ICT Views


Hacked Off

by: (Associate Director, Research and Development) on

I’m now officially a statistic.

I have my personal email account synced to my personal smartphone, and as I ate my dinner last night, my phone started making lots of ‘email received’ noises.

About 25 of them, which seemed weird.

It panned out they were ‘undeliverable’ notification bouncebacks.

But I hadn’t sent any emails….?

So I jumped into my ‘sent items’ and apparently ‘I’ had sent a load of emails, with various generic and dubious titles such as ‘hello’ and ‘greetings’.

Then, as if by magic and right before my eyes, all the suspicious sent items just disappeared.

Gulp. I’ve been hacked !!!

How has this happened and what do I do?

Actually, I was pretty surprised and more than a bit miffed. I thought I was doing everything right. I use a combination password (numbers, Capitals etc). I have all the firewalls, antivirus, malware programmes updated and running (even on my phone) and I figured I wouldn’t even have a contacts list so if I did get hacked, there would be no-one to send anything to.

So wrong

Well naïve old me, eh?

Seems this clever account usurper automatically generated a contact from anyone I’d ever emailed from my account and then spammed them mightily.

I changed my password ASAP and texted as many people as possible to tell them to delete a weird looking email they had just received from me.

But apart from that, I’m not sure what else I can do (any reader tips welcome…)

What’s it worth?

The whole nasty business made me wonder why it was worth it? What’s the point? My personal email isn’t any good to anyone is it?

So I had a little look this morning and found what I thought was a great article from Brian Krebs, explaining the value of a hacked account.  I hope he doesn’t mind, but I’ve re-utilised (pinched) his infographic to use here:

diagram

So in summary, it seems IS worth a lot.

Tip of the Iceberg

I’m not sure that emailing the garage I had my previous car serviced at 6 years ago will get them anywhere, but it sure made me grateful that it was just me I had to worry about.

Imagine you are an international organisation, sat eating your dinner (albeit firms don’t eat dinner) and you realise your account has been hacked, resulting in all 10 million of your customers globally being spammed.

Now that WOULD ruin your evening.

 

Categories :

0 Comments :

Comment

Comments closed

Archive

Tel: +44 (0)121 362 7534

Blogger facebook LinkedIn Twitter youtube google + Trust Pilot

© 2017 – International Compliance Training Ltd, a division of Wilmington plc. International Compliance Training Ltd, is a company registered in England & Wales with company number 4363296 GB. Registered office: Wilmington PLC, 5th Floor, 10 Whitechapel High Street, London. E1 8QS VAT NO.GB 899 3725 51