eMail Archives - Geek for Hire

Hacked Email? Check your “Rules”

Posted on April 15, 2021 by Gail Eddy in eMail, Hackers, Phishing, Technology Tips

This past week, we received hacked email messages “from” several different customers indicating that their email account has become compromised. I have “from” in quotes because the emails weren’t actually from those people.

Each email was similar, in that they all started with a benign and short email message saying “Checking in” or “Favor to ask!” or “Hey there?”. The request said something like “I wonder if I could ask your help?”. All the messages were received within the past 7 days. This indicates an active and fruitful attack that is going on right now.

HACKED EMAIL – CHECKING IN:

Here’s a screenshot of one of the first hacked email messages we received:

Chris replied with a quick email that said “Yes, I will call you later today”. Our “Spider-Sense” was tingling about this message – because this is not something that this customer would do via email. A few minutes later, we received this message:

We noticed that the “reply from” address was slightly different from his actual email address. (An “R” was added to the end of his name.) I called the customer a few minutes later, and he said he had not sent either of the messages. We talked for a while, and I recommended that he turn off his computer, and wait until I could arrive later that day.

Super-Geek To The Rescue:

The first thing was to review his MSN account security information, such as the cell phone and alternate email addresses on file which can be used for account recovery, and to change his password. I enabled a feature to disconnect all already connected email programs which might still be connected. We wanted to make sure the hacker did not still have access to his account, to possibly seize back control. I looked through his past login history and found that there were several recent attempts from Nigeria using Exchange. This was a smart and sneaky attack.

I scanned his machine, and found the machine was not infected – but there was something wrong with his MSN email account. His Inbox showed that it had not received any new email messages for the past several days. (He could send email messages just fine.)

I looked through his account configuration within MSN, and found that a Rule (which did not have a name) had been added. It was applied to every new email message.

Mark the message as Read
Move the message to the Archive folder
Forward a copy of that email message to a different email account. This looked like the customer’s email address but with very subtle differences.

I found that all of the customer’s recent email was indeed in the Archive folder, and moved them back to the Inbox. I deleted the Rule added by the Hijacker.

HEY THERE?

Here’s another hacked email we received:

This was a sneaky one too with multiple Rules added to their email. In this case, their Comcast email account had been modified to have a similar Rule added, which was forwarding a copy of all email messages to a similarly named email address under the Hotmail.com domain that did not belong to the customer. The password was changed, the account recovery information was reviewed, and the silent email forwarding Rules (there were two) were found and deleted.

FAVOR TO ASK!

For another customer, we received this “Favor to Ask!” message:

We contacted them with a different email to let them know. They sent an email blast to their contacts announcing that their email address had been compromised, which is good. But they didn’t BCC everyone so we:

saw their complete list of contacts, and
so did everyone else.

Remember, if you need to send an email message to many contacts, follow good Netiquette and don’t use CC. Using BCC will hide all contacts that you are sending to. (Who remembers “carbon copies”, “blind carbon copies”, and getting their fingers all inky?!)

FAVOR TO ASK?

We also received this similar message from a hacked email:

Again, the hacker changed the rules within their email account.

GREETINGS

And, last but not least, we received this convoluted request:

WHAT TO LOOK FOR IN YOUR EMAIL INBOX:

If you get an email like this, it’s important to let the person know, WITHOUT using the email address that was used to send the original message! The best option is to call or text them. If you don’t have their phone number, see if you have another email for them. You can also contact a family member and ask them to pass on the message. I’ve even resorted to sending the person a message on Facebook.

WHAT TO DO IF YOU’RE DEALING WITH A HACKED EMAIL ACCOUNT:

If you find out that your email has been compromised there are several things you should do right away:

Change your password on your email account.
Double-check that your “reply to” address is really your address. Look for an extra letter. Is the domain correct? (Comcast? Gmail? Outlook? etc.)
Check your email account “Rules” to see if any new emails are forwarded to a different address?
Let people know that your email is compromised. Make sure they know you’re fine and don’t need a gift card for Amazon or Apple. If you send one email to a bunch of people, please use BCC.

