Welcome!
If you have an account, please:
Log in
Stay Informed
Recommendations

Here's something that


I, Jeremy Duffy, actually recommend and think is worth checking out.
No web-bugs, no bs, just a legit recommmendation that I have personally evaluated before allowing it to be listed here:

▸ Simple to add and manage gift lists for yourself, your kids, or your business

▸ Secret gift coordination

▸ Duplicate gift protection

www.AGIFTA.com

Think something's here that shouldn't be? contact me!

How can I help you?
Contact Jeremy

Account Hijacking

Yesterday my wife received an e-mail from a friend that had a generic subject and only a link as the content. Fortunately, she knows enough to suspect that her friend's account was likely hacked to send bad e-mails. After a quick phone call we were able to confirm with her that was the case.

This same advice works for any online account; e-mail social network, etc

Her poor friend was now stuck with the embarrassment of handling an e-mail that contains a virus-laden link that was sent to all her friends, family, and business contacts (several hundred in her case).

And of course, the worst part is that she had no idea how to handle the problem. For anyone else who runs into this problem, here's what you need to know:

Why People Do This

Account hijackers are like...

Anything from pranks to making money to stealing corporate/government secrets… take your pick. The point is that it's easier to trick people out of information than to break into secured facilities or even an average person's home (that's why there are phishing attacks (before) and hijacking now.

The reason that account hijacking has become the new "in fashion" thing is because you're much more likely to believe and respond to a message from a friend than a random stranger. Regardless, the key is to not immediately believe what you see.

How to Know You've Been Hacked

The first and most obvious sign is that you can't access your own account anymore even though you're sure the password is correct (though make sure that your CAPS-LOCK key isn't on!).

Another is that people call you to ask about your "status update" or a strange e-mail with a link or attachment.

If it was your e-mail that's been hacked, you might even get a series of "out of office" replies from business contacts.

What to Do

If You Are Locked Out Of Your Account

The process is much harder if you've been locked out of your account since regaining control may be difficult or impossible. Regardless, here is what you would do in order:

  1. The very FIRST thing to do is contact everyone you can by phone or using an alternate e-mail. A mutual friend who has many of the same contacts can also help spread the word through a social site or their e-mail address book.
  2. Once you've warned everyone, then you have to work on getting control of your account again. For many sites, you can use the "reset my password" function to regain control, but if that doesn't work for any reason (such as the case where it's your e-mail that's been hacked and you didn't set up an alternate e-mail that they can contact you at), you'll need to contact the company directly.

    LA LA LA! Not listening!

    Contacting a company can be hard because the last thing they want is to spend their valuable time talking to the unwashed masses (that would be you). For some of the most common webpages, here's a starter list of contact methods you can use:

    For each of these links, I just did a Google search for "[name of service] account hacked" and tried a few of the links till I found one that looked good. If these links go bad or for a service that is not listed, try doing a search like I did.
  3. Change your password to something that doesn't stink and don't fall for the variety of tricks that make people give the password away when they didn't mean to (or didn't realize that it would be a problem). See my passwords guide to read about how to make and keep safe your passwords.
  4. Fix your computer's security! In some cases, the hacking of your account doesn't have anything to do with them getting into your computer, but it often does. Make sure you have the right security set up and run scans to look for problems. In the worst cases, seek geek help or professionals.

If you can still log in

If you can still log into your account, you'll do most of the same steps, just in a different order.

  1. First, CHANGE YOUR PASSWORD! For as long as they know your password, they can do anything they want. Lock them out as soon as possible.
  2. Next you'll let everyone know, but unlike above, it's just a matter of sending out another e-mail to your address book warning them of the problem (which is much easier than having to go to the phone or through other channels). Here's a sample e-mail you can use:

    Subject: WARNING! My account was hacked! DO NOT OPEN THE LAST E-MAIL FROM ME!

    E-mail: I'm sorry to say that my account got taken over and used to send a fake e-mail/message! I've already regained control of my account so you can just delete and ignore it and there shouldn't be any more problems.

    If you clicked the link, downloaded any attachments, or installed any software the bad message recommended, I recommend you check your system security and change your passwords like I did. Here's a helpful guide online that you can use:

    What To Do When Your E-mail Has Been Hacked

    And by the way, so that you know this is really me and not another bogus e-mail; I drive a [insert the kind of car you drive here]

    Clearly, that last little verification detail could be anything so long as it's something that people would know was you. By the way, I recommend using that little e-mail personalization trick for all e-mails all the time.

  3. Check your computer security. They got your password somehow. If you read my passwords guide and know you're doing that right, they may have gotten your password through some spy software on your computer. You'll need to find and remove it (or more specifically, let your security software do it for you.

Prevention

As listed above, this is a problem of passwords more than anything. Hackers don't attack the company itself (like Yahoo etc) because that's hard, likely to fail, and, most of all, they don't have to!

It's much easier to trick you into giving away your passwords or eavesdrop on your computer using spy software and then log into your account using the normal login procedures.

To avoid becoming a statistic, protect your computer with the right security software and learn how to make good passwords and keep them safe. Do these and the chances of your account getting hacked are comparatively very small.

Guide Navigation
prev: Tricks and Scams|INDEX|next: Trusting Companies
Online Addiction: From gambling to surfing and online gaming, people can destroy themselves and others with online addiction.
Posting Online: The Internet never forgets anything completely. Make sure you don't make mistakes that will stick with you for the rest of your life.
Protecting Photos: The Internet never forgets anything completely. Make sure you don't make mistakes that will stick with you for the rest of your life.
Getting Tricked: You WERE doing fine... until someone convinced you to install a virus or give away your passwords. Don't fall for it!
Account Hijacking: One of the most common security risks today is people getting their accounts taken over and then used to trick their friends and family.
Trusting Webservices: An online service promises they'll 'Never abuse or misuse your data' and you believe them? Think again.

Share This

Have a Comment or Question?

1 Comment to “Account Hijacking”

» Comments RSS Feed

Well written article and a great public service. Thank-you! 🙂

IDENTITY THEFT
How to Steal Identities - Why It's So Easy
Credit Freeze
Out and About Defense
credit-monitoring
id-theft-insurance
The Identity Theft Victim's Mini-Guide to Recovery
PRIVACY
The Geek Privacy Principle
Nothing to Hide
Data Abuse
RFID - Radio Frequency IDentification
Privacy Alias/Persona
Out and About Defense
INTERNET SAFETY
Online Addiction
The Consequences of Posting Online
Photo Safety
Tricks and Scams
Account Hijacking
Trusting Companies
PASSWORDS
Bad Passwords
Password Tips and Tricks
Password Protection
Password Mugging
Computer Security
E-mail Safety
Kids and Computers
Shopping Online
Retailers
All About Warranties