OT: Email Hacked again

OT: Email Hacked again (Full Version)

All Forums >> [New Releases from Matrix Games] >> War in the Pacific: Admiral's Edition

Message

ChezDaJez -> OT: Email Hacked again (4/1/2011 9:24:40 PM)
This is getting old. My email was hacked again and has sent out messages with .exe files to everyone in my address book. I assume it is a worm. I use Hotmail and IE9. My system software is Windows Vista. I like them so I would rather not switch unless that is the only solution. I am considering upgrading to Windows 7. I have been told that the issue may not be in my computer at all but may reside with the way Hotmail stores messages online. My surfing habits are rather benign concentrating mainly on WWII subjects, various home improvment sites and news sites such as CNN. I do not visit porn sites or any other sites that have a high risk of infecting my system. I have tried Norton but it reports nothing. I currently use AVG and still nothing ever reported. Full system scans always come back clean. I am clueless when it comes to this type of issue. My firewall is on. I am fairly knowledgeable about hardware as I build my own computers but do not have much knowledge of fixing software issues. My standard tactic after I have exhausted my limited knowledge of software related problems is to reformat and reload everything. Ugh! Any thoughts on how to prevent and eliminate this problem? Chez

LoBaron -> RE: OT: Email Hacked again (4/1/2011 9:56:56 PM)
4 things that can help: - If you have not already, activate auto cache clean of IE9. This forces the cache to clean everytime you close all browser windows and adds one step of security. - Besides the passive scan of AVG (personally I prefer http://www.avira.com/de/avira-free-antivirus, it is a German scanner always in the top league of antivirus scanners when I read tests but thats a matter of taste I guess) make it a habit to perform an active scan every 7-14 days, 14 should be enough because there are always chances of undetected trojans not in the virus library or in files passing the passive check. - There could be a possibility that not you are the distributor but a friend you trust has bad knowledge on PC protection and you open his/her sent files without second thoughts, I´d look for patterns there, helped me once. - Use a router between your PC and the modem because you add a hardware firewall to your security pacage. Last thought: Windows 7 already tops Vista by far in both stability and ressource usage. I can only recommend it, SP1 increased stability further, so I´d definitely would give it a thought. Edit: stupid me, Avira wont help you much if you don´t speak Krautish. No idea if there is an English version... [8\|]

witpqs -> RE: OT: Email Hacked again (4/1/2011 10:04:02 PM)
IE9 is a good start, as it's getting high marks thus far. I use Chrome, and do recommend it. Your choice, obviously. Chrome is currently better security-wise and they are super (I mean super) fast updating it to plug holes. They even use their own built-in Flash so they can update it on the fly as security holes are found. Flash has been a major security problem and so many websites use it. I know you like IE9; I recommend Chrome. Anecdote: a short time ago there was a major update released for Flash (and Reader I think the same day). I saw the post on a security blog and then the update - Chrome had already updated everybody's browser with those fixes three days before. People not using Chrome had to get the notice about an update and do it. Those who don't have automatic checking for updates enabled are really low on luck. As I understand it, Vista is essentially Windows 7. W7 has a better interface and some other improvements. I do not recall of hearing of any direct security improvements. Indirectly, W7 is more savvy about not bothering the user about things that are likely not a problem. One knock against Vista was that it could forever have you clicking "Yes" to the point where you disabled the queries or just always answered "Yes" without reading and understanding. Hotmail has had a problem here and there, I have no news about their current reputation. It is Microsoft and they do try hard on security. That might sound silly given all the IE and other bugs over time, but remember that their OS and related products have been number 1 for a long time so they have a bright orange bullseye painted on them. Recently my wife's email sent out some spam emails with just a link in them to people she had conversed with in that email account. Two in depth scans with products from different vendors turned up nothing and there was no other evidence of compromise. There are many, many compromised websites out there and tons of them are main-stream, not porn or shady illegal download places. The bad guys attack and compromise a web site. You visit the web site. They then attack a weakness in your browser. Maybe they can get through to your PC (break out of their own Sand Box to which they are supposed remain confined), maybe they can't. Even if they can't, maybe they can at least get through to other browser tabs/windows - savvy? If you have Hotmail open in another tab or another window at the same time that they have compromised the currently running browser, then they can do things in that Hotmail session. You must assume your password is compromised (although it might not be). I'm sure you already changed it. They attached a file - do you know what it was? There is certainly the possibility that there is the same file hidden on your system. If you can get a copy of the file you can scan it to see if the AVG and whatever else you used can recognize it. Truly the safest thing to do is "Nuke it from orbit." and reload, as you know from what you said. Do you use that PC for banking? If so, nuke it.

