GWTW Forum
December 21, 2014, 02:49 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News:
 
   Home   Help Forum Info Login Register Chat  
Welcome to the GWTW Forum.
Guests (non-registered users) can view the forum but are unable to post.  If you don't have anything to say then why would you bother to register?
One of the most popular sections of the GWTW Forum has long been the Swap Meet.  A great place to sell old, seldom flown kites or to get great deals on used (gently flown) kites.  Only registered users can see the Swap Meet section, let alone wheel and deal.  1000's (literally) of kites have changed hands thanks to the Swap Meet.
There are several more benefits to being a registered user, but you'll have to join our little community to find out all the "secrets".
Questions or concerns? Contact Steve ... just drop an email to: forum.gwtwkites@gmail.com

Pages: [1]   Go Down
  Print  
Author Topic: I think I've been hacked  (Read 1420 times)
0 Members and 1 Guest are viewing this topic.
ET
Trade Count: (+16)
***
Offline Offline

Posts: 122

Location: Seattle WA Earth

WWW
« on: May 16, 2010, 07:09 PM »

Yesterday someone, or a program, got to all of the email addresses in my contact list and send everyone a link to purchase Viagra.  I’ve changed my password and was wondering if there’s anything else I should do.  Should I send another email out to everyone warning them not to open the link?  Should I just close the email account?  Any tips or thoughts would be appreciated.
Thanks,
Everett       
Logged
DWayne
Trade Count: (+10)
*****
Offline Offline

Posts: 1355


Location: Corning, Ca.

« Reply #1 on: May 16, 2010, 07:40 PM »

I thought you had started pushing pills.  Cheesy

Denny
Logged

I always wanted to be a procrastinator..........
I just never got around to it.
mikenchico
Board Moderator
Trade Count: (0)
*****
Offline Offline

Posts: 2174


Location: ‪‪‪‪‪‎Chico, Ca

WWW
« Reply #2 on: May 17, 2010, 12:02 AM »

Make sure your anti virus program is working and up to date, run a couple of the online free scanners. Maybe download Add Aware & Spybot search & destroy. Not knowing what you have it's hard to recommend the proper procedure to remove it, once you know the name you can do a search for removal instructions.

In the meantime try to disable your email program from running automatically so you won't keep spamming your freinds or possibly losing your internet account for spamming. When you're clean or before let your service provider know you were infected, that the spam was unintentional on your part, best if you can tell them the name of the infection so they can confirm it.

Sending your contacts an email is usually suggested but probably too late, hopefully they all know you wouldn't send out something like that and didn't click any links.

« Last Edit: May 17, 2010, 12:05 AM by mikenchico » Logged

"Living is easy with eyes closed, misunderstanding all you see" John W Lennon

"People do not quit playing because they grow old, they grow old because they quit playing" George Bernard Shaw
inewham
Board Moderator
Trade Count: (+1)
*****
Offline Offline

Posts: 380


Location: Nottingham, UK

WWW
« Reply #3 on: May 17, 2010, 12:07 AM »

If someone has got into your machine they'll see you change your passwords so the safest and surest option is always backup all your data, repartition your drive, do a clean install from scratch and then restore your data.

If like most people you cant be bothered with that, 2nd best is to get your hands on a clean uninfected PC with an up to date AV (something decent not McAfee or similar). Remove the hard drive from the compromised PC and once you've booted the clean PC mount your compromised HDD with an external drive carrier. Then scan/fix the compromised HDD.

Try to identify what you've been infected/compromised with so you can Google for details and manually confirm everything has been removed.

If you try installing AV onto your compromised PC, any rootkit worth its salt will cripple the AV and Microsoft update, so with most current malware fixing the compromised install while its running is futile. You might feel like you've got somewhere but it will be back.

Once you're back up and running, before you use email or a web browser get the machine patched and up to date, ideally from behind a firewall and before you run any email programs or you'll likely get hit by a zero-day exploit before you finish downloading the updates. Get AV and a software firewall installed (Avast and ZoneAlarm do free versions) and never open emails you're not expecting to receive.

Make sure you keep you applications patched and up to date too e.g. Adobe Reader and Flash are popular attacks at the moment.
Logged

inewham
Board Moderator
Trade Count: (+1)
*****
Offline Offline

Posts: 380


Location: Nottingham, UK

WWW
« Reply #4 on: May 17, 2010, 12:13 AM »

BTW are you sure your machine has been compromised - many bots forge the from address so if someone has told you they've received an spam form you it maybe that just the from address was forged to look like it came from you. You will also see back scatter from failed emails when this happens.
Logged

ET
Trade Count: (+16)
***
Offline Offline

Posts: 122

Location: Seattle WA Earth

WWW
« Reply #5 on: May 17, 2010, 05:43 AM »

BTW are you sure your machine has been compromised - many bots forge the from address so if someone has told you they've received an spam form you it maybe that just the from address was forged to look like it came from you. You will also see back scatter from failed emails when this happens.


