Author Topic: Urgent... Please Read  (Read 1508 times)

Offline Paul Marvin

  • obsessive maniac
  • ***
  • Posts: 335
  • Bronze, Silver & Gold Swimming Certificates, WGAS
Urgent... Please Read
« on: June 23, 2021, 04:51:19 pm »
Hi Guys

Anybody that knows Mick Peters AKA Pingu please be aware his email has been hacked and people are posing as him asking for a favour to buy some Google play points for  his nephews birthday PLEASE DO NOT forward anything to them  :furious:

Paul

I dont know where I am going, but will know where I am when I get there.

Offline mch

  • obsessive maniac
  • ***
  • Posts: 418
Re: Urgent... Please Read
« Reply #1 on: June 24, 2021, 09:39:04 am »
Thanks for letting us know about this Paul.

Offline Paul Marvin

  • obsessive maniac
  • ***
  • Posts: 335
  • Bronze, Silver & Gold Swimming Certificates, WGAS
Re: Urgent... Please Read
« Reply #2 on: June 24, 2021, 11:38:40 am »
Thanks for letting us know about this Paul.

I had some VERY believable emails to start with until I twigged , I rang Sinker up and he told me
I dont know where I am going, but will know where I am when I get there.

Offline sinker

  • menacing presence
  • **
  • Posts: 188
  • O-Level woodwork BlockbusterVideo Gold Card
Re: Urgent... Please Read
« Reply #3 on: June 24, 2021, 12:28:39 pm »
Thanks for letting us know about this Paul.

I had some VERY believable emails to start with until I twigged , I rang Sinker up and he told me

Yeah, without going into too much detail, the first email that I received was very convincing.
This hack has been thought about carefully; the hacker used phrases that are quite specifically Pingu; "Greetings chums" etc and making a point of specifically asking about the family, again in a way that only Pingu does.

Strange and worrying  :(

Something for everyone to be aware of.


Ah, well, now, you see...erm...

Online PeteHall

  • Global Moderator
  • forum hero
  • *****
  • Posts: 1837
  • ChCC, WCC, SWCC, WCDG
Re: Urgent... Please Read
« Reply #4 on: June 24, 2021, 01:02:02 pm »
his email has been hacked

Sorry to hear about this. These scams can be very convincing, so it's always important to be vigilante.

That said in 99% of cases, it is a question of someone's email account getting "phished", not hacked. Hacking is the use of computer software to break into an account. Phishing is tricking someone into handing over their login details.

If you want to protect yourself, please do not fall foul to using the wrong language as you will try to protect yourself in the wrong way.

To prevent hacking, use a strong password. This is very hard for someone to crack.

To prevent phishing, be very careful where you type your password in. It is very easy for someone to access your accounts if they have your login details!

Online JoshW

  • junky
  • ****
  • Posts: 753
  • YSS, WSCC, BCA Youth & Development, BCA Group Rep
Re: Urgent... Please Read
« Reply #5 on: June 24, 2021, 01:09:30 pm »
Pete's spot on, most of us just aren't interesting or important enough to warrant being hacked, when it's so much easier to spread a big phishing net and get enough people who aren't careful.

In most cases, they're actually just sending emails from a totally separate email address that looks like the person you know's email address.

Always double check the actual email address is correct and doesn't just say the persons name.
All views are my own and not that of the BCA or any clubs for which I'm a member of.

Online rhychydwr1

  • forum hero
  • *****
  • Posts: 3498
  • The Mayor of Cwm Parc
    • http://www.showcaves.com
Re: Urgent... Please Read
« Reply #6 on: June 24, 2021, 01:18:59 pm »
Also, cover up the camera on your computer.  It will stop a hacking from looking at your keyboard as you type!

Offline SamT

  • Global Moderator
  • forum hero
  • *****
  • Posts: 6462
    • The Eldon Pothole Club
Re: Urgent... Please Read
« Reply #7 on: June 24, 2021, 01:26:53 pm »

If you want to protect yourself, please do not fall foul to using the wrong language as you will try to protect yourself in the wrong way.


Either way though, regardless of how they gained access, a scammer has access to his email account, has read all his emails, learnt his 'style' and is sending out convincing emails from his account. 

Simply getting pingu to change his email account password would stop the scammer from having access to the email account.
Unless its the unlikely situation that he's been truly 'hacked' and the scammer can follow his keystroke/screens and see the new password, but then that would reveal that and he can take the appropriate action

Offline aricooperdavis

  • forum star
  • ****
  • Posts: 569
  • Cornwall to Cumbria
    • Cooper-Davis.net
Re: Urgent... Please Read
« Reply #8 on: June 24, 2021, 02:38:06 pm »
That said in 99% of cases, it is a question of someone's email account getting "phished", not hacked. Hacking is the use of computer software to break into an account. Phishing is tricking someone into handing over their login details.

Whilst pingu himself is unlikely to have been hacked, it's becoming increasingly common that another service that he uses has been and he used the same password for his email account.

