Cycling and bicycle discussion forums. 
   Click here to join our community Log in to access your Control Panel  


Go Back   > >

Fifty Plus (50+) Share the victories, challenges, successes and special concerns of bicyclists 50 and older. Especially useful for those entering or reentering bicycling.

User Tag List

Reply
 
Thread Tools Search this Thread
Old 11-15-11, 08:41 AM   #1
Retro Grouch 
Senior Member
Thread Starter
 
Retro Grouch's Avatar
 
Join Date: Feb 2004
Location: St Peters, Missouri
Bikes: Rans Rockst (Retro rocket) Rans Enduro Sport (Retro racket) Catrike 559, Merin Bear Valley (beater bike).
Posts: 26,488
Mentioned: 1 Post(s)
Tagged: 0 Thread(s)
Quoted: 34 Post(s)
OT - somebody hacked my email account.

If you get an email from me saying I lost my wallet in London, send the money to my house because I'm not really in London.

The ironic thing is that I suspect the hacking has something to do with renewing my Norton account because it asked for my email password and the renewal didn't go through normally. RATS!
Retro Grouch is offline   Reply With Quote
Old 11-15-11, 08:45 AM   #2
10 Wheels
Galveston County Texas
 
10 Wheels's Avatar
 
Join Date: Nov 2007
Location: In The Wind
Bikes: 2010 Expedition, 03 GTO
Posts: 29,294
Mentioned: 2 Post(s)
Tagged: 0 Thread(s)
Quoted: 66 Post(s)
You were scammed....
__________________
[SIZE=1][B]What I like about Texas[/B]
http://www.youtube.com/watch?v=PGukLuXzH1E

Set F1re To The Ra1n ( NY Night Rain Ride)
http://www.youtube.com/watch?v=W7jfcWEkSrI
10 Wheels is online now   Reply With Quote
Old 11-15-11, 08:52 AM   #3
NCbiker
Senior Member
 
NCbiker's Avatar
 
Join Date: Sep 2011
Bikes:
Posts: 353
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
What happened to you is called being "phished". No one hacked into your account, you gave them the information they needed to get in.
NCbiker is offline   Reply With Quote
Old 11-15-11, 08:55 AM   #4
Retro Grouch 
Senior Member
Thread Starter
 
Retro Grouch's Avatar
 
Join Date: Feb 2004
Location: St Peters, Missouri
Bikes: Rans Rockst (Retro rocket) Rans Enduro Sport (Retro racket) Catrike 559, Merin Bear Valley (beater bike).
Posts: 26,488
Mentioned: 1 Post(s)
Tagged: 0 Thread(s)
Quoted: 34 Post(s)
Quote:
Originally Posted by NCbiker View Post
What happened to you is called being "phished". No one hacked into your account, you gave them the information they needed to get in.
Whatever. Any chance they'll pay my on-line bills for me?
Retro Grouch is offline   Reply With Quote
Old 11-15-11, 09:01 AM   #5
jdon
Senior Member
 
Join Date: May 2009
Bikes:
Posts: 4,239
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Quote:
Originally Posted by Retro Grouch View Post
If you get an email from me saying I lost my wallet in London, send the money to my house because I'm not really in London.

The ironic thing is that I suspect the hacking has something to do with renewing my Norton account because it asked for my email password and the renewal didn't go through normally. RATS!
The same happened to a friend of mine and the scenario seemed plausible for the individual. I phoned him at home to confirm he hadn't lost his passport and was stuck in a *****house in Germany unable to pay.
jdon is offline   Reply With Quote
Old 11-15-11, 09:17 AM   #6
mikepwagner
Senior Member
 
Join Date: Jul 2011
Location: Raleigh, NC
Bikes: 2012 Motobecane (BikesDirect) Immortal Force; 2011 (?) Civia Bryant Gates Carbon Belt Drive (upgraded to Alfine 11 and Gates CenterTrack)
Posts: 523
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Quote:
Originally Posted by Retro Grouch View Post
Whatever. Any chance they'll pay my on-line bills for me?
Do you use that same password for any other activities on the web that you don't wanted compromised?

