Frontier Yahoo Mail Hacked!

In the last few months I have assisted a number of customers in resolving problems with their Frontier Yahoo email. The initial evidence of the hack was that some of their contacts received a bogus email such as the following:

“Subject: Urgent favor

How are you? I need a favor from you. I need to get a Gamestop Gift Card for my Nephew, Its his birthday but i can’t do this now because I’m currently traveling. Can you get it from any store around you? I’ll pay back as soon as i am back. Kindly let me know if you can handle this.”

This email came directly from the hacked Frontier yahoo email account.

In other words, it was not an email from some other account with the sender’s address spoofed. The hacker had direct access to the Frontier Yahoo account. Before sending the scam email, the account settings were changed to add a reply-to address and adding forwarding all incoming email to sophieyyyyyyyy@gmail.com.

Thus any direct reply to the scam message would go to the hacker’s email without the hacked account holder knowing. This would allow him to continue the scam. In addition, while any email sent directly to the hacked account would be received and seen by the account holder, it would also be forwarded to the hacker’s email.

Without checking account settings, the only way the account holder would know is when someone contacted the account holder after spotting the suspicious email, or when they didn’t respond to an email that was sent.

The first two customers contacted Frontier and were advised to change their passwords, which they did. While this most likely prevented further hacking, it did not fully resolve the problem.

Frontier failed to advise them to check other settings. In one case, Frontier actually remoted in to the customer’s computer to assist them. But the “tech” failed to find and remove the bogus reply-to and forwarding.

Consequently, customers called me because they were still having problems receiving emails. Finding and implementing the solution was relatively simple – check account settings and remove the bogus reply-to and forwarding.

Unfortunately, my customers thought that the problem was resolved when Frontier advised them to change the password. This meant that for a week or so they were still using a compromised account. The hacker was receiving copies of all emails sent to the account and replies to all legitimate emails sent by my customers through the account were diverted to the hacker.

When I contacted Frontier about an unrelated matter on a different account, the Frontier support person alluded to the hacking problem without being specific. However, to my knowledge, there was no recent notification from Frontier to their customers of a problem.

Just recently I spotted the problem on another account when I received one of the bogus emails. I was able to call the customer, alert her to the problem, and fix it, but it still required that the customer directly call Frontier in order to change the account password, as well as logging in to the account to eliminate the bogus settings.

It is unclear whether the hacked account problems I just described are due to the massive data breach at Yahoo reported back in 2017 where hackers gained access to credentials for 200 million Yahoo accounts, or if this is some new hack only affecting Frontier Yahoo accounts.

In any case, if you have Frontier Yahoo mail or any Yahoo account, the password should be changed and settings checked immediately. This applies even if you are not actively using the account.

As always, if you need assistance, you can contact me at 315-376-8879, by email, or Facebook.com/AffordableTechnicalSolutions.

Keep Track of User Accounts and Program Installers

When helping customers, I frequently run in to the problem of unknown account names, passwords, and license keys and unavailable program installation media or files.

If you forgot your password I can usually get you back in to your computer or at least recover data. It is not so easy on mobile devices or on-line accounts.

Mobile device security is generally much tighter on the assumption that a tablet or phone is easily lost or stolen. Be particularly careful about repeatedly trying different passwords, because some devices will permanently lock you out after a number of incorrect entries.

The only way to make the device usable again may to do a full reset. This will erase all apps, settings, and stored data. If you don’t have your pictures and other files backed up somewhere else, they will be permanently lost.

If you have an on-line account associated with the device, and you have used that account to back up everything, and you have access to that account, it may provide a way to recover without permanent data loss. Typically this involves connecting the device to a computer, running a program, logging in, resetting the device, then restoring from the backup you hopefully created.

The key is that you still need to back up and to know the credentials to log in to the on line account.

Most computing device problems are software problems. Some problems are easily found and fixed, but in other cases it’s like looking for needles in a haystack in the dark.

Many times the only practical method is to reload the operating system from scratch. This means all installed application software must also be reinstalled.

If you are using Linux, this is probably not an issue, since it is likely you are using all open source applications. They can be downloaded and installed directly from the program repositories using the built-in software manager or appropriate commands.

The same is not true on Windows or MacOS, or your mobile device. You may have downloaded and installed some free programs, but chances are you have purchased others. They may have been downloaded and installed, or on a computer installed from physical installation media such as a CD. Either way, you need to have the installers and the activation keys.

If you have the install media or file but no key, you are out of luck. If you have the key but no actual installer, you are out of luck. If you have purchase records that are only in email or a digital file you can’t access, you are out of luck.

Key point one is that you must have adequate records of all your user accounts, passwords, purchases, and product keys. This means write the information down and keep more than one copy of it in safe places.

Key point two is that you must save installation media or files. You must also do regular backups of any other important files. This means copying them to at least one other place, whether it is another computer, a flash drive, or on-line storage.

If you need assistance in sorting out your records and creating backups, you can call me at 315-376-8879. 

Original newspaper column published January 2019

Facebook ‘Legal Notice’ Privacy Hoax

Facebook can be very useful but it is also a source of misinformation.

There is outright fake news promulgated by people and organizations with an agenda. In other cases it is just incorrect information that is picked up and shared, but it can also be something that was purposely started as a hoax.

The latest hoax, appearing conveniently around the end of the year, is a dire warning that “Everything you’ve ever posted [on Facebook] becomes public from tomorrow” because “Facebook is now a public entity.” The post contains some wording that is supposedly a legal notice you should post to prevent this, citing laws “UCC 1-308- 1 1 308-103 and the Rome Statute.”

Another variation of this hoax starts out with the supposed legal notice and then adds a note that “all members must post a note like this.”

It appears very convincing, particularly in light of recent allegations of less than completely trustworthy behavior on the part of Facebook.

Although this is the first time I have seen it, this is in fact an old hoax, apparently first appearing in 2012.

There was a related hoax that tries to convince users they can (or have to) pay Facebook “to keep the subscription of your status to be set to private.” But supposedly “If you paste the [hoax] message on your page, it will be offered free…” 

Facebook explicitly states “Our terms say clearly: You own all of the content and information you post on Facebook, and you can control how it’s shared through your privacy and application settings. That’s how it works, and this hasn’t changed.”

You can read the entire notice and find out more by going to https://www.facebook.com/fbfacts/1573108242983244.

Social media has made spreading hoaxes and misinformation really easy. Before social media, email was also very effective.

The thing is that the Internet has also made it relatively easy to check on the validity of information. Although we know that there are many sources of “fake news” and others that are heavily slanted in one direction or another, there are certainly enough reputable sources that can debunk outright hoaxes like this one.

Just pick some of the key words or phrases and do a search. In this case if you use the search on “Facebook UCC 1-308- 1 1 308-103 and the Rome Statute” you will get a ton of results including articles from major news outlets.

Speaking of search, you should be careful what search engine you use. Google is the undisputed king of search engines but I try to avoid it because Google tracks everything. I use DuckDuckGo.com because it doesn’t track you personally.

You can set your web browser to use any search engine. The problem is that this setting can also be hijacked without your explicit consent. Your start page and default search provider can be changed to some fake search engine that gives only results they want you to see. This could be to only their advertising partners or worse, to infected web pages.

I see this all the time on computers that come in for service. Please make sure you are using a reputable major search engine when you search.

Call me if you need help. 315-376-8879.

Original newspaper column published January 2019