Sunday, May 16, 2010

Hackey Frack

You never think it'll happen to you, and there is an air in the techno culture that the people that it happens to somehow had it coming. Like the secretary walking by the construction site in a mini skirt. Yeah, we had it coming. And so do you.

I'm surprised they got me. I rarely download anything, and I don't download things that don't belong to me. The email that was hacked  is one I rarely use and have never publicized. On my website, front and center is another email clearly displayed, but they didn't get that one.

Early one morning I watched in dismay as forwarded email from another account began to appear. Initially it was bouncebacks from various sites where I had accounts, many long ago forgotten. I opened one and immediately recognize that someone was using my good name (OK, mediocre) to scam others.

Within an hour of the initial attack, I tried to log in to the hacked account, but it was too late. They had stolen my password, and changed it. I couldn't get in.

Slightly after the one hour mark, I began to see emails from real people, very fine friends who I barely knew or folks who were incredibly decent that I had only had slight contact with in a long ago past. Some were concerned, and might have sent money, others were more savvy and knew I had been hacked and a third group emerged that gave me reasons as to why they couldn't send money.

Cringe, cringe, cringe.

If you read my blogs, you will be hard pressed to find my name, and the account that was hacked is associated with my name. My password was based on a tiny place name in a fairly obscure foreign language. Not good enough.

So here are my recommendations.

Your password must contain upper and lower case letters, combined with numbers. If it doesn't, you're an idiot. I know, because I used to be one.

If you use an email program like Gmail, you need to regularly delete all unneeded addresses from your contact list. Gmail automatically stores the address of every email you receive. This will minimize the damage if you do get hacked.

You need to make sure that your ability to recover your account is solid. Most importantly, you need to make sure that the secondary account that you gave when you registered is active, and that you know the answers to the secret questions.

Do not store passwords to other accounts in a folder within your email, write them down and put them in a desk drawer.

For me the damage was minimal, and I was fortunate. But this can and will happen to you if you're not careful and the results could potentially be catastrophic.

Mothers, tell your children not to do what I have done.

http://www.goyestoeverything.com