Farking Hackers!!

Fired up the 'Puter this morning, and my e-mails are all messed up. Keep getting a message to sign in, over and over. Cannot access mails because the pop up keeps popping up. Wife call our provider, we have been shut off for excessive spamming!! Huh? I send out a small bulk mail, to established clients, about twice a month. Other than that, 20 or so a day in normal communications. Turns out some person of dubious character had hacked one of my accounts to send out massive numbers of spam, so provider shut us off. All taken care of now, but more than a bit of inconvenience. Anybody else get this?

Nope, but then again I run my own email server rather than trusting a provider with the important emails (the less important stuff goes into Gmail).

I had to repair it a few times when I did 3rd party IT work. More fun when they Hijack your Domain Name. had that happen a couple times to clients. They thought it was a trusted email and didn't consult us.

In reply to cwh:

did they breach by forcing your password?

Don't know how it was done, but we now have new passwords that will be a bit harder to guess. I had used nice, simple passwords so I could easily remember. Bad idea.

So that stuff you sent me about Viagra is BS?

Mad Mallard- Forcing the pass word? What does that mean? How is it done?

cwh wrote: Mad Mallard- Forcing the pass word? What does that mean? How is it done?

This is called a brute force password hack. There are various ways to pull it off from programs that try all the words in various languages dictionaries to just trying multiple assemblies of letters, numbers, and punctuation. This method usually takes quite a long time.

There are other hacking methods that could've been used. Sometimes a user's pc will not be patched to the latest level of software. This leaves your pc wide open to nefarious hackers who will exploit the unpatched security holes. Then they have free reign on your pc and will search your files for something to indicate your passwords. That something could be as simple as list of your passwords on a .doc file or a collection of pictures with your kids names on them. "Let's see...Kayleigh1? Kayleigh2? 1Kayleigh?" See how that goes?

I bet your hacker looks like this:

Um, no they didn't. I see this all the time and it's not "hackers".

Your system has been compromised, most likely by a bit of malware. Not necessarily attached to anything you downloaded, either, these days virii do portscans and self-infect with no stumbling required by a clueless user. I remember a test that showed unpatched Windows boxes placed on the internet become infected in under 5 minutes.

Run the usual scans (Antivirus, AdAware, Malwarebytes) and change your password to something actually strong (no excuse for weak passwords these days - if you don't have at LEAST 8 characters which includes an uppercase, lowercase, digit, and punctuation, it's not strong). Do all your patches/updates.

Then call your ISP and tell them what you found and what you did to fix it, they'll turn you back on.

They have turned it back on, after a few miserable minutes. I use Eset, have never had bad stuff get in....yet. Will start a scan now.

In reply to ReverendDexter:

Hey Jane here = Honestly do not think our email was hacked/compromised, we used constant contact with that email address about one month ago to send out over 400 emails and Homestead Tech our host provider probably got a report on emails returned unopened as spamin which case they suspend the accts until they determine whats up. TY

My company's web site was recently hacked.
The index.html files had scripts added to attempt malware installs.

My boss is out of town on vacation this week so I got to troubleshoot that in addition to preparing for the server swapout this Friday.

The swapout was supposed to happen last Saturday but was postponed because the big chiefs decided it was too much downtime so why not take one holiday day away from the IT guy who is already losing 2 weeks of vacation this year.

ReverendDexter wrote: Um, no they didn't. I see this all the time and it's not "hackers". Your system has been compromised, most likely by a bit of malware. Not necessarily attached to anything you downloaded, either, these days virii do portscans and self-infect with no stumbling required by a clueless user. I remember a test that showed unpatched Windows boxes placed on the internet become infected in under 5 minutes. Run the usual scans (Antivirus, AdAware, Malwarebytes) and change your password to something actually strong (no excuse for weak passwords these days - if you don't have at LEAST 8 characters which includes an uppercase, lowercase, digit, and punctuation, it's not strong). Do all your patches/updates. Then call your ISP and tell them what you found and what you did to fix it, they'll turn you back on.

That is correct! It can happen to you if you log in to your e-mail account on a PC with no security/not up to date. I highly doubt it was brute force as it's pretty archaic and most e-mail providers and ISPs will lock your account after x amount of log in attempts. Can't forget about those hard to read word thingamabobbers to prove you are indeed a human and not a sniffer or a bot.

I refuse to log into my e-mail at work. I'm the new guy and I have the oldest PC in the office. I reformatted it to clear all the nonsense off of it, but they gave me Windows XP and no antivirus software....I have MWB running but it took an act of hacking to even get that on my work PC. Getting stuck with a non-admin account on an XP computer, had to hack the admin password, change it to something simple and work related, install my Google Chrome and MWB along with updated flash and my own copy of CS5 just so I could get some proper work done. Teething of a new company I suppose.

cwh wrote: In reply to ReverendDexter: Hey Jane here = Honestly do not think our email was hacked/compromised, we used constant contact with that email address about one month ago to send out over 400 emails and Homestead Tech our host provider probably got a report on emails returned unopened as spamin which case they suspend the accts until they determine whats up. TY

If you used a third-party sender like ConstantContact, the outbound mail would've come from their servers and just attached your address as the sender.

The bounces shouldn't trigger anything against you by your ISP; the sheer amount of spoofed-sender email means that a bounce to your address is meaningless in terms of determining that any spam was sent from your address.