So it's not just a case of choosing a strong password, but choosing a different strong password for every service that you use. This is practically impossible to remember yourself, so a password manager like Bitwarden is the way to go.

Online AR

  • Black shadow
  • forum hero
  • *****
  • Posts: 1493
  • PDMHS, ATAC, ANHMS
Re: Urgent... Please Read
« Reply #9 on: June 24, 2021, 02:51:38 pm »

In most cases, they're actually just sending emails from a totally separate email address that looks like the person you know's email address.


I've had a few phish attempts recently, but they fell at the first hurdle by the phisher trying to impersonate someone who would not be emailing me, on account of being dead... :furious:
Dirty old mines need love too....

Online pwhole

  • forum hero
  • *****
  • Posts: 2882
  • TSG, DCA, PDMHS
    • Phil Wolstenholme website
Re: Urgent... Please Read
« Reply #10 on: June 24, 2021, 02:57:32 pm »
I guess that could be termed 'tea-leafing' rather than phishing? :)

Online paul

  • Global Moderator
  • forum hero
  • *****
  • Posts: 4637
  • Orpheus CC, NPC
    • Orpheus Caving Club
Re: Urgent... Please Read
« Reply #11 on: June 24, 2021, 03:57:05 pm »

If you want to protect yourself, please do not fall foul to using the wrong language as you will try to protect yourself in the wrong way.


Either way though, regardless of how they gained access, a scammer has access to his email account, has read all his emails, learnt his 'style' and is sending out convincing emails from his account. 

Most people don't realise just how important their email password is.

Once you have someone's email password, if you have a reasonably good guess of their user IDs (often the email address itself), you simply go to a website logon page (including many Bank websites) and click on the "I've forgotten my password" checkbox or link and they will email it to you - and as the hacker has your email password so they can check your emails for the password which was just sent...
I'm not a complete idiot: some parts are missing!

Online Speleofish

  • stalker
  • ***
  • Posts: 291
Re: Urgent... Please Read
« Reply #12 on: June 24, 2021, 04:32:12 pm »
I don't know anything about password managers like bitwarden. Are they any better/more secure than my mac's offerings of strong passwords? How easy are they to hack?

Online pwhole

  • forum hero
  • *****
  • Posts: 2882
  • TSG, DCA, PDMHS
    • Phil Wolstenholme website
Re: Urgent... Please Read
« Reply #13 on: June 24, 2021, 04:53:38 pm »
I think the general idea with password managers is that they have one monster password string that is more or less 'uncrackable' (and completely unmemorable!), so you just enter that and the rest are all stored internally and entered for you automatically when you visit a site. But I think you can set up a memorable long string that's then converted into the hash string. So: 'My favourite team is Manchester City' ends up as: '3H2R7937**&"£Z&%*@REKE-023K0590PS{SKEWYH?', and that's what actually entered as the password.

Personally I prefer to keep them on my machine and try to keep them as safe as possible - for now. I can remember about 15 of the regular ones though, just through sheer repetition.

Offline Paul Marvin

  • obsessive maniac
  • ***
  • Posts: 335
  • Bronze, Silver & Gold Swimming Certificates, WGAS
Re: Urgent... Please Read
« Reply #14 on: June 24, 2021, 05:37:58 pm »
Also, cover up the camera on your computer.  It will stop a hacking from looking at your keyboard as you type!


Yes you dont want somebody watching what you may be doing  :lol: :'(
I dont know where I am going, but will know where I am when I get there.

Online PeteHall

  • Global Moderator
  • forum hero
  • *****
  • Posts: 1837
  • ChCC, WCC, SWCC, WCDG
Re: Urgent... Please Read
« Reply #15 on: June 24, 2021, 05:40:35 pm »
They reckon that stringing three random words together makes a pretty tough password, even without random special characters. There are various websites where you can test it out, but I am always wary of typing my password into a random website to test the strength, in caser they are harvesting it...

I have a bookshelf above my desk, so I often just go for three consecutive words reading across the shelf. I can always glance up and remind myself of what I've used, but there is no other connection for a hacker.

Offline Paul Marvin

  • obsessive maniac
  • ***
  • Posts: 335
  • Bronze, Silver & Gold Swimming Certificates, WGAS
Re: Urgent... Please Read
« Reply #16 on: June 24, 2021, 05:40:59 pm »
Some of the better internet security covers emails I changed all my passwords yesterday after the spam email came . No fear with ebay for some reason they lock me out about once a month and I have to change it. Although its harder and harder these days I do VERY little internet banking
I dont know where I am going, but will know where I am when I get there.

Offline Paul Marvin

  • obsessive maniac
  • ***
  • Posts: 335
  • Bronze, Silver & Gold Swimming Certificates, WGAS
Re: Urgent... Please Read
« Reply #17 on: June 24, 2021, 05:44:36 pm »
They reckon that stringing three random words together makes a pretty tough password, even without random special characters. There are various websites where you can test it out, but I am always wary of typing my password into a random website to test the strength, in caser they are harvesting it...

