Avoiding identity theft online, or how not to screw up like I did

It has been a long, strange morning.  A hacker stole my accounts and purported to be me, asking everyone in my contact list to send him money since he had been mugged in the UK and couldn’t get home.  I was able to regain control of most of my accounts, although one e-mail account and my Facebook account were deleted in the process.  ALL MY CONTACT LISTS WERE ALSO DELETED.   So, I had no way to know who most of the attempted victims of the scam were.

Anyway, I apparently broke too many security rules and left myself open for attack.  Some things I learned:

  1. Take advantage of the contact export features of your e-mail provider to make regular backups!
  2. Pick a different password for EVERY site you use.  I suspect the attacker gained access to one system and used the availability of my e-mail address and password to hop into other accounts.
  3. Use GMail–by proving my true ID through knowledge of my account usage, Google made it relatively painless to get my account back.  They also allowed me to see an export of recent activity and KILL all sessions besides the one I was in.  This ensured that the user who no longer had a valid password could no longer access the system.  Yahoo, on the other hand, was difficult to navigate, and though I filled out a form, nothing happened.  The e-mail account I lost completely was a Yahoo account.

I knew better, but let my guard down.  Don’t be me!

2 Comments

  1. OMG! Thank you for posting this. I was about to email back but saw there was no “To” list on the email, the reply to email was with three T’s, and the email said you didn’t want family to know which sounded odd. My BS detector was going off, but I still wanted to help… A-hole spammers and hackers tug at the ol’ CIS heartstrings!

    I get points for wanting to help though! 🙂

    Take care Tim,

    Jeremy

    • Speaking of a-hole hackers, I get so many spam comments on my blog that I just now saw your comment in the moderation queue! Sorry about that.

Comments are closed.