BNR Website and Digital Marketing Blog

BNR Branding Solutions is based in Huntersville, N.C., and is a full-service web development and digital marketing company.

Friday, 24 December 2010 15:25

From China with Love

Written by 
Rate this item
(3 votes)

Back in November 2009 I wrote about hackers and the importance of having updated software. I had quoted a blogger that had taken the time to track down the guy that hacked his website to interview him. Apparently my wife did not read that post. She doesn’t have a website to protect but she could have learned the lesson that hackers do not attack individuals, they attack systems and vulnerabilities. Guess which one she fell victim to? Interestingly enough, she was the 4th person on my contact list to lose control of an email account in the last month.

Like many millions of internet users, my wife uses a cloud based email service, in her case she uses Gmail. A few weeks ago she called me in a panic because her “phone was blowing up with emails!” She went on to tell me that she was getting dozens of email bounces as well as a bunch of replies from people on her contact list asking her why she was sending out a spam link. Of course she wasn’t sending spam, but her account was. This wasn’t a typical email spoof, it was actually her account sending the email!

Like many millions of internet users, my wife did not have a complex password. Hers was harder than most that can be easily deciphered or socially engineered but it was still only a string of numbers. This made it rather easy for a hacker in China to compromise her account and send out thousands of spam mails – including mail to all of her contacts. Lucky for her, the guy was a better hacker than email writer so no one fell for the link that was sent.

So how do I know it was a guy from China and how did we get the account back? Well, it was rather easy this time due to some forward thinking by Google. Many Gmail users don’t know this, but there is a very handy link at the bottom of your Gmail account. All the way down in the footer there is a status update that indicates when the last account activity was. It also has a link to the details on your account activity. Clicking that link will give you the details of all the recent access to your Gmail account the type access, the IP address it was accessed from, and the time and date it was accessed. This will tell you is someone is getting in to your account from another location. Most importantly though, there is a very powerful button at the top of the details page. It’s basically the nuke all connections option. Clicking the button will force all other sessions to be logged out. Combine that with a password change and you have your account back.

The other important lesson to remember is to use a strong password. Microsoft has a great article describing how to create a strong password that you will be able to remember. Follow their simple process and your accounts will be less susceptible to brute force hacking attempts.

http://www.microsoft.com/protect/fraud/passwords/create.aspx

BNR Branding Support

Brent Friar is the owner and chief web developer for BNR Branding Solutions. His development experience dates back to 1994 when he was a founding partner of Internextion Web Development in Orange County, CA.

Go To Top