I have a bookshelf above my desk, so I often just go for three consecutive words reading across the shelf. I can always glance up and remind myself of what I've used, but there is no other connection for a hacker.

Do like David Bowie used to do in his spaced out ziggy stardust era  :alien: he use to cut letters out of magazines and toss them up in the air and make up bizarre words, he said on a documentary I saw about him. Mind you listen to the lyrics in some of his early stuff    :blink:
I dont know where I am going, but will know where I am when I get there.

Offline Paul Marvin

  • obsessive maniac
  • ***
  • Posts: 335
  • Bronze, Silver & Gold Swimming Certificates, WGAS
Re: Urgent... Please Read
« Reply #18 on: June 24, 2021, 05:46:32 pm »

In most cases, they're actually just sending emails from a totally separate email address that looks like the person you know's email address.


I've had a few phish attempts recently, but they fell at the first hurdle by the phisher trying to impersonate someone who would not be emailing me, on account of being dead... :furious:

Yes I have those as well from people that have died .
I dont know where I am going, but will know where I am when I get there.

Online JoshW

  • junky
  • ****
  • Posts: 753
  • YSS, WSCC, BCA Youth & Development, BCA Group Rep
Re: Urgent... Please Read
« Reply #19 on: June 24, 2021, 05:51:51 pm »
I don't know anything about password managers like bitwarden. Are they any better/more secure than my mac's offerings of strong passwords? How easy are they to hack?

the mac's offering is a password manager in itself, and does a very sound job of it.

If I didn't have to mix and match being on windows and macs I'd use all their secure passwords, instead I end up resorting to similar passwords all the time.
All views are my own and not that of the BCA or any clubs for which I'm a member of.

Online ChrisJC

  • Funky
  • forum hero
  • *****
  • Posts: 1568
    • http://www.cowdery.org.uk
Re: Urgent... Please Read
« Reply #20 on: June 24, 2021, 10:05:35 pm »
I find it ironic when a website demands a password with all sorts of special characters and numbers and upper case letters etc. The rules reduce the total number of available passwords, and mean that I have to write them all down (thus reducing their security!!)

But I suspect the instigator of the rules hasn't thought too hard about the consequences...

Chris.
--
http://www.cowdery.org.uk
Mines, caves,
Land Rovers

Offline 2xw

  • junky
  • ****
  • Posts: 757
  • YUCPC, SUSS
Re: Urgent... Please Read
« Reply #21 on: June 24, 2021, 10:20:44 pm »
I find it ironic when a website demands a password with all sorts of special characters and numbers and upper case letters etc. The rules reduce the total number of available passwords, and mean that I have to write them all down (thus reducing their security!!)

But I suspect the instigator of the rules hasn't thought too hard about the consequences...

Chris.

There are still something like 3 x 10^15 (3 quadrillion) unique combinations so I think forcing folks to have a more secure password at the expense of each person on the planet only being able have 375,000 unique passwords each is a worthwhile tradeoff :D

Offline andrewmc

  • BCA ind. rep.
  • forum hero
  • *****
  • Posts: 1060
  • EUSS, BEC, YSS, SWCC...
Re: Urgent... Please Read
« Reply #22 on: June 24, 2021, 11:13:55 pm »
The idea that you shouldn't write down passwords is, in this day and age, entirely wrong. Also, the actual strength of the password really isn't that important - in most cases it's not worth the effort of guessing passwords even if there's been a breach of password hashes (providing they've been properly salted).

Think of them as keys to your house. Some only open the letterbox (UKCaving). Some open the front door (banks, email). The important thing is that they are *different keys*.

Don't use the same password twice! Since humans can't do that, use a password manager or write them down.

Offline Paul Marvin

  • obsessive maniac
  • ***
  • Posts: 335
  • Bronze, Silver & Gold Swimming Certificates, WGAS
Re: Urgent... Please Read
« Reply #23 on: June 25, 2021, 08:21:34 am »
What I find funny is all the different combinations of letters sybles upper case lower case that one uses for a password then the computer to say its " medium " strength, then a bank card has just four digits   at the atm machine :-\
I dont know where I am going, but will know where I am when I get there.

Offline SamT

  • Global Moderator
  • forum hero
  • *****
  • Posts: 6462
    • The Eldon Pothole Club
Re: Urgent... Please Read
« Reply #24 on: June 25, 2021, 09:34:38 am »
mean that I have to write them all down (thus reducing their security!!)

I personally, actually think writing them down is not necessarily that insecure these days.. It would take someone to actually break in, find your little black book, know what to do with it, and have the wherewithal to go away and cook up some scheme to defraud you.

Chances are anyone physically breaking in to your home is just after grabbing a few valuables to go and sell quickly and they only have the wherewithal to cook up some meth.

I'd say there is probably a great chance of a Korean student hacker, or the Russian mafia targeting something like Lastpass and gaining access to all the passwords stored online, or stored in your browser, (something in never do, i.e. store password for next time on websites etc).


 

Main Menu

Forum Home Help Search
SimplePortal 2.3.5 © 2008-2012, SimplePortal