A lot of people use the same password for multiple accounts (email, Amazon purchase, etc). That's a bad idea in general.The people who were phishing know that, and are trying to gain access to any other account you might have that might use the same password. They couldn't care less about your Norton account.

For example, they might check to see if you use that same password for Amazon purchases, online banking, or online bills of various kinds.

In general, no one - Norton or anyone else - needs your email password, except at actual login. The don't actually store your password, they store an encrypted version that can't be "reversed" very easily. So when you log in, they encrypt the password you supply and compare that with the encrypted password on record. If the two encryptions match, the password matches. That means they don't need to to store or to know your password.

The picture is a little more complicated than that, but those are the fundamentals. No one needs to know your password, so any email you get soliciting your password is bogus.
mikepwagner is offline   Reply With Quote
Old 11-15-11, 09:56 AM   #7
donheff
Senior Member
 
donheff's Avatar
 
Join Date: Jun 2007
Location: Capitol Hill, Washington, DC
Bikes: Specialized Tricross Comp
Posts: 1,312
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Quote:
Originally Posted by mikepwagner View Post
Do you use that same password for any other activities on the web that you don't wanted compromised?
+1. If you are using that password elsewhere change it fast. Someone with access to your email may be able to find a lot of info on you leading them to other accounts. Hopefully you have been able to access your email account and change your email password?
donheff is offline   Reply With Quote
Old 11-15-11, 11:19 AM   #8
Laserman
Senior Member
 
Laserman's Avatar
 
Join Date: Sep 2009
Location: Metro Detroit
Bikes: 15 Specialized Crosstrail, 83 Schwinn Traveller, Fuji Sport
Posts: 385
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
No one EVER needs any password info from you.
Any email that asks for a password is a scam.
Laserman is offline   Reply With Quote
Old 11-15-11, 12:18 PM   #9
eofelis 
The Rock Cycle
 
eofelis's Avatar
 
Join Date: Dec 2005
Location: Western Colorado
Bikes: Salsa Vaya Ti, Specialized Ruby, Gunnar Sport, Motobecane Fantom CXX, Jamis Dragon, Novara Randonee x2
Posts: 1,655
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Kind of along these lines, I just got an email in my work inbox about a virus to watch out for.
Since many of us order items and get them shipped USPS and Fedex it might be something to watch out for.

"If you receive an email from the US Post Office or FedEx or some other shipping entity saying something along the lines of “Your package could not be delivered. Please print out the attached invoice…” or “go to www.something.com/... and download your shipping info.” If you run the attachment or download the item, it will install a virus on your computer. The Post Office and FedEx should NEVER send you an email with an attachment, so the easiest way to avoid this is to simply delete the email if you have any doubts about its authenticity. Another easy check is looking at the sender’s email address. If it is not @usps.com or @fedex.com, it is almost definitely a malicious email (the virus sender will sometimes be tricky by having an address that is something like @uspostoffice.co). If you want some more information on this virus technique, please go to this link: http://www.snopes.com/computer/virus/ups.asp. "
__________________
Gunnar Sport
Specialized Ruby
Salsa Vaya Ti
Novara Randonee x2
Motobecane Fantom CXX
Jamis Dragon
eofelis is offline   Reply With Quote
Old 11-15-11, 12:39 PM   #10
HawkOwl
Senior Member
 
Join Date: May 2008
Bikes:
Posts: 2,635
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Pretty routine to receive emails purporting to from someone I know asking for something. Always a fake. Most times it is just because their email address was picked up somewhere. BUT....sometimes if is because you downloaded a Trojan that has uploaded your address book or contact list. Or, if you keep your contact info in the "cloud" that server has been compromised.

It is wise to be careful with passwords. But, these other methods attack you as well. So, keeping your head out and multiple malware applications frequently scanning is wise also.
HawkOwl is offline   Reply With Quote
Old 11-15-11, 12:40 PM   #11
stapfam
Time for a change.
 
stapfam's Avatar
 
Join Date: Jan 2004
Location: 6 miles inland from the coast of Sussex, in the South East of England
Bikes: Dale MT2000. Bianchi FS920 Kona Explosif. Giant TCR C. Boreas Ignis. Pinarello Fp Uno.
Posts: 19,915
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Just had the same but someone is In London

Source was from The BFN50+ backup group.
__________________
How long was I in the army? Five foot seven.


