After a wonderfully tranquil period of time, it seems as though computer hackers have decided it’s time to end their slumber and up the ante. Lately, I’ve been slammed with everything from potential attacks to full-on email takeovers that send messages complete with the user’s signature at the bottom. It’s been a blast around here, believe me. Should this happen to you, there’s no need to panic. We’ll let you know the steps you should take to regain control of your email, and protect your reputation.
A couple of weeks ago, I received an email that was forwarded to me from an employee of one of my business clients. The subject line contained her email’s username (the name before the @ symbol) and a password that she uses commonly. The sender claimed that the recipient had watched pornography, and that she was recorded while watching that pornography. If the sender didn’t receive a certain amount of money within 48 hours, the video that was allegedly being watched, plus the video of the person watching it would be sent to the recipient’s entire list of contacts. The sender requests the money via Bitcoin, and includes instructions on how to send the money. This seems like a pretty scary situation, particularly since there’s a personal password right in the subject line.
Last week, I got a call from an employee of a different business client. This man told me that he’d gotten six phone calls that afternoon from people he has business dealings with telling him that they’d received an email from him that didn’t seem quite right. The message contained a link with a PDF file that was supposedly too large to email, so it was uploaded through a file service, and that the recipients needed to pay particular attention to pages four through six. The link ended in “.info” which is typically a site you don’t want to go to. Anyway, to make a long story short, he didn’t send that message. A hacker gained access to his business’s email and sent that message to, well, everyone! His office uses Microsoft Outlook through Microsoft’s Office 365 subscription service, and that also includes a website that grants access to emails. The hacker apparently “cracked the code” and logged into the website, then sent the message, and created rules to prevent him from getting or sending emails. That one took some doing to figure out! The rule said that any emails containing “@” (which is ALL of them) would be immediately marked as “read” and sent to the deleted items folder, completely bypassing the inbox. After we got that squared away, emails began flowing in from confused business contacts.
Now that you’re sufficiently freaked out, let’s talk about what to do should either of these things happen to you. First and foremost, change your password. I know that this is a pain to do as you’ll have to change your password on all of your devices, but it’s a necessary step. In the first example, one of the user’s normal passwords is listed in the email. Interestingly, it’s not the password that’s associated with the account that the message was sent to. It was likely recovered from one of the many data breaches that have been reported across the Internet. If you’re “lucky” enough to get one of these emails, just delete it and move on. Secondly, install any and all Windows Updates, and make sure that your anti-virus software is up-to-date. Thirdly, run as many anti-virus and anti-malware scans as you can to make sure that your computer hasn’t been infected by anything. I recommend a full Malwarebytes scan for starters. I should add that you shouldn’t let your curiosity get the best of you. Don’t click on any links or open any attachments from the emails in question. Lastly, inform anyone who may have gotten an email from you to delete it and not click on any links or attachments either.
Don’t you wish people would work an honest job like the rest of us and quit trying to rip us off? While some hackers are to be admired for their ingenuity, that’s where the admiration ends. Having your email hacked is aggravating, but it’s not the end of the world. If you just keep your cool and follow these steps, you’ll be back up and running in no time.