Loading ...
Sorry, an error occurred while loading the content.

Spam problems & Steps to safeguard your self and your contact lists

Expand Messages
  • Mani
    It s quite worrying..Every day ..in recent week, I find such spam `links from friends, indicating their accounts got hacked.  Obvious that some hackers have
    Message 1 of 2 , Jul 6, 2012
    • 0 Attachment
      It's quite worrying..Every day ..in recent week, I find such spam `links' from friends, indicating their accounts got hacked.  Obvious that some hackers have been harvesting lots of e-mails, and are now `working on it'.

      Makes me wonder if my own e-mail is `sending out' spam to people on my lists...without me even knowing.    If so, I hope someone will let me know.

      Meanwhile, here are some steps I thought would be useful for us all:
      (Not all these will be applicable to all).

      1. Keep your firewall & virus-protection softwares installed AND regularly (almost daily) updated.   Hundreds of new trojan & viruses are created and released by hackers every day - for fun or to exploit or to make a statement.

      2. When using your own mobile devise (phones, ipads, e-book readers, blackberry etc)...and accessing the internet / e-mails/ social networks...from cafe's, shops, global hot-spots, wi-fi etc in shopping centres etc... be very careful.  Anyone with a half-decent scanning software can intercept and copy your codes/passwords..  !   

      3. When actually using other computers - in shops, cafe's, work-places... where you are using another computer on an open network,  becareful.   If you can, avoid using external computers to check your private e-mails.. and if you must, clear the browser of your  browsing history/cookies/ passwords [some external networked computers don't allow this...in which case you are bug***d!]

      4. Always log in and LOG-OUT from any online e-mail and social network systems ...after using them for the moment.  [**even if it is your own home computer!**]  This is where people go wrong more than half the time. Yahoo, hotmail, googlemail..etc and twitter/facebook are all online log-in sites that work on a browser software - such as internet explorer / netscape or Google chrome!  
      - The point is, longer you have your account logged in...more exposed your account is for hackers to have a go...and sooner or later ..they will crack it.     (Applies when you log in to use it, then go off to watch tv, take a shower, cook, have long phone calls... or just leave it on and go out for the day..).
      -It doesn't matter if you have the best firewall...   log-out when you have finished.  Re-logging takes a few key-strokes and few seconds...but saves your account!!

      5. Protect your self...and you are protecting your friends!   Remember, in your address book, there may be many hundreds of e-mail lists.  One vulnerable account can expose hundreds of other people's accounts!

      6.  When sending mass e-mails to people, groups,....please `blind carbon copy' (Bcc) all their e-mails..   so each person on that list knows it's coming from you...but can not know who else you copied it to.    And if their account gets hacked, they can't expose all those other people.. (bit like witchcraft..   don't expose your friends to the world).

      7.  Don't buy cheap virus/firewall software...   Get a decent one like..Norton or McAfey etc..  And regardless of what other `experts (?)' say, don't upload a free firewall..from the internet.   Nothing in the world is truly free.   Chances are those free softwares have some flaws, or don't have support or daily updates. So they become out of date from the moment you start using them!!

      8. If you see a strange e-mail, with no subject matter ...or one that does not seem relevant, DON'T open it..  and if you have to open it...   don't click on any links!

      9.  Finally,  Spammers are even setting up very clever paypal/bank/e-bay like domain names (with just one tiny spelling change...which on a quick look ...seems like the genuine thing).  
      example:
      www.e-bayi.com   has an extra i at the end..which can seem like your eye is splaying tricks..so you ignore it.  Those mails ask you to check your account...`because of a security issue' etc (very clever in panicking you!).   If you just HOVER over the link they show, you can see...on the bottom of the browser..what that link really is.    This is because anyone can type a link address.. but put a real link to go somewhere else (often to a spam/harvest site).
      Here's an example
      www.pflondon.org  is a web address..but I have put a link in it to actually go to my blog (where this safety guide is also blogged). (just click it and you'll see! :-)   
      Spammers and hackers are 1000 times more clever than this!

      So..  be safe all.

      Love & Bright Blessings
      -Mani

      PFL webmaster.

      cc: pf members, Croydon crows
      Bcc:  moots, hern's tribe, tribe of avalon, woodspirits


    • Paul
      I quite agree with Mani that spam and hacked email accounts are a real nuisance now. Here is a message I composed for another group, regarding the recent hack
      Message 2 of 2 , Jul 14, 2012
      • 0 Attachment
        I quite agree with Mani that spam and hacked email accounts are a real nuisance now. Here is a message I composed for another group, regarding the recent hack of 450,000 Yahoo passwords:

        Apparently 450,000 passwords have been outed by d3dd3 and we are yet to experience the consequences.

        If you have a Yahoo account, you might find this website helpful to see if your account has been hacked.

        http://labs.sucuri.net/?yahooleak

        It's very quick and easy to do the check.

        If you want to read the original blog post, here it is:

        http://www.techrepublic.com/blog/security/450k-yahoo-passwords-online-now-is-yours/8097?tag=nl.e019

        and, from that very same blog, here is a partial analysis of those 450K leaked passwords showing how not to set a password

        * 2,295: The number of times a sequential list of numbers was used, with "123456? by far being the most popular password. There were several other instances where the numbers were reversed, or a few letters were added in a token effort to mix things up.
        * 160: The number of times "111111? is used as a password, which is only marginally better than a sequential list of numbers. The similarly creative "000000? is used 71 times.
        * 780: The number of times "password" was used as the password. Apparently, absolutely no thought went into security in these instances.
        * 233: The number of times "password" was used in conjunction with a few numbers behind it. Apparently, the barest minimum of thoughts went into security here.
        * 437: The number of times "welcome" is used. With a password like that, you're just asking to be hacked.
        * 333: The number of times "ninja" is used. Pirates, unfortunately, didn't make the list.
        * 137,559: The number of Yahoo credentials that were leaked.
        * 106,873: The number of Gmail credentials that were leaked. Hotmail, which was the next most frequently cited e-mail service, had fewer than half the number of users hit.
        * 161: The number of times "freedom" is used, suggesting a lot of patriotic users. "America" was used 68 times.
        * 161: The number of times the f-word is used in some combination. There are a lot of angry people out there.
        *133: The number of times "baseball" appears as a password. It's the most popular sport on the list, proving that it is indeed America's national pastime. It just may not be the best password.
        * 106: The number of times "superman" is used as a password. That's nearly double the amount of times "batman" is used and triple the frequency of "spiderman."
        * 52: The number of times "starwars" is used. The force is not with this password.
        * 56: The number of times "winner" is used.
        *32: The number of times "lakers" appears. It tied with "maverick," although fortunately "the_heat" or "celtics" weren't on this list.
        * 27: The number of times "ncc1701? is used as a password. For those of you who aren't trekkies, that's the designation code for the Starship Enterprise. "startrek" is used 17 times, while "ncc1701a," the designation for the Enterprise used in later Star Trek movies, is used 15 times.

        Word on the street is that d3dd3 will target gmail and hotmail accounts next

        Have a happy and hack-free weekend!

        Paul
      Your message has been successfully submitted and would be delivered to recipients shortly.