It’s some sort of a spam and I started noticing “Delivery Status Notification (Failure)‏” from old emails.  Nothing in the header but just a link to the site.  (I have the site address if anyone is curious)         

So how the heck are they, or it, is able to get to my address book?

Working on some of the tips you guys mentioned.  Thanks.
Logged
inewham
Board Moderator
Trade Count: (+1)
*****
Offline Offline

Posts: 380


Location: Nottingham, UK

WWW
« Reply #6 on: May 17, 2010, 06:12 AM »

It’s some sort of a spam and I started noticing “Delivery Status Notification (Failure)‏” from old emails.  Nothing in the header but just a link to the site.  (I have the site address if anyone is curious)         

So how the heck are they, or it, is able to get to my address book?

What leads you to believe someone has your address book? Are the failure notifications only from people in your address book or from all sorts of people?

It is common for spam bot to use lists of valid addresses, maybe yours, I know mine was used once, to fake the from part.

So they send thousands of get your 'cheap viagra here' emails with the from part set as say, ian@iannewham.com (I know, bring it on, it wont be the first time  Roll Eyes ) then I saw a million and one failure DSNs from all over the world for about a month.

No one had hacked my machine, it was just back scatter from spam with a forged from address - if that's what is happening to you, all you can really do is weather the storm for a while. Its quite common.

Logged

kiteking
Trade Count: (+11)
****
Offline Offline

Posts: 902


Location: Brookings, OR)

WWW
« Reply #7 on: May 23, 2010, 09:58 PM »

Here is some good advise on keeping you safe on the net


Five Ways to Keep Online Criminals at Bay
from the NY Times  Wednesday May 19, 2010, 7:45 pm EDT

THE Web is a fount of information, a busy marketplace, a thriving social scene — and a den of criminal activity.

Criminals have found abundant opportunities to undertake stealthy attacks on ordinary Web users that can be hard to stop, experts say. Hackers are lacing Web sites — often legitimate ones — with so-called malware, which can silently infiltrate visiting PCs to steal sensitive personal information and then turn the computers into “zombies” that can be used to spew spam and more malware onto the Internet.

At one time, virus attacks were obvious to users, said Alan Paller, director of research at the SANS Institute, a training organization for computer security professionals. He explained that now, the attacks were more silent. “Now it’s much, much easier infecting trusted Web sites,” he said, “and getting your zombies that way.”

And there are myriad lures aimed at conning people into installing nefarious programs, buying fake antivirus software or turning over personal information that can be used in identity fraud.

“The Web opened up a lot more opportunities for attacking” computer users and making money, said Maxim Weinstein, executive director of StopBadware, a nonprofit consumer advocacy group that receives funding from Google, PayPal, Mozilla and others.

Google says its automated scans of the Internet recently turned up malware on roughly 300,000 Web sites, double the number it recorded two years ago. Each site can contain many infected pages. Meanwhile, Malware doubled last year, to 240 million unique attacks, according to Symantec, a maker of security software. And that does not count the scourge of fake antivirus software and other scams.

So it is more important than ever to protect yourself. Here are some basic tips for thwarting them.

Protect the Browser

The most direct line of attack is the browser, said Vincent Weafer, vice president of Symantec Security Response. Online criminals can use programming flaws in browsers to get malware onto PCs in “drive-by” downloads without users ever noticing.

Internet Explorer and Firefox are the most targeted browsers because they are the most popular. If you use current versions, and download security updates as they become available, you can surf safely. But there can still be exposure between when a vulnerability is discovered and an update becomes available, so you will need up-to-date security software as well to try to block any attacks that may emerge, especially if you have a Windows PC.

It can help to use a more obscure browser like Chrome from Google, which also happens to be the newest browser on the market and, as such, includes some security advances that make attacks more difficult.

Get Adobe Updates

Most consumers are familiar with Adobe Reader, for PDF files, and Adobe’s Flash Player. In the last year, a virtual epidemic of attacks has exploited their flaws; almost half of all attacks now come hidden in PDF files, Mr. Weafer said. “No matter what browser you’re using,” he said, “you’re using the PDF Reader, you’re using the Adobe Flash Player.”

