Strange email – possibly hacked

I just received a strange email from my mother’s general email account and it was addressed to my brother as well. Obviously the email looks suspect as all hell. Weird signature and link.

I called her up and told her that she should change her passwords. She logged on and checked her sent emails and it had only been sent to my brother.

Any thoughts?

Her Iphone was recently stolen although she says she wasn’t logged onto this email on the phone.

Changing the password is EXCELLENT advice.
I have no comment on what the sender is trying to achieve. It is possible that if it was a trojan attempt the trojan was blocked upstream from her machine, or that there is a hyperlink they want clicked on, or that there is hidden code in the header, etc.

There really are a lot of possibilities.

As for the words. I know what is going on there.

I think the term might be heuristics. There are several ways to block spam. One of the ways that spam filters allow spam THROUGH is by looking for conversations.

Like this post I am writing. Words, sentences, that sort of thing.
BUT one of the ways filters block is by looking for pre-defined messages.

If I write a sales pitch and email it to one person it is highly likely it won’t be blocked.
But – if I send that pitch to a million addresses it is highly likely TO be blocked. The Spam filters see a million identical messages, call bullshit on it, and block.

So what those crazy words do is this – to the spam filter it looks like writing. It looks like sentences and paragraphs and all that. But it is done randomly. Every single message that is sent is a random jumble of words so it never trips the alarm and blocks everything.

So crazy messages like that are ways to get past the spam filters.

Good news – your Mom is most likely fine. Better news, your instinct to change passwords is a good one.

Verizon was hacked and apparently thousands of emails were used to send out spam. Strange.

Sadly…
it isn’t strange.
Not strange at all.

Fucking sad.

I am studying networking, but between hard networking certs I do easy security certs as a way to unwind.
That is why I knew the answer to your question.

There are all kinds of ways that companies loose your personal information.

The BEST advice I have for you is this:

STAY ON TOP OF YOUR DEBIT CARD AND CREDIT CARDS.
Get logons and sign on several times a week and get in the habit of watching things hit the account.
A strange hit doesn’t necessarily mean something is a foot, but learn to investigate them.
Do not be afraid to call the credit card company and say, ‘Send me a new card with a new account number.’.
The credit card company will lock down the old number and give you a new one.

A hint:
If you EVER see strange debits for $1 for companies you know nothing about it could mean that your card information has been compromised.

Here is what the bad guys do:
They get there hands on a file of a shitload of cards. When they have the file they don’t know if the cards are still good or not. It is possible they could be all old cards.

Not all bad guys want the cards for themselves – that carries risk. Instead what they do is act like a middle man and sell the numbers to someone else. That someone else is going to want proof the cards are *fresh*.

What they do is this…
They find an online marketplace site and make a random purchase.
Add something to the cart and click on ‘check out’.
The next page asks for the CC number, name and address. They put it all in and click on *next*

Behind the scenes at the marketplace the company takes that information and DOES NOT BILL for the full price of the order. Instead they *ping* the CC server for only $1. If the marketplace transaction is succesful, then they give the user on the other end a page that says, ‘Press this button to process order’ if they are not sucesfull they give an error.

From the marketplace side there is zero wrong with this. This is standard practice and is AOK.

From the crooks point of view if he gets the ‘click here to continue’ message then he knows the card is good. He abandons the transactions and moves the information into the good pile.

———

So on your end if you see a $1 charge hit your account that you cannot identify YOU SHOULD NOT IGNORE IT. It is an opportunity to catch this thing before it gets worse.

Leave a Reply

Your email address will not be published. Required fields are marked *