Posted on: April 20th, 2010
In the past month or two I’ve seen an increase in email hackings. A few groups seems to be mainly effected:
- Those who use Yahoo email services (emails ending in @yahoo.com, @sbcglobal.net, @att.net, etc)
Evidently somebody figured out a way to crack passwords to these accounts if the passwords are not very secure. The perpetrators are most likely using a dictionary based attack – which means that they try a large number of usual passwords or a combination of them.
For example if your email password is “jack1″ then it’s likely to get hacked. Why? First it’s too short, and it contains a common name plus the “1″ that most people put there when they are required to have a number in the password.
I’ve had several cases that I have had an opportunity to investigate. I found practically identical modes of operation in each case. This indicates that these are automated attacks based on a software that’s probably circulating in hacker circles.
If someone’s email account is hacked he/she will experience:
The hackers evidently use the online web based user interface to carry out their operations. The evidence on this is that the messages sent out are listed in the “Sent” folder of the user. They are also using the user’s online address book to send out the spam. Here is a sample spam message being sent out:
The only good thing is that the spam sent out doesn’t appear to be spreading viruses, it’s only advertising junk.
It’s actually quite simple to put a stop to this type of hacking. You will simply change your password to something that is harder to guess. Here are some guidelines on what makes a hacker’s life harder:
- Use some capital letters, for example capitalize the first letter, or one inside the password. Passwords are case sensitive so this dramatically increases the number of combinations a hacker would need to try to figure out the password.
Now the only question that remains: How do I change my password? It’s different for each service provider but I looked up the help pages for Yahoo and MSN and here are the links that help you with changing your password:
- Yahoo: http://help.yahoo.com/l/us/yahoo/edit/id_password/edit-13.html (for Yahoo we found a customer support number: 408-349-1572 — if your Yahoo email is via AT&T then call AT&T instead)
- AOL: Just got to: http://password.aol.com
Note: you might need to call the tech support of the provider if you don’t know your current password (it happens when people have the computer fill out the password box for them) and/or the answer to the security questions.
I hope this article will prove to be useful if you or a friend ever become victim of an email hack like this. But, as always, the best cure is prevention. If your password is too simple, then take action now before someone figures it out!
Did you find this information useful?
Please consider donating.