Part of the problem is that many computers run old, vulnerable versions. But as of April, it has become easier to get automatic updates from Adobe, if you follow certain steps.

To update Reader, open the application and then select “Help” and “Check for Updates” from the menu bar. Since April, Windows users have been able to choose to get future updates automatically without additional prompts by clicking “Edit” and “Preferences,” then choosing “Updater” from the list and selecting “Automatically install updates.” Mac users can arrange updates using a similar procedure, though Apple requires that they enter their password each time an update is installed.

Adobe said it did not make silent automatic updates available previously because many users, especially at companies, were averse to them. To get the latest version of Flash Player, visit Abobe’s Web site.

Any software can be vulnerable. Windows PC users can identify vulnerable or out-of-date software using Secunia PSI, a free tool that scans machines and alerts users to potential problems.

Beware Malicious Ads

An increasingly popular way to get attacks onto Web sites people trust is to slip them into advertisements, usually by duping small-time ad networks. Malvertising, as this practice is known, can exploit software vulnerabilities or dispatch deceptive pop-up messages.

A particularly popular swindle involves an alert that a virus was found on the computer, followed by urgent messages to buy software to remove it. Of course, there is no virus and the security software, known as scareware, is fake. It is a ploy to get credit card numbers and $40 or $50. Scareware accounts for half of all malware delivered in ads, up fivefold from a year ago, Google said.

Closing the pop-up or killing the browser will usually end the episode. But if you encounter this scam, check your PC with trusted security software or Microsoft’s free Malicious Software Removal Tool. If you have picked up something nasty, you are in good company; Microsoft cleaned scareware from 7.8 million PCs in the second half of 2009, up 47 percent from the 5.3 million in the first half, the company said.

Another tool that can defend against malvertising, among other Web threats, is K9 Web Protection, free from Blue Coat Systems. Though it is marketed as parental-control software, K9 can be configured to look only for security threats like malware, spyware and phishing attacks — and to bark each time it stops one.

Poisoned Search Results

Online criminals are also trying to manipulate search engines into placing malicious sites toward the top of results pages for popular keywords. According to a recent Google study, 60 percent of malicious sites that embed hot keywords try to distribute scareware to the computers of visitors.

Google and search engines like Microsoft’s Bing are working to detect malicious sites and remove them from their indexes. Free tools like McAfee’s SiteAdvisor and the Firefox add-on Web of Trust can also help — warning about potentially dangerous links.

Antisocial Media

Attackers also use e-mail, instant messaging, blog comments and social networks like Facebook and Twitter to induce people to visit their sites.

It’s best to accept “friend” requests only from people you know, and to guard your passwords. Phishers are trying to filch login information so they can infiltrate accounts, impersonate you to try to scam others out of money and gather personal information about you and your friends.

Also beware the Koobface worm, variants of which have been taking aim at users of Facebook and other social sites for more than a year. It typically promises a video of some kind and asks you to download a fake multimedia-player codec to view the video. If you do so, your PC is infected with malware that turns it into a zombie (making it part of a botnet, or group of computers, that can spew spam and malware across the Internet).

But most important, you need to keep your wits about you. Criminals are using increasingly sophisticated ploys, and your best defense on the Web may be a healthy level of suspicion.
Logged

* *
"Wind to your back, Kite in the sky."

MikeM
Brookings, OR  - KP 4-11

* *
#518  -    #110883 -

Pages: [1]   Go Up
  Print  
 
Jump to:  


kmacFab
kmacFab

Kite Classifieds Ad
Kite Classifieds

A Wind Of Change
A Wind Of Change

Untitled Document
Untitled Document

Kite Classifieds Ad
Fly Market

A Wind Of Change
skyshark

Kitebookie
Kitebookie.com

Untitled Document

Untitled Document
Untitled Document

Our forum is made possible by the good folks whose ads appear above and by the members of our community (PayPal donation button at bottom)
In case you missed it each ad is linked to the sponsors web site.  So please, take a moment and visit our sponsors sites as this forum wouldn't be possible with out them.
Interested in running an ad for your business or kiting event?  Contact Steve at advertise.gwtwkites@gmail.com for a quote.

Cal Custom

Support the GWTW Forum

Powered by MySQL Powered by PHP Powered by SMF 1.1.8 | SMF © 2006-2008, Simple Machines LLC
SimplePortal 2.2.1 © 2008-2009
Valid XHTML 1.0! Valid CSS!