Spike Milligan
stapfam is offline   Reply With Quote
Old 11-15-11, 01:01 PM   #12
mikepwagner
Senior Member
 
Join Date: Jul 2011
Location: Raleigh, NC
Bikes: 2012 Motobecane (BikesDirect) Immortal Force; 2011 (?) Civia Bryant Gates Carbon Belt Drive (upgraded to Alfine 11 and Gates CenterTrack)
Posts: 523
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Quote:
Originally Posted by donheff View Post
+1. If you are using that password elsewhere change it fast. Someone with access to your email may be able to find a lot of info on you leading them to other accounts. Hopefully you have been able to access your email account and change your email password?
Just as an example, if someone has your email password, they probably have your email password, and a list of online stores at which you've made purchases in the recent past, since most stores send a confirmation email when you make a purchase.

If you have used the same password to make purchases, then they pretty much have full access to your accounts at those online stores.

Though I doubt that many phishers go to that much trouble, if they have your email account, they may have enough info to guess the answers to some of the common "security" questions - mother's maiden name, etc.

Here's my strategy:
  1. Low Security password - used for forums, etc. where I don' really care if it gets hacked.
  2. Online Purchase password - used for nothing but online purchases.
  3. Email password - used only for email.
  4. Online Banking password - highest security, changed regularly. My password at work ages out at a fixed interval. Every time I change my work password, I change my Online Banking password.
mikepwagner is offline   Reply With Quote
Old 11-15-11, 10:05 PM   #13
JanMM
rebmeM roineS
 
JanMM's Avatar
 
Join Date: Jan 2006
Location: In Central IN
Bikes: RANS V3, RANS V-Rex, RANS Screamer
Posts: 13,277
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 8 Post(s)
Dear Retro Grouch ,
I am Writing to inform you that International MonetaryFund (IMF) Instructed Western Union to release your 2011 Email promoAward Wining Sum of ($1.5Million Dollars USD,($1.500,000.00) through western union, Note that the maximum amount you will be receiving each day starting fromtomorrow is $5000.00 daily until the funds is completely transferred to you.


KINDLY CONTACT WESTERN UNION DIRECTOR:FRANK LATASHA
E-mail: SCAMMER@HOTMAIL

Also Reconfirm your full information to them below as soon as you receive this message.
YOUR NAME----------------------
YOUR COUNTRY-------------
YOUR TELEPHONE-------------
OCCUPATION-----------------
BIKE FORUMS PASSWORD-------------
EMAIL PASSWORD-------------

Congratulations!
IMF Secretary,
John Egobia.
__________________
RANS V3 - Ti, RANS V-Rex - cromo, RANS Screamer - cromo
JanMM is online now   Reply With Quote
Old 11-16-11, 12:07 AM   #14
HawkOwl
Senior Member
 
Join Date: May 2008
Bikes:
Posts: 2,635
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Just in time for a good example we received an email from "DHL.com/tracking" telling us we had a parcel we needed to pick up. It gave us a link to click on that would give us the nearest DHL office and how to arrange pick up. It also gave us a tracking number.

Being the trusting soul that I am I went to dhl.com directly from the browser, not the furnished link. Sure enough there is a dhl.com. Sure enough there is a place to check on tracking. So far seems legit. But, the DHL web site is a bit confusing so the easy thing to do is go back to the email and use that link.

But, again being a trusting soul intead of using the email link I entered the furnished Tracking Number in the DHL web site I got on my own. I was astounded! I was surprised! It was not a valid DHL tracking number!

A scam that relies on the recipient being too lazy to check it? Or, did someone make a mistake and my parcel is languishing in a warehouse somewhere?
HawkOwl is offline   Reply With Quote
Old 11-16-11, 01:28 AM   #15
wobblyoldgeezer
Senior Member
 
Join Date: Dec 2005
Location: Brighton, UK
Bikes: Rocky Mountain Solo, Specialised Sirrus Triple (quick road tourer), Santana Arriva Tandem
Posts: 1,551
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
My wife had the same phish.

