True Story – Hacker Using Users Email Account to Steal

A person I know recently received a phone call from his bank asking him if he had sent a particular email. The email asked for some banking information but asked the reply be sent to a different email account. The bank was calling to see if the information was correct.

It turns out his email account had been hacked because of a poor password. Once the email account had been hacked, the thieves set up a rule in account to send a copy of all emails to the email account they created. (He was using an account that uses an online version of Outlook to manage the email.( The thieves (or would be thieves) were actually sending emails from his account to make the emails look legitimate.

So the lesson here is if you have any account online, please you good passwords. Also if you have accounts that use a mail manager that allows you to create rules or auto-forward email that you check it periodically. You might find your email going to someone else.


Suspicious URLS’s and Files?

One of my new tools in my layered security blanket is a site called virsustotal. What is great about virus_totalthis website is that you can take a link in an email, copy and paste it into the search field and then scan it without harming your computer. (Note: you have to click on the scan URL link below the scan button to switch from the default scan file mode.)

The other plus is you can download a file from a website, and have it scanned by not one many different antivirus vendors.

virus_total_2It should be noted that this website application does not “guarantee” that the program you download is not a virus, worm, trojan, or malware. In fact no antivirus program can provide 100% protection, but it does provide another layer of security.