- My Forums
- Tiger Rant
- LSU Recruiting
- SEC Rant
- Saints Talk
- Pelicans Talk
- More Sports Board
- Fantasy Sports
- Golf Board
- Soccer Board
- O-T Lounge
- Tech Board
- Home/Garden Board
- Outdoor Board
- Health/Fitness Board
- Movie/TV Board
- Book Board
- Music Board
- Political Talk
- Money Talk
- Fark Board
- Gaming Board
- Travel Board
- Food/Drink Board
- Ticket Exchange
- TD Help Board
Customize My Forums- View All Forums
- Show Left Links
- Topic Sort Options
- Trending Topics
- Recent Topics
- Active Topics
Started By
Message
Email hacked.
Posted on 12/10/18 at 8:50 am
Posted on 12/10/18 at 8:50 am
So last night I noticed a notification on my phone that my email login was invalid. I didn't think anything about it and went to bed. I go to check my email this morning and same thing, so I log onto my PC, same thing, invalid username or password.
So I call up LUS Fiber tech support and the guy tells me that the system shut down my email account because 80 emails were sent from my email in a short period of time last night. I checked my sent mail and none appear there. We reset my password and I'm able to use it now.
First off, how the hell did they get my password, and secondly, why would they want to use my account to send emails and why don't they show up in my sent mail?
Oh, and should I warn everyone in my address book not to open any email from me from yesterday?
So I call up LUS Fiber tech support and the guy tells me that the system shut down my email account because 80 emails were sent from my email in a short period of time last night. I checked my sent mail and none appear there. We reset my password and I'm able to use it now.
First off, how the hell did they get my password, and secondly, why would they want to use my account to send emails and why don't they show up in my sent mail?
Oh, and should I warn everyone in my address book not to open any email from me from yesterday?
This post was edited on 12/10/18 at 8:56 am
Posted on 12/10/18 at 9:31 am to bhtigerfan
Happened to my parents a few years ago, but their provider didn't lock the account, so the hacker was able to send emails until my parents were made aware of the situation.
As soon as the account password was changed the emails stopped.
However, a hacker doesn't need access to your account to send emails that look like yours. I have access to a command line email program that allows me to insert whatever "source" address I'd like and send. We use it to insert administrative account addresses in our system emails.
Posted on 12/10/18 at 9:37 am to bhtigerfan
quote:
First off, how the hell did they get my password
There are many ways, including brute force (guessing).
quote:
why would they want to use my account to send emails
It makes them more likely to be delivered and opened. And it's free.
quote:
why don't they show up in my sent mail
Depends how it's set up and how you're accessing it, but storing sent email is sometimes the job of the program doing the sending (rather than the email server). So the sent mail would show up in the sent mail of the "hacker" and not yours.
Posted on 12/10/18 at 9:47 am to Korkstand
quote:
There are many ways, including brute force (guessing).
Curious what e-mail provider it was. Is it LUS? I'm not familiar with that acronym.
Seems like a CAPTCHA feature should be in place to prevent brute force attempts. Have they found a way around CAPTCHA yet?
Posted on 12/10/18 at 9:48 am to Korkstand
It'd be good to run a scan with a program like Malwarebytes to try and make sure you don't have any malicious programs on your PC. After doing that (not before in case you're infected) make sure you can log in to any important or sensitive accounts. If they had access to your main email account they could have possibly changed your password on other accounts.
Posted on 12/10/18 at 9:53 am to TigerinATL
Most common and easy way now is if you use the same password on multiple accounts. All it takes is one data breach and your password is now all over every dark web list. Consider that password burned and never use it again for any account, especially if that account shares a username with this one.
This post was edited on 12/10/18 at 9:54 am
Posted on 12/10/18 at 12:44 pm to WhiskeyThrottle
quote:
Seems like a CAPTCHA feature should be in place to prevent brute force attempts. Have they found a way around CAPTCHA yet?
Not too relevant to this thread, but you should check this out:
New attack could make website security captchas obsolete
quote:
Summary: Researchers have created new artificial intelligence that could spell the end for one of the most widely used website security systems. The new algorithm, based on deep learning methods, is the most effective solver of captcha security and authentication systems to date and is able to defeat versions of text captcha schemes used to defend the majority of the world's most popular websites.
Posted on 12/10/18 at 1:05 pm to liuyaming
quote:
Summary: Researchers have created new artificial intelligence that could spell the end for one of the most widely used website security systems. The new algorithm, based on deep learning methods, is the most effective solver of captcha security and authentication systems to date and is able to defeat versions of text captcha schemes used to defend the majority of the world's most popular websites.
The text captcha's are by far the worst to deal with. They're barely readable anymore. But there are a few different version. They make a simple check box that is required to check in order to proceed. I'm not real familiar with how the code works, but as I understand it, scripts can't auto click in a specific position on a page and a human can. There is also something called invisible CAPTCHA. You place the code behind a button on a page that is required to click to advance anyways. If the physical click isn't initiated, it will not allow you to advance your request.
Posted on 12/10/18 at 1:18 pm to WhiskeyThrottle
Regarding no items in the Sent Items folder, check out your rules in your email. We had this happen to a user here and the hacker created a rule that deleted all emails from the Sent Items folder. I was still able to see what they sent by looking at our email archiver.
Posted on 12/10/18 at 3:25 pm to bhtigerfan
We have a virus going through our system at work. Apparently it uses your stored/saved passwords in your browser to log in, get your passwords, and get your info.
Posted on 12/10/18 at 9:38 pm to baobabtiger
Thanks for all the replies guys.
And BTW, LUS Fiber is Lafayette Utilities Service. They laid fiber optic in Lafayette several years ago and provide cable, Internet and phone service.
And BTW, LUS Fiber is Lafayette Utilities Service. They laid fiber optic in Lafayette several years ago and provide cable, Internet and phone service.
This post was edited on 12/11/18 at 10:31 am
Popular
Back to top
Follow TigerDroppings for LSU Football News