Scam of the day – November 5, 2013 – Email hacking

Two close friends of mine had their email accounts hacked this week and they are not alone by any means.  Email hacking is a common occurrence and it can represent a serious security threat or a benign inconvenience, however, in either event, it is important to act promptly to remedy the situation. Sometimes your email is hacked and used as part of a botnet, which is a zombie network of computers used by scammers to send out spam.  Other times, however, when you are hacked, malware is installed on your computer without your becoming aware of it. One particularly troublesome type of malware is keystroke logging malware that can steal all of the information from your computer and make you a victim of identity theft.  Often you only become aware that you have been hacked when someone on your email list informs you that that you have received an email that appears to have been sent by you, but is strange and arouses suspicion.


Here are some tips for what to do if you have been hacked.  For more detailed information, check out my book “50 Ways to Protect Your Identity in a Digital Age.”  You can order it by clicking on the link on the right hand side of this page.

1.  Change your password on your email account.  If you use the same password for other accounts, you should change those as well.

2.  Change your security question.  I often suggest that people use a nonsensical security question because the information could not be guessed or gathered online. For instance, you may want the question to be “What is your favorite color?” with the answer being “seven.”

3.  Report the hacking to your email provider.

4.  Contact people on your email list and let them know you have been hacked and not to click on links in emails that may appear to come from you.

5.  Scan your computer thoroughly with an up to date anti-virus and anti-malware program.  This is important because the hacker may have tried to install a keystroke logging malware program that can steal all of the information from your computer.

6.  Review the settings on your email, particularly make sure that your email is not being forwarded somewhere.

7.  Get a free copy of your credit report.  You can get your free credit reports from  Some other sites promise free credit reports, but sign you up for other services that you probably don’t want or need.

8.  Consider putting a credit freeze on your credit report.  You can find information about credit freezes on my blog



Scam of the day – January 5, 2013 – Email hacking

Today’s scam of the day is prompted by a friend of mine having her email account hacked into.  In her particular situation, it was not as bad as it could have been.  It was hacked into and then used as a part of a botnet to send out relatively harmless advertising spam.  However, hacked email accounts can also subject you to more sinister problems such as identity theft as when your computer becomes infected with a keystroke logging malware program that can steal all of the information from your computer.  For many people the first sign that their email account has been hacked is when friends start calling or emailing telling you that they have received a suspicious email that appears to come from you.


The first thing you should do is make sure that your Firewall and security software are current and operative.  You should not take any further steps until you are sure that your computer is secure and that is not infected with a keystroke logging malware program because if it is, you are merely continuing to communicate with your hacker.  Send out an immediate blast email to everyone on your email list to let them know that your email account has been hacked and that despite what they might have been told in an email that appeared to come from you, you are not marooned in London and in need of cash.  That needy traveler scam is one that hacked email accounts are often used for.  Using a clean computer, log into your email account and make sure that your settings have not been changed such as where your email is being forwarded to another email address.  If any of your settings have been changed, delete those changes and put your own settings back into effect.  Set new a new password for your email account and make sure it is a secure one.  You can find more detailed information about this in my book “50 Ways to Protect Your Identity in a Digital Age.”  Finally, do a little soul searching.  Most likely, you invited the hacker in by clicking on a tainted link or downloading tainted material.  Remember my motto, “trust me, you can’t trust anyone.”  You should never download material or click on a link unless you are absolutely positive it is legitimate and not infected.  Merely because something appears to come from a friend does not mean it is legitimate.  After all, your friends are receiving links in emails that appear to be from you because your account was hacked.

Scam of the day – October 15, 2012 – Justin Bieber lost laptop

A few days ago,  it was reported that Justin Bieber’s laptop was stolen from backstage during a show in Tacoma, Washington.  What we don’t know is if Bieber’s laptop was properly secured with a complex password.  Many people are, unfortunately, quite lax when it comes to protecting their laptops, smartphones and other mobile devices with up to date security software, encryption programs and, the most basic of all protections, a good password.  If Bieber falls into this group, he could lose more than just a computer.  Like many people, Bieber may keep important records on his laptop and use it also for financial transactions which could put Bieber in serious jeopardy if he either did not have a password to protect his computer or used an easy to predict password.


Scammers and identity thieves can easily predict the most commonly used passwords among which are 123456, password, iloveyou, and abc123.  They can also easily predict passwords from adjacent keys on your keyboard, such as asdfgh.  If that doesn’t make sense to you, look down at your keyboard.  Additionally it is easy to predict names and words found in the dictionary.  Scammers also have computer programs that can rapidly try many passwords to crack even the more complex passwords.   In order to protect yourself with a password that is unlikely to be able to be predicted or discerned by a scammer or identity thief, you should consider having a password of at least twelve characters, have at least one letter be a capital letter and at least one letter be in lower case.  Also use at least one digit in your password and one symbol.  Remember a key to protection is length, so, for instance a good password would be  Ytefas1st!!!.  This odd arrangement is made up of the word “safety” spelled backwards and starting with a capital letter and then having the rest of the letters in lower case.  Then the password has “1st” as in “first,” but with a digit and ends with three explanation points which makes this easy to remember and hard to break.