As always, if you need help, give us a call. In most cases, we can help you remotely.

CONCLUSION:

Scammers, hackers, hijackers, and spear-phishers are getting more sophisticated in their attacks. Here’s a recent article about a big-time Nigerian email scam. Today is a great day to run your virus scanner, change passwords, set up two-factor authorization, and back up your data!

I’ve created a Free Report to protect you from “phishing” scams. Click here to receive it!

Information about Geek For Hire, Inc.

Chris Eddy of Geek For Hire, Inc. has provided computer service to families and small businesses with Macs and PCs for the past eighteen years. Angie’s List and the BBB rate Geek For Hire very highly. You can find more on our website or give us a call at 303-618-0154. Geek For Hire, Inc. provides onsite service (Tier 3 support) to the Denver / Boulder / Front Range area and remote service throughout North America.

Here’s a link to our Covid19 Policy.

We’ve been using Amazon Prime for the past few years. We like the free and fast shipping. With Prime, we have access to online streaming too. Prime is usually $119/year, but you can get a free 30-day trial by clicking on this link: Try Amazon Prime 30-Day Free Trial. As an Amazon Associate, we earn from qualifying purchases.

More Tips Here:

Are you interested in learning more about Extreme Privacy?
We have seen a lot of Facebook hacking lately. Here’s what you should do ahead of time to keep your account safe.
And here are the 10 Password Mistakes you don’t want to make!

How is a Coffee Shop Like a Sickbed? 8 Things You Need to Set Up a Great Virtual Office

Posted on May 2, 2017June 10, 2017 by Gail Eddy in eMail, Facebook, iPad, Router, Technology Tips

Never have I been so happy that I already have a virtual office set up as I have been for the past few months. Last year I traveled several times to the East Coast while my kids hiked the Appalachian Trail. Because of my virtual office set up, I was able to manage our business wherever I was. Recently though, I’ve had a much greater need for a virtual setup.

In the past three months, I’ve had two surgeries. A total knee replacement in February, and my other knee in April. When you can’t get around, and spend most of your time resting and healing, it’s good to have tried and true technology at your bedside.

Virtual Office Requirements:

WIFI:

You must have fast WiFi. A minimum of 12mbps is recommended. Remember that you may have to upgrade your router in order to provide the actual speed that is being flowed from your ISP to your devices. Good routers have low latency and can support many simultaneous users. Cheap routers tend to support only one user at a time. Chris recommends this Linksys router.

Tablet

Sometimes a laptop is just too heavy! My iPad has been perfect for internet research, sending email, and keeping the Geek For Hire calendar up-to-date. And it’s great for watching AmazonPrime movies and keeping up with Facebook.

Cell Phone:

Well, that kind of goes without saying!

Charging Cords

Make sure you are able to easily reach your charging cords. You may need to add a power strip right next to your bed to easily charge your phone and other equipment.

Optional:

Laptop:

Sure, you can get a lot of business accomplished with just your Smartphone and tablet. But sometimes, you just need your laptop to do certain tasks. For example, Quickbooks won’t let me enter all the detail I’d like on their mobile app. I need to login to Quickbooks from my laptop to do that.

TV:

Entertainment value. Pure and simple.

Headphones:

Sometimes when you’re stuck in bed, it’s hard to sleep when other people are sleeping and you don’t want to disturb them in the middle of the night. Having a good pair of headphones keeps the volume down when you’re watching Speed at 3am. Here’s my recent blog about Bluetooth headphones.

External Keyboard for Tablet:

Typing on a tablet can be cumbersome. The hands – so big. The keyboard – so small. The mistakes – so many! Get yourself a Bluetooth keyboard and typing will be much easier. The newer ones have back-lighting which makes it easier to type when the lights are dimmed.

