I've seen this plenty of times before. The email comes in from someone that you know, a friend, family member, colleague, etc. It may or may not have a legitimate soundi8ng subject line, but inside it has a web link, along with possibly having some strange message that is likely out of character for them.
Often times, you'll get a note from them later to the effect "my account got hacked". "Hacked" is often used in this context, though that's not exactly what's going on. Here I'll tell you what to watch out for, how to know when something's shady, how to respond after the fact (if it's too late), and how you can protect yourself (and others).
First of all, spam from compromised accounts comes in a lot of shapes - email, Facebook, Twitter, Myspace (yes, some still use it), etc. There are a few ways that this may manifest itself.
The first I will mention is "The Joe Job". Usually, you have to really make someone mad to get this one. This is a weapon of spammers & scammers where they forge your name and email address into the sent and return to fields of their email. Usually people who receive this treatment have caused considerable grief to the criminal. Personally, I have had this happen to me, while doing some anti-spam work several years ago. If this happens to you, your email account is not compromised. No one has been "into" your account, nor harvested your contacts. It is a nuisance, but the amount of work involved is proportionally significant for the "results". Therefore, most folks are unlikely to receive this treatment.
How about if your email address, but not your name? This happens too. This is an unfortunate effect of "spoofing". In spoofing, the spammer/scammer will pick a random address from their spam list, to use as the sender or reply-to fields, it's often used along with a false or incorrect real name/company. This one is a bit less malicious than the Joe-job, yet still rather annoying, as the intents with it is that some of these messages may slip past filters by being in "someone's" address book. Again, if this happens to you, your account is likely still safe,
Cloned Account: I have seen this mostly in social media sites,and only rarely in email form. In email, it would be very close to the "Joe Job", and would be significantly more work than most spammers/scammers would like to expend for the "payout" - especially since the odds of a score are so small. However, in social media forms, this takes the form of one "befriending" an individual, copying one (or several) image(s), creating a profile using their name, images, etc, then inviting that user's "friends" as friends. Once this happens, they will attempt to scam them for money in some way. This often takes form like the "Nigerian 419 Scam" format, except instead of inheriting or winning a sum of "money", it's a "friend" asking for help with something financial, often times rather outrageous, but sometimes seemingly plausible enough that it may fool some. If this happens to you, then you're account, itself, is not compromised, though one of your "friends" is not really a friend - or one of your friends accounts was compromised. You can deal with cloned accounts by reporting them to the company as a violation, and have them shutdown.
This leads me to the last one I will discuss today, and the most relevant, with regard to today's blog updates. The hijacked account. If you have people telling you that your account (email or social media) is sending out junk, and you see that your "sent" folders have things in them you never consciously sent, then someone else has been using your account. Often times this happens in a rather benign seeming way. You may be on Facebook, sign up for a new app, and it asks you to 'verify your account" or "verify your email". Apps that ask for this information, especially when you are logged in already, are phishing for account info to use for malicious purposes. The spammers/scammers that harvest this info may not use it right away, and may wait for a bit before logging into the new account they have gotten. If this happens to you, there is (likely) no virus in play, nor were you specifically targeted for attack. They don't want your account, they want any account. No one is (likely) sitting at a computer, or writing a script to specifically break into your account for these purposes. One who would do that is of a more direct threat, and should be reported to the proper authorities. In the event you are victimized in this manner (the hijacked account), you should change your password immediately. To be sure, you will want to make sure that you have a clean computer, and one that you trust (home, not public) just to make sure you don't type this in while also having a keylogging trojan horse, as well. Once your password is changed, they're out of your account. They've lost access, and will very likely leave you alone and wait for the next person who falls for their trap. No matter how important you feel you are, very likely, you are not important as anything but a free email address for a short period of time, for the criminals.
How to avoid them? Watch out for anything that asks for you to "confirm" your login information (email or social media) to perform a certain task, especially if you are logged in, already - or you believe you are. If you're unsure, feel free to take a look at the app/page in a search engine. Often times scams and hijackers will have pages dedicated to them. Of course the old "only go to pages and places you trust" comes to mind as well. Opening the emails or IM's may not directly hijack you, but I will discuss that in the next page!
No comments:
Post a Comment