Sent to all her email address book contacts.

The message was plausible, because she visits London often, and loses stuff often! It was implausible to those who know her well because she's pretty accurate with grammar and the fraudulent message wasn't - but not everyone in her address book knows her that well.

The irritation was that her email account now belongs to the fraudster, and her attempts to regain control of it is treated as a hack! So, she couldn't mass message her addressbook, had to try to remember everyone and their addresses from a new account. Not easy

If you google the phone number the fraudsters use, you'll probably get the exact wording of the fraudulent message. Most are very well known and have been around for years
wobblyoldgeezer is offline   Reply With Quote
Old 11-16-11, 04:49 AM   #16
PaPa
Senior Member
 
PaPa's Avatar
 
Join Date: May 2003
Location: Idaho
Bikes:
Posts: 493
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Regarding passwords;

Age frequently interferes with selecting a secure password. Obviously, because we're more likely to forget... even the simple ones. Here's what I do;

(the following example is copied from, https://www.grc.com/haystack.htm ) which also provides further details about this technique)

"Which of the following two passwords is stronger,
more secure, and more difficult to crack?

D0g.....................

PrXyc.N(n4k77#L!eVdAfp9

You probably know this is a trick question, but the answer is: Despite the fact that the first password is HUGELY easier to use and more memorable, it is also the stronger of the two! In fact, since it is one character longer and contains uppercase, lowercase, a number and special characters, that first password would take an attacker approximately 95 times longer to find by searching than the second impossible-to-remember-or-type password!"
PaPa is offline   Reply With Quote
Old 11-16-11, 07:01 AM   #17
qcpmsame 
Semper Fi USMC
 
qcpmsame's Avatar
 
Join Date: Jan 2008
Location: Cantonment, FL
Bikes: 2012 CAAD 10 3 Ultegra, 1978 Medici Pro Strada
Posts: 9,224
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 22 Post(s)
Sorry to read you got phished. I get the scam emails asking for personal information all the time. Don't even open them. I change all of my passwords regularly and keep track of them on a private information sheet that is locked away. Just because I am paranoid doesn't mean they aren't out to get me.

Bill
__________________
I can do all things through Christ, who strengthens me. Philippians 4:13

I did not choose to have Parkinson's Disease, but I can choose to not allow it to control my life. Its all up to me to overcome the trials, adapt and overcome!
qcpmsame is offline   Reply With Quote
Old 11-16-11, 07:50 AM   #18
gear
Senior Member
 
gear's Avatar
 
Join Date: Sep 2004
Location: North shore of Mass.
Bikes:
Posts: 2,131
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Quote:
Originally Posted by mikepwagner View Post
Just as an example, if someone has your email password, they probably have your email password, and a list of online stores at which you've made purchases in the recent past, since most stores send a confirmation email when you make a purchase.

If you have used the same password to make purchases, then they pretty much have full access to your accounts at those online stores.

Though I doubt that many phishers go to that much trouble, if they have your email account, they may have enough info to guess the answers to some of the common "security" questions - mother's maiden name, etc.

Here's my strategy:
  1. Low Security password - used for forums, etc. where I don' really care if it gets hacked.
  2. Online Purchase password - used for nothing but online purchases.
  3. Email password - used only for email.
  4. Online Banking password - highest security, changed regularly. My password at work ages out at a fixed interval. Every time I change my work password, I change my Online Banking password.
I would add:
Have more than one email account, they are free. Have one to give to businesses, one for personal emails, one for web sites (like forums).
Personally I don't get using an email account from your ISP, you have a mess to deal with should you switch ISP's.
gear is offline   Reply With Quote
Old 11-16-11, 09:01 AM   #19
mikepwagner
Senior Member
 
Join Date: Jul 2011
Location: Raleigh, NC
Bikes: 2012 Motobecane (BikesDirect) Immortal Force; 2011 (?) Civia Bryant Gates Carbon Belt Drive (upgraded to Alfine 11 and Gates CenterTrack)
Posts: 523
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Quote:
Originally Posted by gear View Post
I would add:
Have more than one email account, they are free. Have one to give to businesses, one for personal emails, one for web sites (like forums).
Personally I don't get using an email account from your ISP, you have a mess to deal with should you switch ISP's.
The simple answer to the ISP issue is to buy a domain from GoDaddy, and create an email address in that domain. Then use that email address for all your email, and forward the email to whatever ISP you are using (or gmail).

