96Bounder30E
America is my home!
Moderator
Joined: 11/21/2002
View Profile
Good Sam RV Club Member
 Offline
|
Moved from General RVing Issues
|
deltamaster
Middletown, New york
Senior Member
Joined: 04/23/2004
View Profile
Offline
|
TMMull wrote:...I just saw on Face Book where they ask for your E-mail account and your e-mail password to help you "find your friends".
THAT is downright stupid... what in the world were the people administering Facebook thinking?!
I ride it like I stole it! 
.......and I just may have.......
I'm on "CB-13", are you?
2004 Fun Mover -- 2002 Sportster -- 1997 Road King
All being pushed down the road by a 1997 "Ram Tough" Dodge Dakota
TSgt(Ret.) USAF
|
deltamaster
Middletown, New york
Senior Member
Joined: 04/23/2004
View Profile
Offline
|
PattieAM wrote:....and I notice that while it appears official, there is always a miss-spelled word or a gramatical error,
While that is always a good clue DO NOT depend on that as the sole source. Some of these scammers are getting very good at spelling and grammer.
Best thing when you get these type of email is to do as mentioned and NOT respond to the email.
Go directly to your bank website using the URL provided by the bank.
Also look for the little lock at the lower left hand corner of the browser or the "HTTPS" in the URL.
|
RoadXYZ
OR-WA-ID-CA
Senior Member
Joined: 08/09/2003
View Profile
Good Sam RV Club Member
Offline
|
Sometimes there is a "rotten apple" in any organization ... disgruntled employee or ? Can happen to most any company or family ..
Travelers 3 - Granpa (N7SJN), Granma Marji & Petunia (9 lb Chi)
"Friends are those rare people who ask how you are and then wait for the answer."
|
livingaboard
Everett wa
Senior Member
Joined: 09/06/2006
View Profile
Offline
|
most people are the cause of hijacked accounts. They either share their password with somebody they trust or use the same password for everything. They sometimes write the password down or get suckered into providing that information via a phishing email as mentioned earlier.
I would venture to guess that a very small amount of victims are blameless for hijacked accounts.
I NEVER write down my passwords. I NEVER give my passwords to ANYONE including my wife. I also use different passwords for different accounts and I don't fall for scam emails
Dave
Everett, WA
2000 Itasca Suncruiser 35U, F53 Triton V-10
Firestone air bags with Quad control air gauge
Pressure Pro
Banks Exhaust
|
|
|
joe b.
Florida
Senior Member
Joined: 08/24/2002
View Profile
Offline
|
My wife, last week got an "urgent" email from a friend traveling in Europe, with her husband, reporting that they had been robbed (a very sad story) and they had lost all their cash, credit cards and airline tickets. The friend asked my wife to send her some money and would repay her when they got back to the US.
It was obvious that the email was not written by anyone that used English as a first language. My wife's friend is very articulate. So my wife knew the person should have been home so called her and sure enough she had been home for a couple of days. She had used a computer in a cyber café while in Italy to send her son an email and of course, to get signed on she had to give her screen name and password, being it was a strange computer to her email host it asked her for the answer to her secret question which she answered. Two days later everyone in her address book was receiving the same email asking for a loan to be wired to her in Europe. I would guess that the computer she used in Italy, had a key logger or similar program capturing data from users.
The OP said she was traveling, using a laptop and I am guessing is sending emails while on the road. Not too difficult for someone to put one of the capture type programs on a public computer network and get your sign in data, etc. It would appear to me that my financial information I send over the Internet is more secure, due to it being encrypted, than is an email. This is especially a problem with the email servers that "store" your address book on their web site, instead of just on your computer. Sure it is convenient to be able to go to my gmail account on any computer and find my address book to send emails, but sure not very secure if I lose/give out unintentionally, my password and secret question answer.
joe b.
Stuart Florida
Formerly of Colorado and Alaska
Dodge/TCD - Rockwood 8281 SS 5th Whl & 2008 Lance 845 TC
www.pajbcooper.com web site
Alaska Trip 2011 - now posted.
Alaska-Colorado&others, photos
"Without challenge, adventure is impossible".
|
AstroRig57
near Tehachapi, CA
Senior Member
Joined: 01/15/2009
View Profile
|
pextron wrote:Tom N wrote:You had to cause this yourself.
You must have received an email about your account with a link to log to it. You went to that link, which looked like your email provider but was not. When you entered your ID and password on this phony website you gave up your ID and password.
That doesn't necessarily make it the OP's fault.
Phishing is not the only way to get someones email password. Computers happen to be my specialty and I won't give out the dirty details but there are literally thousands of ways that information can be stolen on the internet.
No electronic media is 100% secure but there are some simple rules that can make things a bit safer where email is concerned.
1. Never open suspicious emails.
2. Never open attachments.
3. Never click links in emails.
Lastly, and most importantly, when logging into any site, always verify that the site you think you are logging into is in fact the real site by checking the URL in your browsers address bar.
That covers some of the basics.
I don't know why "experts" would fail to notice, and mention, the fact that the OP says he is using a laptop, while on the road, and while probably connecting to his webmail based email service via various RV park's UNSECURED WiFi connections. Faced with such ripe pickings, even the rankest amateur of a hacker can "sniff" (listen in on) and intercept email account log in information and other communications.