cookie monster -> RE: OT: Email Hacked again (4/1/2011 10:21:48 PM)
Happened to me twice around Christmas. Norton scans never picked up anything. I would recommend you change the password on your email account though.

Nomad -> RE: OT: Email Hacked again (4/1/2011 10:29:14 PM)
I had this happen on my yahoo account. I changed passwords on everything I have them on just to be safe. I have no idea how it happened, I use AVG and it didn't report any problems.

bradfordkay -> RE: OT: Email Hacked again (4/1/2011 10:53:11 PM)
Ban your son from using your computer!!!! j/k

JocMeister -> RE: OT: Email Hacked again (4/1/2011 11:01:36 PM)
Try Avast antivirus. Its free if you use the home edition. I have used it for the last four years and so far so good! Been using it on xp, vista and now windows 7! Its not as intrusive as Norton and can actually be uninstalled without resorting to a complete reinstall of windows.

fbs -> RE: OT: Email Hacked again (4/1/2011 11:09:48 PM)
It's been some 5 years since I last got a virus. Currently I use Chrome with Prevx CSI 3.0. I like Prevx a lot, as the last virus I got went straight through the two anti-virus I was using by then, and then went straight through additional ones I threw at it, while Prevx was one of the 2 that caught the little guy. I'm also running PC Tools Spyware Doctor in parallel, as it catches registry junk -- although it makes such a fuss with false alarms that it gets boring. Anyway, false alarm is better than no alarm :^D Both have free detection-only versions.

Sredni -> RE: OT: Email Hacked again (4/2/2011 12:12:08 AM)
I got a virus recently, on the day of the quake in japan actually. I have AVG free running and it started giving out warnings that I was infected, but it's scans couldn't actually find anything. So I ran malware bytes and installed and ran (and uninstalled afterward) avast, and they found infections in two exe files that had been on my computer for ages without problems. I think I got the virus viewing video's of the quake in japan cause that's the only real behavioral change I had at that time, following random links and viewing random videos of the quake in japan. Anyways long rambling story short: use multiple virus programs. You only want one running as your primary protection, but no virus program finds all the viruses all the time. Using 2 or 3 (or more) to scan for a virus is better then just depending on one. If you suspect you have a virus but your current program doesn't find anything try another. And don't use IE.

Mynok -> RE: OT: Email Hacked again (4/2/2011 12:16:22 AM)
quote: And don't use IE. This would solve half the malware problems in the world. Have never used it and never been hacked.

Dobey455 -> RE: OT: Email Hacked again (4/2/2011 5:10:13 AM)
I would suspect this is not caused by a virus on your PC, but by attacks on the hotmail mail servers. Hotmail is web-based (ie the mail does not live on your computer, it lives on the net.......unless you run your hotmail through Outlook or Mozilla Thinderbird, etc). Unfortunately the people who do this attack targets that will give them the most return for their time and effort, and so they tend to go after massive, public, online mail storage like hotmail, G-Mail, Yahoo mail etc. There could be many many ways this has happened, I think it has happened to just about everyone at least once. Usually what happens is that your e-mail address along with thousands of other is subjected to a Brute Force attack (ie a program just sits there for days or weeks trying millions upon millions of possible password combinations until it finally cracks your account.) Once your account is breached it can be used for pretty much anything the attacker wants. Hotmail does have a special address to report this to and they will supposedly do everything in there power to bring these evil-doers to justice [>:]. I got hacked once and e-mailed them. They never even bothered to reply, so.....yeah. Fastest fix is to change your password, make it as complex as you can remeber (ie about 8 -12 characters and a mix of upper and lower case and a couple of numbers maybe even a special character. For example Ch3ZdaJ3z!) Once you have done this NEVER use the "Remember my Password" option and as people stated above set the browser cache to clear on exit. If it happens again consider a different mail account provider. I think most internet providers give you a free e-mail account with them when you sign up. There is no need to change your operating system or your browser unless you want to, as these aren't going to help in this particular situation.

