"AOL E-Mail Hacks" Topic

Over the past several days, I've received bogus e-mails from four different correspondents who have (or had, one changed her account) AOL e-mail accounts. Two were church members and two were wargamers (who are fairly regular posters here and one several Yahoo groups).

So beware AOL e-mail account holders!

Jim

Unfortunately this seems to happen to most of the main email systems, Yahoo and Hotmail users are regularly targeted. Just have to be very careful when you open any email. Most of it is just annoying spam, but there are some nasty fraudsters using hacked accounts.

I hover over the "sender" and even though the visible name is from my Contacts list, the sending email address is bogus, so into the trash it goes. I open nothing….

Great War Ace- if account has been hacked, address will show as correct one. That's the nasty bit of this particular scamming activity. These scumbags may also prevent the legitimate user accessing their own account.

I have received several suspect e-mails, including "from" Rebel Minis and my own daughter. When I place the cursor over the sender's name/address (FROM) the true sender's address appears, at least it does in AOL Mail.

Tim

If I don't know you personally or have met you elsewhere, or recognize the e-mail, I never open it.

That's all well and good not to open e-mails from unknown senders, but these were all from people who I know and with whom I have corresponded. The titles were "iffy" but the return addresses were valid.

I just did this as a warning to all my TMP compatriots who may have AOL e-mail accounts.

Jim

"AOL E-Mail Hacks"

but there are some nasty fraudsters using hacked accounts.

These are not necessarily "hacked " accounts. It is actually quite easy to set up an email so that it appears to come from one email address when it has actually been sent from another (as Great War Ace and tberry7403 indicate above). All you need is a genuine emal address. These are easily obtainable when people (for instance) publish their email address on a web site or blog.

As the major says. And they can just make up username@aol.com as well to mass send.

I'm quite interested in what email software lots of you are using that let's you delete emails without 'opening, them. Virtually all email software now has a preview / auto view, so by simple selecting a message it's contents are viewed. Which to me means the HTML has even evaluate and and JavaScript can potential run.

In the past, the Mac OS has been immune to e-mail embedded scripts, so you could open e-mails without concern, though of course any links or attachments still needed to be avoided— read, but don't click. I believe that status remains in effect for the most recent Mac OS, but I won't swear to that. Still, AFAIK, none of my family's aol accounts have ever been hacked. I do get spam from friends with aol and Yahoo accounts all the time, but it's almost always immediately obvious. Makes me wonder how I've managed to remain unaffected, but I do use strong passwords (obscure words or word combinations with numbers inserted), and the friends I tend to get stuff from are not very tech savvy.

Remember, folks:

1.) Use strong passwords, with a mix of capitalization, numbers and symbols, and don't use common words or dates as part of that.

2.) Change your password from time to time.

3.) Use the BCC feature in e-mail to prevent others e-mail addresses from being snagged by spammers.

4.) DON'T CLICK ON ANYTHING IN AN E-MAIL unless there is absolutely no chance it is a disguised or fraudulent source.

5.) Nobody with your e-mail service, Internet provider, bank, credit card company, or other major online service needs to have you e-mail them your password or account name or any number associated with any account you have with them. THEY ALREADY HAVE THAT INFO, IF THEY NEED IT. So any request for the same is in all likelihood a scam.

6.) When in doubt. leave the e-mail untouched, and go directly to the source it says it is from on your own— contact your friend, your bank, your service provider, etc., directly, using known an valid URLs or e-mail accounts, not anything suggested or provided in the e-mail. It never hurts to be certain, and no one will object to saying, "Oh, yes, that's legit. Thanks for asking!"

Dear ColCambell

True, if the subject is iffy even if from a friend I don't open it.

Of course I'm not on facebook, linkedin or any soial media sites so….

AOL's security certificate is showing expired again.

Grimm

I am getting SPAM mail from two AOL account from my various Yahoo Groups. They both started on the 18th and i get mail daily from them that is not kosher.

Grimm

Having just had to pay $250 USD to have my e-mail computer wiped from a virus and everything re-installed, (and this is the third time in four years I've had to have it done, I am beginning to think that what I'm getting off the net isn't worth it, and scrapping the whole thing.