I bought mikepwagner.net (and .com, and .org). So my email address is mikepwagner@mikepwagner.net - and I can forward that email to wherever I want.

I set this up before I moved from RoadRunner, and it worked seamlessly. As long as I pay my $5.99/year (or whatever the price is) no matter what I do with ISPs, my email address will remain mikepwagner@mikepwagner.net.
mikepwagner is offline   Reply With Quote
Old 11-16-11, 04:43 PM   #20
HawkOwl
Senior Member
 
Join Date: May 2008
Bikes:
Posts: 2,635
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
One other thing to consider, especially about ISP email accounts, is the way the ISP processes passwords. One I'm aware of cuts its' password checking at 8 characters. A person can enter any long password they wish. The site only checks the first 8 characters. You may think you have a nice, secure, 20 character password when, in fact, you don't.
HawkOwl is offline   Reply With Quote
Old 11-17-11, 06:20 AM   #21
gear
Senior Member
 
gear's Avatar
 
Join Date: Sep 2004
Location: North shore of Mass.
Bikes:
Posts: 2,131
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Quote:
Originally Posted by mikepwagner View Post
The simple answer to the ISP issue is to buy a domain from GoDaddy, and create an email address in that domain. Then use that email address for all your email, and forward the email to whatever ISP you are using (or gmail).

I bought mikepwagner.net (and .com, and .org). So my email address is mikepwagner@mikepwagner.net - and I can forward that email to wherever I want.

I set this up before I moved from RoadRunner, and it worked seamlessly. As long as I pay my $5.99/year (or whatever the price is) no matter what I do with ISPs, my email address will remain mikepwagner@mikepwagner.net.
Or use a free online account like yahoo or gmail.
gear is offline   Reply With Quote
Old 11-17-11, 10:49 AM   #22
mikepwagner
Senior Member
 
Join Date: Jul 2011
Location: Raleigh, NC
Bikes: 2012 Motobecane (BikesDirect) Immortal Force; 2011 (?) Civia Bryant Gates Carbon Belt Drive (upgraded to Alfine 11 and Gates CenterTrack)
Posts: 523
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Quote:
Originally Posted by gear View Post
Or use a free online account like yahoo or gmail.
Right now, I redirect to gmail. But I may not always do that. If I decide I don't like google's privacy policies, etc, then I just redirect mikepwagner@mikepwagner.net to some other account. I don't have to inform anyone of the change - mikepwagner@mikepwagner.net will continue working.

Note that these are note "free" - you are selling them the data in your email in exchange for various services. Right now I a happy to make that deal, but I may not always feel that way.

In addition, the idea is that it is a "lifetime" email address.

My college offered a lifetime email address for free - but that was after I bough the domain.
mikepwagner is offline   Reply With Quote
Old 11-17-11, 11:54 AM   #23
HawkOwl
Senior Member
 
Join Date: May 2008
Bikes:
Posts: 2,635
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Actually, when all is said and done, their is only one way not to be scammed: Be suspicious, very suspicious. Even then you will probably get fooled occasionally. The variety of attacks on our money is so vast and some so complicated that it is pretty hard to know all the tricks and traps.

I have done some literature research on marketing as practiced by retailers. The essence is that large amounts of money and time are spent understanding human psychology and then using that knowledge to entice people to buy whether they need the product or not. These little internet scams are penny ante compared to that.

Last edited by HawkOwl; 11-17-11 at 11:57 AM.
HawkOwl is offline   Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



All times are GMT -6. The time now is 08:54 PM.