Two friends of mine have had their email accounts hacked into and hijacked. This has happened within the past 6 months. Both have had bizarre messages sent to many in their email address books, messages that are clearly bogus. One explained that she had taken an unexpected trip to London, had not told anyone, but had lost her wallet and needed money to get back home. “Please send money”. The language of the note was clearly not hers, as it was certainly written by someone for whom English was not their native language. The most recent was a colleague from work, whose personal email was hijacked, and the message was simply a link which sounded like something she might have sent as a joke, but which was actually for a Canadian drug company, whose page for Viagra and Cialis came up when you clicked the link.
It amazes me. We have had the internet for how long now? The email providers are designed and run by the most highly trained and technologically sophisticated computer nerds we’ve got. If we were to have a threat level for our computer security systems, we would be at level red.
And yet, we don’t have a built-in security system on our basic software programs which would stop this. It is reliant on the user to continuously update, to purchase the latest and greatest of malware and security updates. We are advised to make up convoluted passwords that we can never remember. Then we keep them all on a list in the drawer of our desk, or on sticky notes plastered to the computer screen. Many people can’t do it, and just use their name spelled backwards, their dog’s name, or the numbers 123456 (or, if they are feeling tricky, 654321). In other words, there is a market to make money from the prevention of hacking.
I admit that my sophistication about computers is very low. I am like the car owner who just puts in the gas and goes. But that means that I am the exact target market for both the hackers and the software companies. It seems to me that there is an inherent conflict of interest in the prevention of hacking…..if it becomes totally prevented, the market to prevent hacking will disappear. And, of course, this appears to be the preferred business model.
Luckily, neither of my friends suffered anything more than the embarrassment of their father-in-law receiving a Viagra ad, or having to explain 100 times that no, she did not take a secret trip to London. But it could have been much worse.
Why, oh you who are experts in this area, are there not software programs which prevent this type of intrusion into our cyberspace automatically included in the basic package? Why has no one been able to design a program that can do this, and is, if needed, updated without action from the owner? To me, a member of the technologically illiterate masses, it would seem that it should be relatively easy for you smart ones to come up with such a system.
Keep me secure. Bring the threat level down to green. Just do it. I don’t want to think about it. I want to be able to just turn on my computer and go.
Just My Life 
I agree. And I want all computers to automatically screen for viruses, spyware and any other sort of malware.
By: secret agent woman on May 14, 2010
at 7:48 pm
(This was my area of expertise, having been a Supervising Regional Network Technician prior to retiring)
Kevin Mitnick, one of the most notorious “hackers” of all time, accomplished his deeds mostly through “social engineering”. For example, leaving a voicemail on someone’s phone saying he was from the IT department an needed the user’s password… which the person readily gave him.
Indeed many of the weaknesses you mentioned, using simple and easily guessable passwords are the most common method of hacking, birth dates, kid’s names, and very common – using the SAME password on multiple sites.
Many people use a router between their PC and the internet modem when they have multiple computers they want to connect. But I advise having a router even if you have only one computer. Someone targeting your IP address will then find your router, not your computer.
Still, much malware is loaded onto PC’s by going to web sites which download and install trojans on your PC. Changing your settings to require you to click to approve downloads and installations is an excellent precaution when using your browser.
Emails with attachments should always be suspected, even if (actually, particularly) if they seem to have originated from friends.
I always delete chain e-mails and those messages with silly pictures, jokes and emotional/motivational/political or other messages.
I highly recommend a FREE virus scan program called AVG. It has a very low memory overhead and is very effective.
Finally NEVER click on a message that pops up on your computer (that is not from your virus scan program) saying “you have a virus, do you want to clean it or scan your computer now?” Very often, THAT is the virus tricking you into installing it.
Check out one of my entries about my adventures in Tech support:
http://pleadignorance.blogspot.com/2010/03/latest-buzz.html
By: Robert the Skeptic on May 14, 2010
at 9:08 pm
Great advice, but I want it to just be taken care of for me. I don’t even want to think about it, let alone do all of that…..Any way for that to happen? Will my whining help with that?
By: chlost on May 14, 2010
at 9:16 pm
Chlost: Yes, there is indeed a much simpler way to protect your computer – turn it off! *wink*
By: Robert the Skeptic on May 15, 2010
at 1:02 pm
The guys that are able to write programs to hack into our computers went to the same schools as the guys trying to write programs to keep them out. I think it is a battle that will go on for decades and the only losers will be us users.
By: The Idiot Speaketh on May 15, 2010
at 2:53 pm