I have three computers. Two of them are NEVER hooked up to the net. Those are the one with my personal finances and the other with my war gaming stuff. If I need downloads for graphics, it goes over on a disk, and the disk is carefully checked. So far it has kept the wargames and finances computers clear and running fine. The e-mail tough always has problems.

I'm beginning to wonder if I shouldn't just scrap it and sing off for good. The same with cable. I have only the basic package, and I watch about two shows a week. What do I need the other 70 channels for. Been to my friends house who has over 600 channels. I saw many of them. First of all, I won't live long enough to see a whole show given the number of commercials between content (and half the content is reviewing the last half hour of content and teasing the next half hour (which may come around on the third day of Rosh Chodesh.

I think when my present analog television dies (radio-shack, bought 20 years ago! Works fine) I'll just drop cable and television. That will make my decision on e-mail easier. It goes in and out on a cable modem.

I could have bought a lot of neat stuff with that $750. USD

Otto

Computer network hacking should be classified as Treason and/or Terrorism.

Punishment should be death once convicted. No exceptions.

If you consider the level of damage, anguish, and whole identity cost to the wider GDP, it is as significant as a small war.

Disruption of commerce/communication is grounds I say.

Having just had to pay $250.00 USD USD to have my e-mail computer wiped from a virus and everything re-installed, (and this is the third time in four years I've had to have it done,

It would probably be cheaper to install a decent anti-malware package. There are even some reasonably good ones that are free!

I think when my present analog television dies (radio-shack, bought 20 years ago! Works fine) I'll just drop cable and television. That will make my decision on e-mail easier. It goes in and out on a cable modem.

Not sure what you are getting at here. The transmission medium doesn't affect how vulnerable you are to malware.

Dear Major Bumsore

Have excellent security software. Works expertly-- for a while. Update it constantly.. They still get through.

That's the point, the medium doesn't enter into it. There's the hackkers, and like cockroaches they can get in anywhere.

What's the point? How did they subvert the system this time? Simple they got through the battery back up because it was failing and not always putting up the correct time.

fred12df:

I'm quite interested in what email software lots of you are using that let's you delete emails without 'opening, them. Virtually all email software now has a preview / auto view, so by simple selecting a message it's contents are viewed.

Most versions of Outlook, and Mac's Mail, let you turn off the preview pane. Then the only way to see the e-mail is to open it. If you select it and delete it, it's gone without ever being processed. I would expect that most e-mail clients have that feature.

They also seem to be copying old email addresses. I got one apparently from a former coworker. Whoever did this had a lot of other email addresses I recognized. I sent my coworker a heads up.

Have excellent security software. Works expertly-- for a while. Update it constantly.. They still get through.

If you say your computer was affected by a virus, then your anti-malware software obviously wasn't good enough. Or you hadn't updated it's signature database often enough. Anti-malware software is supposed to block and quarantine viruses. If it didn't, it failed.

OTOH, perhaps your problem was not actually a virus at all, but some other form of intrusion. "Virus" seems to be a catch-all for anything dodgy on a computer. The Heartbleed vulnerability has
been erroneously described as a virus!!

What's the point? How did they subvert the system this time? Simple they got through the battery back up because it was failing and not always putting up the correct time.

Through the "battery back up"??? How does that attack work then?

They also seem to be copying old email addresses. I got one apparently from a former coworker.

Oh yes, that's quite common. It's amazing how many old email addresses are left lying around on the Internet.

Whoever did this had a lot of other email addresses I recognized. I sent my coworker a heads up.

Sending your coworker a heads up, while friendly, doesn't really help. There's nothing he can do about it, particularly as the account is no longer active.

Dear Major Bumsore

I don't know, but that's what my computer guy said. He said it was because the clock wasn't registering the right time. I don't know if you really want to know I'll ask him, but I don't know if I'll understand it well enough and retell it correctly. If you really want to know send me your e-mail at sigurd1@eclipse.net and I'll give you his phone number.

Otto