witpqs -> RE: OT: Email Hacked again (4/2/2011 5:41:40 AM)
If you use the same PC for banking or other financial access then why take the chance? Nuke it.

ChezDaJez -> RE: OT: Email Hacked again (4/2/2011 10:38:17 AM)
quote: ORIGINAL: witpqs If you use the same PC for banking or other financial access then why take the chance? Nuke it. Believe I will just as soon as I get AE up and running on the wife's laptop. Appreciate all the advice guys. I've changed every password I can think of including my bank's and Hotmail. Let's see if it works. Might as well upgrade to Win 7 at the same time. Chez

PresterJohn001 -> RE: OT: Email Hacked again (4/2/2011 11:01:35 AM)
I got hacked a couple of times. Stopped when i changed my password to a alphanumeric non word based one. Good way to do this is based off an address or car reg number or even your unit numbers :)

ChezDaJez -> RE: OT: Email Hacked again (4/2/2011 11:35:05 AM)
quote: ORIGINAL: PresterJohn I got hacked a couple of times. Stopped when i changed my password to a alphanumeric non word based one. Good way to do this is based off an address or car reg number or even your unit numbers :) I've always used an alphanumeric password with a combination of capitalized and non-capitalized letters and it is at least 9 characters long. Chez

bigred -> RE: OT: Email Hacked again (4/2/2011 2:04:38 PM)
My computer consultant stated that explorer is the problem...My wife comp had same issue w/ hijacked email...We switched to mozilla/firefox and problems seemed to be solved. The word on the street is explorer has alot of bugs.

Lifer -> RE: OT: Email Hacked again (4/2/2011 2:29:04 PM)
I recently picked up a virus I thought from a news site (that's where I was when everything imploded). Using a firewall and Mcafee so it was probably something downloaded and opened. Unless my wife is surfing the porn sites... My son (pro IT person) downloaded combofix and let that run. Cleaned up everything in a few hours. Greg

Bullwinkle58 -> RE: OT: Email Hacked again (4/2/2011 5:12:42 PM)
quote: ORIGINAL: Lifer I recently picked up a virus I thought from a news site (that's where I was when everything imploded). Using a firewall and Mcafee so it was probably something downloaded and opened. Unless my wife is surfing the porn sites... My son (pro IT person) downloaded combofix and let that run. Cleaned up everything in a few hours. Greg I run Malwarebytes every week or so. Reccoed by the local paper's IT columnist and it finds stuff that other anti-bot-ware has missed, especially dozens of ad-tracking cookies and devices. Free version availible. I think I got it at CNET.

TulliusDetritus -> RE: OT: Email Hacked again (4/2/2011 6:32:12 PM)
quote: ORIGINAL: LoBaron Edit: stupid me, Avira wont help you much if you don´t speak Krautish. No idea if there is an English version... [8\|] LoBaron, there is an English version [&:] And in fact in many languages. From 2003 until 2009 I used AVG Free Edition. The programme was very light... Then there was a major upgrade --I can't remember, maybe from 7.x.y to 8-- and I discovered the new version was like an elephant, sucking many resources of the computer [:(] I investigated and found out Avira was the "best" FREE anti-virus. It's the one I use now. Very light (and to me this is the most important thing): memory usage = around 18.000 KB. The last AVG FREE edition I tried = around 80.000 KB [X(]

