I get so many emails from people who have me as a contact and their account password has been cracked, that I set up a canned response in Gmail. When I get one of these emails that has something like a link in the email with no subject, or there may even be a subject. They are almost always from someone I know, and have received email from in the past. I just hit the “reply all” and send this out to everyone. I use the BCC when I send out to multiple recipients, except in cases like this where everyone can already see the list of recipients. All I have to do for this email is to change the name(s) and the gender of the original sender. I also remove the link in the original email that is quoted, so that nobody can click on it from this reply. I will often copy the first line to add to the subject of the email.
Far and away, Yahoo has the most accounts sending this stuff out. Personally I believe their security must be the weakest of the major email vendors. I fully admit that I am a Google “fanboy”, but with good reason, their products are great and they have very good security. You can even use gmail and have it retrieve your email from your other email service and send mail out as if it were coming from that account.
Feel free to copy this email and change it to your own names or just leave it alone and hopefully I will get some business from it!
My name is Vic Lovan, and I am a computer tech guy. viclovan DOT com if you want more info.
This email is a response to the others coming from CHANGE THIS NAME. His OR HER account password has been cracked and the email being sent out is an attempt to infect your computers and gain access to your email accounts to send this out to more people. Please do not click on any of the links.
I am seeing this happen all the time so if you feel your password is possibly weak, then you should change yours as well, ESPECIALLY if you use Yahoo, which includes all AT&T/SBC/swbell, and other phone/ISP accounts. If this has happened to you, don’t feel too bad, the bad guys are very persistent, and working all the time on doing this kind of thing to eventually make money from it. I’m pretty sure your job is not to combat them all day long.
If your account has been cracked, you need to change your password immediately. You can make it three (3) or more common words and something that a human will understand, but is almost impossible for the bots that do the cracking to figure out. It should be at least ten (10) characters or more, although 16 or 20 will be MUCH better. It turns out that the length of the password has more to do with the difficulty for cracking than complexity, but complexity will also help. For instance, “MaryHadaLittleLamb” should actually be a pretty tough password(but you probably should not use it). You can make it something you can remember if you want. When you do go to change your password, it is likely that the service will have a strength meter to let you know if it is strong enough(Google does for sure). I am now recommending a service/utility called LastPass that is extremely secure and it will generate and remember very strong passwords for you. The premium version is only $12 a year and is needed for your mobile devices, and will be about the best $12 you spend. I do not get any commission from them(I wish).
If you want any help in this regard, please feel free to give me a call at 618.767.6728.
If you want to really learn some more on this, do a Google search for “GRC password haystacks”. I am not wanting to post the link because of the already questionable security of your systems, but the search result will be the top link.
www. viclovan .com
Short code links for this page to copy and paste for sending.