Forums » Off-Topic Discussion »

Interesting turn of events

mad_machine
mad_machine GRM+ Memberand MegaDork
2/1/13 10:51 a.m.

Some of you may have read in my "apologies" thread that somehow my email got scammed/hacked, sending out spam to everyone I ever emailed (I got back some 250+ returns from emails that didn't make it)

Yesterday, I found an email in my spam folder that was supposedly from my email provider but was obviously a phishing attempt. It was send to me the day after I changed my email password and basically stated that they thought my email account had been compromised and that I should reply to this email with my password so they can double check it with their records.

I replied with a nice "two word" email password for them to try... begins with an F and ends with a U.

I just find it suspecious that the day after I got hacked and changed the password.. I got this phishing attempt. I guess they tried to use my email again and found the change in password wouldn't let them. Scammers are getting sneaky.

What I don't understand is how they got my password. I have never given it away and I did a complete virus scan on the computer that took hours and it found nothing (lot of adware though). I would not say I was paranoid about my password, but I certainly did my best to avoid it getting out

yamaha
yamaha SuperDork
2/1/13 10:55 a.m.

Password cracking is pretty easy........i've seen software in the past meant for itunes only.

N Sperlo
N Sperlo UltimaDork
2/1/13 10:57 a.m.
yamaha wrote: Password cracking is pretty easy........i've seen software in the past meant for itunes only.

That

GameboyRMH
GameboyRMH GRM+ Memberand PowerDork
2/1/13 10:58 a.m.

Not unusual at all, they were trying to regain control of your account. The spammer probably has some kind of "hijacked email account management system" that sent it automatically when it couldn't log in anymore.

If you have a recovery question make sure that's changed too BTW.

There's a good chance your password was brute-forced. Was it a word that might be found in a dictionary or encyclopedia? If so, there you go.

mad_machine
mad_machine GRM+ Memberand MegaDork
2/1/13 11:16 a.m.

that I did Gameboy.. it was a word taken at random from a French to english dictionary. Now it is an alphanumeric that I find to be a pain in the ass to remember

Grtechguy
Grtechguy UltimaDork
2/1/13 11:54 a.m.

password with spaces in them are the MOST secure. even if the pw is "pass word" that is stronger than "P@s5W0rD"

peter
peter HalfDork
2/1/13 12:13 p.m.
Grtechguy wrote: password with spaces in them are the MOST secure. even if the pw is "pass word" that is stronger than "P@s5W0rD"

You're going to have to explain that one.

My current password strategy:

XKCD

Duke
Duke PowerDork
2/1/13 12:36 p.m.

Too bad I have never been part of a system that would accept spaces in passwords.

Matt B
Matt B Dork
2/1/13 12:48 p.m.

Just use an underscore with the XKCD method then.

Duke
Duke PowerDork
2/1/13 12:52 p.m.

I also don't get where the 44 bits of entropy come from, but that's OK.

You'll need to log in to post.

More like this

This VW New Beetle won a national rally championship | #TBT

“People’s Champ: The Impact of Ken Block” coming to the Petersen

How to make the move to an aftermarket ECU

Are you prepared to do a bailout?

Motorsports and Rockets: An unlikely but stellar combination

$2000 Challenge: A roofless, punk rock Honda CRX

Video: Take a fast lap at Daytona in the No. 31 Cadillac IMSA GTP

The high-tech lessons you can learn from historic race cars

Subaru BRZ tS: Track test and review

Race car aerodynamics: How to counteract lift with downforce
Our Preferred Partners
Koni GRM
HMS Motorsport
SCCA
Tire Rack GRM
Holley
IMSA
Epartrade
Intercity Lines GRM
Sunoco GRM
Weathertech
HPX Show GRM
QNaAy5c2xyccxBeoF8CZAjBMKNNp6yIB3mDpMtFbHaUrsJCi863eRv346qVXBlDY