Speech to Text Software:

Sometimes you just can’t type. (Two of my friends have recently had shoulder surgery.) Many of our customers have used Dragon Naturally Speaking to get their thought down without typing. Keep in mind that it does take a bit to customize the software to your voice.

Remember, it’s better to plan ahead and get your virtual office technology in line before you need it!

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PC’s for the past fifteen years. His company is highly rated by both the BBB (Better Business Bureau) and by Angie’s List. You can find more on our website, or give us a call 303-618-0154. Geek For Hire, Inc. provides onsite service (Tier 3) to the Denver / Boulder / Front Range area as well as remote service throughout North America.

Save

Is It Just Me, Or Is My Favorite App Down?

Posted on August 30, 2016September 8, 2016 by Gail Eddy in AT&T, eMail, Entertainment, Games, Passwords

Does this happen to you too? I head over to a certain app, whether for business or just goofing off, and I can’t log on! I try again and again, being very purposeful entering my password. I shut down the application and restart it. I shut down my phone/laptop/tablet and restart it, but the problem persists. What is going on?!

In some cases, it could be the application itself which is having the issue. Their servers are not infallible, despite what they might claim.

But WordPress can go down. And so can Facebook, Twitter, Quickbooks Online, and many other. To check the status of your app when you are having issues head over to any of these sites:

Down Detector – I like the visuals of their graph. Very easy to understand. Down Detector tracks Facebook, Netflix, AT&T, Verizon, eBay, Twitter, and many others: http://downdetector.com/
Down Right Now – I like the visuals of this site as well. They mostly track Social Media and email sites: http://downrightnow.com/
Outage Report – Not only does this site provide a graph of down times, but they have a map to show where the outages are occuring. In addition to Social Media and entertainment sites, this site also tracks online gaming apps: http://outage.report/

If you are experiencing difficulties getting on to one of your favorite apps, remember to check one of the above sites. and record your problem too.

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PC’s for the past fourteen years. His company is highly rated by both the BBB (Better Business Bureau) and by Angie’s List. You can find more on our website. Geek For Hire, Inc. provides onsite service (Tier 3) to the Denver / Boulder / Front Range area and remote service throughout North America.

We’ve been using Amazon Prime for the past few years. We like the free 2-3 day shipping and the online streaming. I haven’t tried the Kindle lending library yet, but I’m tempted! Prime is normally $99/year, but you can try it for 30 day for free by clicking on this link: Try Amazon Prime 30-Day Free Trial (Yes, we’ll get a small commission when you sign up.)

Save

Outsmarting The Hackers

Posted on March 31, 2015December 2, 2019 by Gail Eddy in eMail, Hackers, Mac's, Passwords, PC's, Tips

Hackers are getting smarter and are finding it easier to log into your email, bank and social media accounts. For that reason, it is so important to regularly change your passwords on all of your accounts. If you think any of your accounts may have been hacked, change your password recovery email as well.

Some people have a hard time remembering their passwords. I’ve found that it is a good idea to use a couple of different words which are significant to you, but change it up a bit. Use numbers, symbols, and capital letters to make the password harder to guess, but easy for you to remember. As an example, using the word “PASSWORD”, I’ll show you how easy it is to change a common word into a secure password for you:

P@55w0rd! – Capitalize the first letter, change the “a” to the @ symbol, change the two Ss to 5s, change the o to a zero, and add an exclamation on the end.
P@55W0rd! – Capitalize the first letter, change the a to the @ symbol, change the two Ss to 5s, Capitalize the W, change the o to a zero, and add an exclamation on the end.
!P@55w0rd! – Start with an exclamation point, Capitalize the first letter, change the a to the @ symbol, change the two Ss to 5s, change the o to a zero, and add an exclamation on the end.

When you use this system, you can change it monthly by adding the date. For example, add “April”, or “04” to the end.

