 of your friends" messages? They are perfect for spammers to harvest email addresses, even if the sender of the original email did not have this intent. These types of sign-and-forward emails often appear in the form of a petition — and they don’t work.
5. Don’t use your home or business email address. when you register on a Web site or in a group. If you must sign up for services, want to receive more info, register for newspapers or domains; use a free email address from a site like Yahoo or Hotmail to create an address especially for that purpose. This also goes for posting to the Web, in a listserv, newsgroup, on a contact page for a Web site, or on a resume that is posted on the Web.
6. Before you join a list, make sure the list owner or Web master will not sell your address. Check to see if you can opt out of receiving unsolicited email from the site where you're registering. If you are unsure about this, read the site's privacy statement.
7. Preview your messages before you open them. Outlook and Hotmail (and many other email clients) let you use a preview mode to peek at the contents of a message before you actually open it.
8. Use a complicated email username. Spammers' software will look for the easy and obvious addresses first, such as those with identifiable names "john1977@hotmail.com," as opposed to “sjk839@msn.com."
9. Use a spam filter. One to try is SpamBayes for Windows, which you can find in TechSoup's Free Downloads section. Another is Mailshell, which is available on TechSoup Stock.
10. If your organization has an IT department, forward any spam that gets through to it. This way, they can perhaps better tweak the filters.
11. Make sure your privacy settings are set so you don't receive marketing from other sites in your AOL and Yahoo profiles. Many list servers use Yahoo lists as the list provider; you must unselect these pre-selected choices in your personal privacy settings.
12. Never use your email address as your screen name in chat rooms. It will give spiders or human email harvesters an absolute yes to a questionable email address.
Provided by techsoup.org, the Technology Place for Nonprofits
|
|
|
Post by adart on Apr 10, 2012 7:20:34 GMT 9
Thanks for the info. guys. Be Safe :thanks
|
|
|
Post by Mark O on Jul 22, 2012 10:39:18 GMT 9
Always a good idea to keep electronic security on the radar (so to speak) as well as physical security.
Earlier today we had a couple "salesmen" join the forums to hack their wares. I want to thank Jim Too for bringing it to our attention for those of us that were either working, or not logged into the forums to see it.
A big :salute for you Jim Too!!
Anyway, they could easily get your e-mail address if they wanted to work at it before I banned them. Who knows, they may have IF you have it visible!!
Read this entire thread (click on the name in the "Topic" line) if you need to hide your e-mail, or just send any of the Staff a PM. We'll square you away!
Mark O.
|
|
MOW
Administrator
Owner/Operator
Currently: Offline
Posts: 5,821
Location:
Joined: September 2003
Retired: USAF, Civil Service
|
Post by MOW on Jul 22, 2012 11:00:05 GMT 9
After reading Jim Too's email about them I checked and saw you or someone had already removed their posts. I them deleted their accounts.
A few weeks ago I added a new script that removes a 'deleted' users account from the "Newest Member" list in the Info Center. Prior to that additional script even after deleting the account, the name still showed. I wasn't crazy about having them still show up, so reneging on my earlier position of leaving accounts there but just disabling them, I would rather delete them so they don't show up and take the risk of them recreating an account with the same email address. I think the risk of that is low, and removing their name was important.
|
|
|
Post by Diamondback on Jul 22, 2012 13:45:36 GMT 9
On a board I once admin'ed, I liked to change their names to "Spamming Turd"...
|
|