Email accounts being hacked.

[MaryA]

Both the Forum Administrator email account and my own personal account have recently received emails from members of the Forum that are obviously not sent by them.

This is intended to just be a warning if anybody receives emails from people who they may even know, but which has a strange link in the body, DO NOT CLICK IT. Delete the email immediately and notify the sender, preferably via other means than replying to the email.

You may think that your anti-virus software is keeping you safe, but as these emails don't appear to have viruses attached they are getting through. It is probably more annoying to the recipients but more serious to the sender as their account has been hacked, so do notify them if you can.

I would request that if anybody has the Forum Administrator or indeed my own personal email address amongst your contacts, please delete them unless you are a personal friend.

Thank you all for your co-operation in this matter and keep yourselves safe!

[dickiesam]

While my account has not been hacked I know a number of people whose Address Book was hacked/stolen. Those incidents prompted me to put the following together:

So how do the spammers and scammers get one of your email addresses? They can do this in several ways but the most common are:

'Exposing' an email address in a post on an open forum where a bot might 'harvest' it and Address Books and Inbox/Sent folder contents 'hacked/stolen' from computers infected with viruses. It could be the Address Book or Inbox/Sent folder in any computer used by any person who has received an email directly, or via forwarding, from you (or where your address is in the Cc or TO list of recipients).

This is why you should NEVER forward emails with long TO or Cc lists of addresses on them directly to others, since that is placing many people at risk of having their email address stolen. A good practice to impress upon others is to never address a mail using the TO option. Use the old-fashioned BCC [aka blind carbon copy] option for each recipient instead. This means your mail, even with several addresses on it, will arrive showing 'To undisclosed recipients'. No recipient will know who else got the mail and if they forward the mail 'carelessly' that next recipient won't know either.

Address lists can be stolen from servers. There are the well-known instances in the past few years where someone hacked into a corporate or government server and stole an address list and other personal information.

Many Forwarded mails have several, if not many and sometimes hundreds of previous addresses listed on them, most of which will be unknown to you. Most of the newer viruses and later variants of 'old' viruses have the ability to search for anything that looks like an email address in other places than the Address Book. So if the virus arrives at an unprotected computer and finds mail that has been Forwarded many times, there is usually a 'goldmine' of addresses. Often these are in the Deleted Items folder because the email program has not been configured to permanently delete mails in this folder when the program is closed.

If a particular mail has been sent or copied to me and copied to others and it still has a host of previous addresses in it, when a virus arrives at one of the 'other' addresses, and it's an unprotected PC with a curious/careless user who opens the attachment, I will get a virus-infected mail or a spam/scam mail from someone I don't know.

Unfortunately, while many of the 'guilty' senders will have an antivirus program on their PC, installed when they bought it, no-one impressed upon them the vital necessity to update the Virus Definition Files at least once a week!

Those of us who do update our A/V virus definition files regularly can do nothing about this apart from not sharing stories of interest, etc, in future. However, we can continue to share and diminish the risk of proliferation later in the 'chain' by removing ALL previous addresses from any mail we choose to forward to our friends and other contacts. This includes Cc. So, if a mail eventually lands in an unprotected PC, the available source of addresses will be that much smaller. A better, and perhaps easier, way is to simply copy and paste the content into a new mail instead of forwarding the mail that arrived in your mailbox.

I put this footer on most of my outgoing emails...
Please delete my Email address if you forward this Email and use Bcc. Say No to spammers!!

[MaryA]

I can only agree with all you have said above DS. I have lost at least two email friends because of requesting that they either comply with the rules you have set out, or not to forward "jokes" to me, they didn't understand, but I would rather they didn't include me in their long list than risk problems.

[Wendyem]

Good point Mary A.,
I recently had an email from a not often heard from distant rellie in Ontario with a website link. I did click on it as I'm always happy to hear from her...weird.. not properly registered sit was what it said, & did offer ads to Asian ladies etc.
She knew nothing of this.

Dickiesam good points.

cheers Wendyem

[dickiesam]

A current mail doing the rounds purports to come from someone you know, perhaps in your own Address Book, and says they are stranded somewhere abroad... passport and money and credit cards been stolen, and begging for money for the air fare home even to the extent of saying the amount needed and where to send it [usually by Western Union].

The explanation is that your address and that of the supposed sender were either in the Recipients list in a hacked forwarded mail or in someone else's hacked Address Book.

[Wendyem]

I had same from a new-found rellie (on mailing list) Claimed to be the daughter whom I'd also had email contact with. Just needed money to get out of Spain or somewhere like. Sadly I didn't & don't have that sort of money & told her so. Duh!
Son put me wise so I emailed her Mother & others connected to let them know of the scam.

[MaryA]

That seems to be about all we can do in those sort of circumstances, mind you I know about a year or so ago our Katie did take the trouble to actually call at one of our members houses that she had received this email from, just in case he was in difficulties. How good was that of her?

[Wendyem]

Yeahhh! Katie.