Its also better to use more than one word. Sometimes when Chris is setting up a new password he will use the title of a nearby book. For example, Mark Reisner’s “Cadillac Desert” is on my desk right now. Using Chris system, my new password could be:

CadillacDesert – with the first letter of each word capitalized and no spaces.
Cadillac Desert – with the first letter of each word capitalized and one space between the two words.
Cadillac_Desert with the first letter of each word capitalized and the underscore symbol between the two words.
C@dill@cDesert – with the first letter of each word capitalized and the “a” turned into the @ symbol.

You get the idea! Play around with some possible passwords for you. Once you have a few that work and that you can easily remember, it will be easy to change it up on a regular basis and to keep your online life that much more secure!

Information about Geek For Hire, Inc.

I’ve created a Free Report on what to look for to protect yourself from “phishing” scams. Click here to receive it!

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PCs for the past eighteen years. Angie’s List and the BBB rate Geek For Hire very highly. You can find more on our website, or give us a call 303-618-0154. Geek For Hire, Inc. provides onsite service (Tier 3 support) to the Denver / Boulder / Front Range area as well as remote service throughout North America.

Gone Phishing

Posted on February 24, 2015December 2, 2019 by Gail Eddy in anti-virus, eMail, Hackers, Phishing

No matter how tightly your computer is locked down, phishing continues to be an issue. Your anti-virus and/or email program will identify some of the culprits, but, because the phishers are always evolving, they can’t identify all of them. That’s why it’s important for you to be able to identify phishing attacks yourself!

What is “Phishing”?:

Phishing is defined very well by this Wikipedia article:

“Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, banks, online payment processors or IT administrators are commonly used to lure unsuspecting public. Phishing emails may contain links to websites that are infected with malware. Phishing is typically carried out by email spoofing or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one.”

Phone Calls:

Your “bank” calls you to tell you about some unusual activity on your account and asks you to confirm your birthday.
“Microsoft” calls you to tell you that your machine is out of date or has a virus and asks if they can access your machine to “fix” it.

Emails:

Your bank sends you an email stating that someone has tried to access your online account. They’d like you to click on a link to prove that you’re you.
The IRS sends you an email saying you have a refund coming.
Yellow Pages needs to update your ad, when you’re not advertising with them.
You get an email from yourself. (This is common. I get a lot of emails *from myself* asking if I want to purchase a product!
Your insurance company asks you to click on a link for a new free service.
Here’s an example of a phishing email I got the other day. It’s from a person I don’t know who wants me to open a Google document. The email program I use, Thunderbird, shows me where the link included in the document will take me. Notice that it is NOT a Google website! (Google docs always start with https://docs.google.com/…and.then.the.document.file.name ) Even if you don’t use Thunderbird, you can still hover your mouse over the link and most email programs will show you the full link.

Listen to your spider-sense!

Even if everything looks okay, but you get a tingling sensation that it might not be, pay close attention. If you get *any* indication that the email is not from who it says it’s from, do some investigation. Is it supposedly from a friend? Call or text them and ask if they sent it? Is it from your bank? Call the number you have for your bank and ask!

Recent Phishing Scams:

IRS Warns of Phishing Tax Scams, Fake Emails

Anthem Warns Customers About “Phishing” Email Scam

Phishing Scam Spoofs BBB questionnaire; Businesses Warned Not to Click

Email Scam Alert from UC-Santa Cruz

What to Look For:

Every email & text that you receive should receive the once-over by you. Are you expecting that text / email / phone call? Are there misspellings? Are the links directed to where they say they are going? Is the grammar correct? Every unexpected phone call from an “authority” should be treated with suspicion until you’ve determined their authenticity.

Be Safe out there Folks!

Make sure your anti-virus is always up to date and be careful of what information you provide to third parties. (If you do happen to inadvertently download a malware program, run your anti-virus right away.)

Information about Geek For Hire, Inc.

I’ve created a Free Report on what to look for to protect yourself from “phishing” scams. Click here to receive it!

Save