It's also beyond me as to why so many people seem to use webmail based email services, like Hotmail, MSN Mail, Gmail, Yahoo and many others as this is the MOST VULNERABLE type of email service available. Why do you think that most email SPAM seems to come from such accounts (usually from hijacked accounts)? Generally speaking, when logging into these via your browser, you are sending your account and password information without any form of encryption as MOST (but not all) webmail logins are not done via a secure connection.
With a webmail based service, once they have our account name/number and password, they can do most anything from changing your security questions to accessing your mailboxes and address book.
Why is it that people seem so intent, and content, to use these insecure services rather than a dedicated email client on their local machine which accesses a POP3, MAP4, or MAPI and SMTP based email servers? Dedicated email clients have security options which will prevent a user's name and password from being sniffed. Not only is this superior for home use, but even more so for mobile users who may access their email via internet access provider who are foreign to them and not necessarily trusted. Additionally, all of your mailboxes, saved correspondence, and addresses are stored on your local machine as opposed to remotely where they are compromised if someone obtains your account information.
Also, the OP needs to thoroughly scan his local machine for viruses which may either be keylogging, and sending his account information and passwords to a remote hacker, or using his local machine to directly send out email SPAM.
2005 31' Coachmen Freelander 3150SS, Stargazer II - Mobile Astronomy Unit
Do you remember when the sky was dark, and the stars were bright?
The International Dark-Sky Association
American by birth...Scottish by the Grace Of God.
|
wittmeba
Virginia
Senior Member
Joined: 02/02/2001
View Profile
|
There has been a couple postings regarding violations of security lately.
I wouldnt go so far as to say Never open suspicious emails, never open attachments and never click links in emails. But you need to be smart about what you are doing.
It is wise to be selective about emails you do open, but Scam/Spam can come to your PC under your best friends name. You will never know it.
There are many kinds of email attachments. What you need to watch our for are attachments that may run on your PC such as any file ending with .exe, .bat, .com and a few others. You need to understand some basics of file names/extensions and what they mean.
Many businesses will not allow the transfer of files of these types. They are blocked by their proxy servers with various email rules. Any type of script files can be potential problems.
Links in emails are very common. The major distinction is when someone sends you an email that you know requires security, I would never reply to it or click the link. You can quickly do a mouse-over and see what the real URL is and determine if it is legitimate based on the sender. The message here is dont be deceived by the presentation of the link vs. where the link actually takes you.
The important thing to know is (as beemerphile1 states) the source of the link. Your bank does not need your login and password to access your account information - they own it. They already have direct access to it.
If you need to contact your bank, use your own link - not one someone sends you in an email.
There are websites on the internet where you can send emails to any email address and label it from any other email sender you want. It does not have to come from you.
One of the reasons so many email accounts used for scams are Yahoo and Hotmail are they so easy to setup and they are free.
I dont believe un-secured Wifi is the problem with banking access. Email may be a different story. When you log into a bank, you will still use their security system (https://) regardless of your internet connection. Wifi security is to protect against unauthorized use and sniffing of information. Banks almost always use SSL (Secure Sockets Layer) servers and processes. They are not the same thing.
Be alert!
It is up to you to determine when you or someone asks you to cross the line with security. When that happens, be suspicious.
Here is a related discusssion.
http://www.rv.net/forums/index.cfm/fusea........thread/tid/24115386/gotomsg/24116250.cfm
* This post was
last
edited 07/15/10 07:03am by wittmeba *
View edit history
Firefox® 10
Firefox® Add-ons
Say Thank You
Log home
Did you hear what the masochist said to the sadist? He said, "Hit me". The sadist said, "No".
|
beemerphile1
I'm only 56, I'm not yet a
Senior Member
Joined: 04/20/2007
View Profile
Good Sam RV Club Member
Offline
|
Here is a trick that I use when on a public computer like at the local library. Before typing in an identity and password, I open a second browser window.
Type a few characters in the correct window and then type random characters in the second window. Switch back and forth this way a couple of times. This technique is supposed to defeat keystroke software that might be on the public computer.
Maybe someone else knows better whether or not it really works.
Tim
If you aren't paranoid, you aren't paying attention!
2006 Weekend Warrior FK1900 towed by 1998 Ford E150 4.6L = 8 MPG
2009 Aliner Sport towed by 2009 Pontiac Vibe 1.8L = 22 MPG
1996 BMW R1100GS
.jpg)
|
wittmeba
Virginia
Senior Member
Joined: 02/02/2001
View Profile
|
That may or may not work. I dont know.
Sniffers seem to have the ability to capture the packets (protocol or coded blocks of information used to communicate on the internet) and take them apart to retrieve logins and pw. Each packet contains a header, data, footer arrangement and are a predetermined size in bytes. You send a message as one big block. It is disassembled, sent in pieces and reassembled upon receipt.
My grandson knew a 12 year old kid who could tell you your pw within 2 minutes of logging into email. He demonstrated it, my grandson changed it, and the kid did it again.
You are limited on your defenses.
This shouldnt happen using https:// secure servers. They establish a point-to-point connection and hopefully the world is blocked out.
|
|
|
|
