Do you ever email yourself from work or other places? I do—beats writing myself a note which I promptly lose. A few days ago, I noticed an email in my inbox from “Holly (maiden name) Doering” with the subject line FOR HOLLY. I almost clicked it! Dang.
But my hotmail account is in my maiden name. Two words, not three. The only place I use all 3 names is on my Facebook. Was my FB account hacked? When I moused over the sender’s address, it wasn’t mine but something I didn’t recognize. I got a second one, and the sender’s address was completely different.
What Is This?
1) Something fairly harmless–A couple of people on help forums suggested that this could be “spoofing.” A random email address is used to replace the real sender’s email address—but I could still see it when I looked.
2) Something very dangerous–The email could be coming from my computer. Someone could be monitoring our keystrokes to get our passwords, user IDs, and credit card numbers.
What You Should Do
Here’s what I did: First, I delete the emails unread and unclicked upon. Second, I had my Kapersky security system run a full scam on the computer. Fortunately, it found no threats. Third, I posted a notice to my Facebook Page warning my friends about these emails and asking if anyone has received such an email from “me”—meaning the scammers.
I also got a few ideas from Tony Bradley, a former About.com contributer and a Microsoft MVP in Windows Security:
Task Manager: I opened my Windows Task Manager and looked at all the running applications. Honestly, it was mostly Greek to me. I don’t understand what they all do or what the names mean. I had my husband look too.
Processes Tab: Tony says “Many hacker tools and utilities will not show up as an application, but may show up on the Processes tab. Click Processes to see all running processes along with the username that initiated each process.” Tony says that “often the applications and processes are intentionally named to look like normal system files so you need to look closely.”
We didn’t see anything odd.
Event Viewer (Logs): I also opened our Event Viewer and nothing strange stood out. Tony also says you can look through your Application, Security and System logs to see if entries were made at odd times when you know you weren’t using your computer. If you have certain services enabled like DNS or IIS or use some third-party applications you may have Event Viewer logs for those as well.
I don’t think we’re going to have to decontaminate our PC by wiping our hard drive and reinstalling Windows with our machine disconnected from the Internet—thank goodness. But it is a final step you can take, if you suspect or know for sure you’ve been hacked. Ugh. If you were hacked, do contact an IT professional right away and get help decontaminating your machine. You can search for trustworthy companies on www.bbb.org.
- Create a strong password for your Hotmail account
- Make sure your operating system has the latest updates (usually free)
- Never reply to email asking for your Hotmail password, even if they claim to be from Hotmail or Microsoft—they’re not
- If you often use public computers, change your account settings to always use HTTPS. Or request a single-use code when you must sign in from a public-computer.
- Add security info to your account for easier recovery if it’s hacked
- And if you were hacked: Change your security question and reset your account settings, including sending/receiving mail, forwarding, auto replies, linked IDs, and reply-to addresses. Restore your deleted email and contacts*
*Note: Several sources suggest waiting to do this until your computer is clean again—otherwise you could just be giving the hacker(s) your new information.