TulliusDetritus -> RE: OT: Email Hacked again (4/2/2011 6:35:25 PM)
But of course the best anti-virus is Linux [:D]

Joe D. -> RE: OT: Email Hacked again (4/2/2011 6:44:59 PM)
quote: ORIGINAL: ChezDaJez This is getting old. My email was hacked again ... Do you have a Facebook account? I understand there is/was a security flaw in Facebook that allowed others access to users email accounts.

bradfordkay -> RE: OT: Email Hacked again (4/2/2011 6:58:28 PM)
quote: ORIGINAL: Joe D. quote: ORIGINAL: ChezDaJez This is getting old. My email was hacked again ... Do you have a Facebook account? I understand there is/was a security flaw in Facebook that allowed others access to users email accounts. I know that Facebook has a "friend finder" that uses your address book to search for your friends. Since it asks for your e-mail password I have never used it. This could be the source of that problem.

lazydawg -> RE: OT: Email Hacked again (4/2/2011 9:20:12 PM)
quote: ORIGINAL: Bullwinkle58 quote: ORIGINAL: Lifer I recently picked up a virus I thought from a news site (that's where I was when everything imploded). Using a firewall and Mcafee so it was probably something downloaded and opened. Unless my wife is surfing the porn sites... My son (pro IT person) downloaded combofix and let that run. Cleaned up everything in a few hours. Greg I run Malwarebytes every week or so. Reccoed by the local paper's IT columnist and it finds stuff that other anti-bot-ware has missed, especially dozens of ad-tracking cookies and devices. Free version availible. I think I got it at CNET. I second this recommendation. Malwarebytes is a must have. In addition, the link provided below has specialized downloads for removing other nasties: http://www.bleepingcomputer.com/uninstall/

Sredni -> RE: OT: Email Hacked again (4/2/2011 9:35:44 PM)
Anyone have a list of antivirus software that doesn't run in the background? Currently I go with avg free running and have malwarebytes installed with which I do occasional scans (along with the avg scans I have setup to run regularly), and if I feel the need I download and run the windows malicious software removal tool though no clue how useful it is. The other AV program I tried (avast) wanted to run in the background all the time like AVG does and from what I understand having multiple AV programs running simultaneously is a nono (plus what a resource hog bleh). So I'd like some other AV programs like malwarebytes that I can install and just run occasional scans with without it wanting to be up and running all the time.

Capt Hornblower -> RE: OT: Email Hacked again (4/2/2011 10:32:36 PM)
quote: ORIGINAL: ChezDaJez Believe I will just as soon as I get AE up and running on the wife's laptop. Appreciate all the advice guys. I've changed every password I can think of including my bank's and Hotmail. Let's see if it works. Might as well upgrade to Win 7 at the same time. Chez Might help if you stopped being a slave to MICROSOFT.

ChezDaJez -> RE: OT: Email Hacked again (4/3/2011 5:48:28 AM)
quote: ORIGINAL: bradfordkay quote: ORIGINAL: Joe D. quote: ORIGINAL: ChezDaJez This is getting old. My email was hacked again ... Do you have a Facebook account? I understand there is/was a security flaw in Facebook that allowed others access to users email accounts. I do have a facebook account but very seldom use it unless someone posts on my wall. My kids set it a couple of years ago. I'm just not into online social networking except for this forum. Chez I know that Facebook has a "friend finder" that uses your address book to search for your friends. Since it asks for your e-mail password I have never used it. This could be the source of that problem.

pmelheck1 -> RE: OT: Email Hacked again (4/3/2011 9:35:01 PM)
One of the first questions I would ask is if all forms of code execution are disabled in your email client. If it isn't that could very well be the root of all your other ills.

Page: [1]

Forum Software © ASPPlayground.NET Advanced Edition 2.4.5 ANSI

1.796875