Monthly Archives: May 2012

What is the Proper Way to Inform Someone Their Email Has Been Hijacked?

Somebody recently asked me this question. Many people have seen, every now and then, the weird emails coming from a friend or relative that could not possibly be sent by them, so I thought it’s worthwhile to make the answer broadly available:

If you want to inform someone that their email account has been hacked, it is usually wise to use an alternate mode of communication if possible (Another email address than the one being the source of suspicious emails or even a phone call). Sending an email to the email address that seems to be hacked might only worsen things if the account is actually under the control of a hacker, for it only confirms your email address is valid and makes you prone to receiving spam (your email address will be sold in the black market for a price).

If YOUR email has been hacked, the first immediate action is to change your password, preferably from a different computer than then one you normally use, just in case the cause of the email hacking is password-stealing malware implanted in your computer. The next action is then to do a thorough malware check to make sure the source of the security breach in your computer is NOT malware (weak passwords can be guessed without needing password-stealing malware to perpetrate, plus in rare cases passwords are stolen from the computers running the email service on the Internet – the servers), or get rid of any malware if there is any.

There is a possibility that your hacked email account has had its password changed to lock you out. To regain control of your email account you might need to reset the password. Most email services provide methods of doing that. Security questions that only you know the answer to, a cell phone number a new password can be sent to as a text message, a secondary email to send a new password to, all these must be pre-set for this kind of eventuality. So a good preventive measure is to make sure these reset password mechanisms are in place for your email address.

Recent and Upcoming Computer Updates

A summary of recent and upcoming updates you should know about:

Windows Updates: Microsoft has published a Security Bulletin Advance Notification indicating that its May release will contain seven bulletins (updates). These bulletins will have the severity ratings of critical and important.  The release of these bulletins is scheduled for Tuesday, May 8, 2012.

Google Chrome web browser: Google has released Chrome 18.0.1025.168 for Linux, Macintosh, Windows, and Google Chrome Frame to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition. It also contains an automatic update for Adobe Flash (covered next). To check what version of Chrome you have and to update as needed, click on the wrench symbol on the upper right corner of a Chrome window, and then select About Google Chrome.

Adobe Flash: Adobe released a Security Advisory for Adobe Flash Player a couple of days ago to address a vulnerability affecting the following software versions:

  • Adobe Flash Player 11.2.202.233 and earlier versions for Windows, Macintosh, and Linux operating systems
  • Adobe Flash Player 11.1.115.7 and earlier versions for Android 4.x
  • Adobe Flash Player 11.1.111.8 and earlier versions for Android 3.x and 2.x

This vulnerability may allow an attacker to take control of the affected system. There are reports that the vulnerability is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious file delivered in an email message. To check what version of Flash you have installed in your computer, click here.

 Keeping your computer(s) up-to-date with the latest patches from the various software vendors is one of the key steps to fend off malicious cyber-attacks.

Test Drive – Microsoft Security Essentials 4.0

A little over a week ago, version 4.0 of Microsoft Security Essentials (MSE) was released. First seen in version 1.0 back in 2009, MSE has been among the top free antivirus programs ever since. I first mentioned it back in 2009, when it was in its testing stages, in one of my articles. I took version 2.0 for a test drive in 2011, where it performed surprisingly well. So I decided to take this version, 4.0 for a spin as well (there never was a version 3.0).

As I’ve usually done it, the test drive consisted of visiting known infected websites with my test computer, with the antivirus program installed and then observing and analyzing how the antivirus performs in terms of detecting malware, preventing the computer from being infected and cleaning it up as needed.

So I took my test computer and accessed 4 or 5 infected websites. One of them infected with a Trojan, one with a Fake Antivirus, one with a rootkit, and finally one with another Trojan. In each case the real-time protection feature of MSE correctly detected the presence of malware, stopped access to the infection, and cleaned up successfully any files downloaded by the website to my computer, without any user intervention needed. A detailed after-the-fact analysis of what went on when I accessed each infected website revealed that neither an invisible, behind-the-scenes infection nor computer settings alteration took place, confirming that MSE succeeded and passed the test.

I already liked MSE 2.0, and I’m liking MSE 4.0 even more. Out of all the free antivirus alternatives, it is the one I like the most.

If you have MSE in your computer(s), check to make sure you have this version, the latest. If you need help checking which version you do have or how to upgrade to the latest one, feel free to ask.

Trojan, Trojan Horse

Trojan horses are a specific type of malware (malicious software) that, similar to the  the Greek story of Troy, allow for intrusion of a system from within, opening the door to external control of your computer by a remote intruder. As of late 2014, 78% of malware are Trojans.