Urgent... Please Read

Paul Marvin

Member
Hi Guys

Anybody that knows Mick Peters AKA Pingu please be aware his email has been hacked and people are posing as him asking for a favour to buy some Google play points for  his nephews birthday PLEASE DO NOT forward anything to them  :mad:

Paul

 

sinker

New member
Paul Marvin said:
mch said:
Thanks for letting us know about this Paul.

I had some VERY believable emails to start with until I twigged , I rang Sinker up and he told me

Yeah, without going into too much detail, the first email that I received was very convincing.
This hack has been thought about carefully; the hacker used phrases that are quite specifically Pingu; "Greetings chums" etc and making a point of specifically asking about the family, again in a way that only Pingu does.

Strange and worrying  :(

Something for everyone to be aware of.


 

PeteHall

Moderator
Paul Marvin said:
his email has been hacked

Sorry to hear about this. These scams can be very convincing, so it's always important to be vigilante.

That said in 99% of cases, it is a question of someone's email account getting "phished", not hacked. Hacking is the use of computer software to break into an account. Phishing is tricking someone into handing over their login details.

If you want to protect yourself, please do not fall foul to using the wrong language as you will try to protect yourself in the wrong way.

To prevent hacking, use a strong password. This is very hard for someone to crack.

To prevent phishing, be very careful where you type your password in. It is very easy for someone to access your accounts if they have your login details!
 

JoshW

Well-known member
Pete's spot on, most of us just aren't interesting or important enough to warrant being hacked, when it's so much easier to spread a big phishing net and get enough people who aren't careful.

In most cases, they're actually just sending emails from a totally separate email address that looks like the person you know's email address.

Always double check the actual email address is correct and doesn't just say the persons name.
 

rhychydwr1

Active member
Also, cover up the camera on your computer.  It will stop a hacking from looking at your keyboard as you type!
 

SamT

Moderator
PeteHall said:
If you want to protect yourself, please do not fall foul to using the wrong language as you will try to protect yourself in the wrong way.

Either way though, regardless of how they gained access, a scammer has access to his email account, has read all his emails, learnt his 'style' and is sending out convincing emails from his account. 

Simply getting pingu to change his email account password would stop the scammer from having access to the email account.
Unless its the unlikely situation that he's been truly 'hacked' and the scammer can follow his keystroke/screens and see the new password, but then that would reveal that and he can take the appropriate action
 

aricooperdavis

Moderator
PeteHall said:
That said in 99% of cases, it is a question of someone's email account getting "phished", not hacked. Hacking is the use of computer software to break into an account. Phishing is tricking someone into handing over their login details.

Whilst pingu himself is unlikely to have been hacked, it's becoming increasingly common that another service that he uses has been and he used the same password for his email account.

So it's not just a case of choosing a strong password, but choosing a different strong password for every service that you use. This is practically impossible to remember yourself, so a password manager like Bitwarden is the way to go.
 

AR

Well-known member
JoshW said:
In most cases, they're actually just sending emails from a totally separate email address that looks like the person you know's email address.

I've had a few phish attempts recently, but they fell at the first hurdle by the phisher trying to impersonate someone who would not be emailing me, on account of being dead... :mad:
 

paul

Moderator
SamT said:
PeteHall said:
If you want to protect yourself, please do not fall foul to using the wrong language as you will try to protect yourself in the wrong way.

Either way though, regardless of how they gained access, a scammer has access to his email account, has read all his emails, learnt his 'style' and is sending out convincing emails from his account. 

Most people don't realise just how important their email password is.

Once you have someone's email password, if you have a reasonably good guess of their user IDs (often the email address itself), you simply go to a website logon page (including many Bank websites) and click on the "I've forgotten my password" checkbox or link and they will email it to you - and as the hacker has your email password so they can check your emails for the password which was just sent...
 

Speleofish

Active member
I don't know anything about password managers like bitwarden. Are they any better/more secure than my mac's offerings of strong passwords? How easy are they to hack?
 

pwhole

Well-known member
I think the general idea with password managers is that they have one monster password string that is more or less 'uncrackable' (and completely unmemorable!), so you just enter that and the rest are all stored internally and entered for you automatically when you visit a site. But I think you can set up a memorable long string that's then converted into the hash string. So: 'My favourite team is Manchester City' ends up as: '3H2R7937**&"?Z&%*@REKE-023K0590PS{SKEWYH?', and that's what actually entered as the password.

Personally I prefer to keep them on my machine and try to keep them as safe as possible - for now. I can remember about 15 of the regular ones though, just through sheer repetition.
 

PeteHall

Moderator
They reckon that stringing three random words together makes a pretty tough password, even without random special characters. There are various websites where you can test it out, but I am always wary of typing my password into a random website to test the strength, in caser they are harvesting it...

I have a bookshelf above my desk, so I often just go for three consecutive words reading across the shelf. I can always glance up and remind myself of what I've used, but there is no other connection for a hacker.
 

Paul Marvin

Member
Some of the better internet security covers emails I changed all my passwords yesterday after the spam email came . No fear with ebay for some reason they lock me out about once a month and I have to change it. Although its harder and harder these days I do VERY little internet banking
 

Paul Marvin

Member
PeteHall said:
They reckon that stringing three random words together makes a pretty tough password, even without random special characters. There are various websites where you can test it out, but I am always wary of typing my password into a random website to test the strength, in caser they are harvesting it...

I have a bookshelf above my desk, so I often just go for three consecutive words reading across the shelf. I can always glance up and remind myself of what I've used, but there is no other connection for a hacker.

Do like David Bowie used to do in his spaced out ziggy stardust era  :alien: he use to cut letters out of magazines and toss them up in the air and make up bizarre words, he said on a documentary I saw about him. Mind you listen to the lyrics in some of his early stuff    :blink:
 

Paul Marvin

Member
AR said:
JoshW said:
In most cases, they're actually just sending emails from a totally separate email address that looks like the person you know's email address.

I've had a few phish attempts recently, but they fell at the first hurdle by the phisher trying to impersonate someone who would not be emailing me, on account of being dead... :mad:

Yes I have those as well from people that have died .
 

JoshW

Well-known member
Speleofish said:
I don't know anything about password managers like bitwarden. Are they any better/more secure than my mac's offerings of strong passwords? How easy are they to hack?

the mac's offering is a password manager in itself, and does a very sound job of it.

If I didn't have to mix and match being on windows and macs I'd use all their secure passwords, instead I end up resorting to similar passwords all the time.
 
Top