PDA

View Full Version : Watch your e-mail address



28-03-01, 21:26
I am a regular reader/contributor to this forum. Last weekend I was on the net via my ISP who are AOL. On Saturday all was OK. On Sunday I could'nt get in. A call to AOL revealed that this was because they had removed my password because almost 1000 mails had been sent from my account in a ten minute period during the night. These messages invited what appear to be random recipients (not my address book thank goodness!) to visit "Betty's Big Boobs porn site". It would appear that my password had been hacked as my machine has been checked as clean of viruses. If any of you got this, it was'nt me, honest!

A side effect has been that, since the weekend, I have had nearly thirty invitations from other porn sites to visit.

I am advised that it is likely that my e-mail address was picked up from a forum and as this and a couple of other boating related ones are all I use this site is a prime candidate. I have never really worried about revealing my e-mail address but it would appear that there are dictionary and Atlas programs which will simply sit and work through the dictionary/atlas to find a password quite quickly.

My son the IT consultant advises that

a) Do not reveal your e-mail address unless you are confident about who you are giving it to. b) Select a password which combines alpha and numeric digits and, ideally starts with a numeric digit. c)Keep your anti virus software up to date.

Fortunately, this incident has been little other than embarrassing to me as I have unlimited access anyway but it is a salutory lesson.

Nick

28-03-01, 23:13
I assure you the scan would not have come from this Forum. It would have come from an AOL Forum you are a member of. There are many hacks obtainable from search engines such as ASTALAVISTA which aim specifically at AOL and the old COMPUSERVE. I have a 'dump' email address which I use in hackable Forums. Whilst this place is hackable it isn't worth a spammers time they will always go for an easy mark like AOL.

28-03-01, 23:49
It's also a good idea to setup a Firewall, so your computer can't be interogated. I run ZoneLabs "ZoneAlarm", on average it intercepts about 10 attempts a day. Test how vulnerable you are at http://grc.com/lt/leaktest.htm ZoneAlarm is available free for home use from http://www.zonelabs.com/ Brian

29-03-01, 00:42
Surely this comes down to the relationship between eMail addresses and ISP access being so easily linked. Pretty random hits on ......@aol.com then a matching ...... pw often hit. Get yourself 'an addy' - and keep your ISP secret!

29-03-01, 01:28
Thanks Nick I've reverted to my old address haydn@bottomofsea.com !!

29-03-01, 13:19
Betty Who?? I think I might know her!!

29-03-01, 13:47
Betty's Big Boobs was not particularly original but some of the e-mails received since then make amazing suggestions. I must have led a sheltered life. I have suggested to Liz that she might want to try some the more interesting possibilities but she says she is too old and I should keep my hands to myself.

Nick

29-03-01, 13:52
I do not remember joining any other forum although I certainly have looked at a few but this and scuttlebutt are my most regular. I have thought of leaving my current address to use in the way you suggest and adopting a new name as my main address but the problem is that the current one is widely known by people I want to have it and it is a bit inconvenient to change. I suppose as mail is received I could always do a return e-mail advising of the change to legitimate people contacting me on the old address.

Nick

29-03-01, 13:55
Thanks for that. I have not used a firewall at home. Does it impact on anything else you do?

Nick

29-03-01, 13:58
Pardon my ignorance but what is an "addy"? I am just a simple accountant.

Nick

29-03-01, 14:00
I think she works in the newsagent's next to the station!

29-03-01, 20:19
Addy = address ;-) = wink & smile ;-) = smile :-C = sad face btw = by the way IMHO = in my humble opinion

There's dozens of them, they'll grow on you, its only taken 10 years on the net for me to learn them all. Same as the Firewall talk here... rubbish, what the interrogation is in fact as a Cookie request. Ergo using the facility mentioned prevents you dealing with certain sites.

29-03-01, 23:52
Sorry - wasn't trying to be clever. Yes addy = address. As an AOL user you could well have nickrobinson@AOL.com or nrobinson@aol.com etc nick1.... but this sort of eMail addy gives the ISP - who often use it as your user name - and then it's just a matter of guessing your password. Having your own address - about 15 and redirecting your mail from the ISP helps this (and gives you a permenant addy regardless of ISP (if you a=ever fall out etc)

and thanks for the warning - you cannot get too many 'watch out' messages.

30-03-01, 05:44
No, there's no impact on anything else, just the occasional message window to say that ZoneAlarm has blocked someone tryimg to access my PC. Also gives the address of the offending computer.

31-03-01, 02:01
It's available Haydn - few quid and an easy to set up divert and you can have all the fun of the fair with Haydn@bottomofsea.com stinkpot@bottomofsea.com .... for you know which forum sunseeker@bottom......you get the drift!

nearly bought it for a laugh; but it was your idea...

http:\\uk2.net and follow instructions

03-04-01, 01:30
A couple of years ago I tried the AOL free trials, (a couple of times) .I got LOADS of porn ads in my e mail from the very first day (so it could not have been "picked up" on any site) , despite NEVER having given my address or, originally having used the internet before. Since I've a young daughter, thats why I did not in the end use AOL - I suggest that the "leak" may in fact be at their end.

06-04-01, 01:23
I can vouch for zone alarm, since installing this transparent program, I get 1-3 interogations a time during an evening session. and maybe up that to 5-10 times in the weekends, evenings i'm on line about1-2 hours!, and w/ends about 3-4 hours, all in all an exellent software addition to pc-cillin anti virus. all the best bri.

06-04-01, 03:18
You aint intercepting anything except a call for a 'Cookie' which is quite acceptable and normal.