I receive upwards of 10 and more spam email daily at all of my email addresses. I’m very cautious about what services I sign up for and I constantly nag tell my husband to be very aware of sites that offer free items in return for your email address. Finally, he learned the hard way that my paranoia has some basis in fact: his Yahoo! email account was hijacked and used to send a spam e-mail to all his contacts. Thankfully, his address book on Yahoo has less than 20 entries so it wasn’t a massive spam launch. However, the scary part of this hijack was the fact that it was as if the intruder was beside us as the email was sent while we were both online. I won’t even pretend to understand how this happened, but I talked with him and explained that certain behaviours that he had unconsciously practiced could have led to the hijack. In short, here’s a short list of what he has been doing wrong, IMHO.
- He never logs out of his email account. Rather, he just closes the browser window. This is a huge no-no especially when you are on a public computer. Our computing setup is thus: a home desktop running Windows XP SP3 Professional. I’ve installed Firefox as the default browser, but Internet Explorer is readily accessible. On Firefox, I’ve set all cookies to be cleared once I close the browser and we have Norton Internet Security 2009 installed & updated. He does browse on public computers and if his browsing habits at home (i.e. closing the browser window vs. logging out) mimic his public internet browsing habits, his cookies could have been hijacked by a malicious website.
- He is a very good guitar player and I have found him downloading guitar tab tools from sites he finds via Google or visiting link-riddled websites. It is not beyond the realm of possibility that virus, trojans, etc could be introduced by free and unvetted programs. If he provided his email address, there’s no telling what these free sites would do with that information.
In any case, trying to track down the hacker will be futile when all I have are the email headers. I’m currently running a full system scan on the PC (HijackThis turns up nothing suspicious) and I will defragment the computer also & rid the computer of obsolete programs. I’m sorely tempted to wipe Windows off and install Ubuntu or some other distro (Linux Mint comes to mind, thanks Judith!) so that the aging hardware can be put to good use. It’s only 4 yrs old and I’d hate to have to upgrade because Windows keeps getting tons of huge updates. End of rant. lol
In other news, I’m happy to report that my experience with the Bitdefender Antivirus Scanner for Unices (by the way, Unix is singular and Unices is plural) is very positive. My system has been virus-free thus far and I hope to keep it that way. I run chkrootkit and rkhunter fairly regularly. However, there is a small issue that hopefully will be resolved soon. I’ve scanned my entire file system with the Bitdefender Antivirus Scanner for Unices before so I was surprised to have another full system scan get aborted yesterday. I copied the output and pasted it into a text file. I sent it off to the Bitdefender Support and they narrowed the problem down to this item which causes the scan to abort:
bdscan “/opt/picasa/wine/drive_c/Program Files/Picasa2/Uninstall.exe”
Hopefully, an update will be issued that will correct whatever is causing this.