Our email was hacked!

Joined
May 5, 2005
Messages
24,242
Location
SW Virginia
I got two spurious text messages on my cell phone yesterday. Should I be concerned?

This is a general question, unrelated to Karen's problem...just asking for information.
 
Joined
Sep 13, 2007
Messages
19,567
Location
Northern VA suburb of Washington, DC
We don't have internet stores keep our credit card numbers on file

I don't think it's possible to eliminate those even for the stores that indicate they don't have our information on file if they ever had it on file. I've had a couple stores insist that they don't have my credit card on file and then the next time I checked on that by pretending to check out, sure enough they still had it on file.
 

Butlerkid

Cafe Ambassador
Administrator
Joined
Apr 8, 2008
Messages
23,522
Location
Rutledge, Tennessee
Real Name
Karen
I have now noticed that all new emails are NOT going to the Inbox. There is a new folder with just an apostrophe as the title.

Is this really bad? How do I get the emails to go to the Inbox?
 
Joined
Oct 15, 2008
Messages
2,482
Location
GA
I have now noticed that all new emails are NOT going to the Inbox. There is a new folder with just an apostrophe as the title.

Is this really bad? How do I get the emails to go to the Inbox?
You may have to look at any folder/email rules to see if something was created. However, getting rid of a folder should cause any rule to break and not execute and would put them back into the inbox. If you haven't yet, you definitely need to change your password and make sure it is a strong/uncommon one, make sure you can log out any other sessions currently logged in (not sure if your provider offers this but they should) and check for any inbox rules.
 
Joined
Oct 15, 2008
Messages
2,482
Location
GA
I don't think it's possible to eliminate those even for the stores that indicate they don't have our information on file if they ever had it on file. I've had a couple stores insist that they don't have my credit card on file and then the next time I checked on that by pretending to check out, sure enough they still had it on file.
Was this a payment option being stored when you check out like how Amazon does it (i.e. select your address, select your payment option, buy) or was it the browser auto-complete where if you've stored your credit card info in say Chrome when it sees a credit card payment form it'll auto complete the fields for you? I ask because these are 2 different scenarios where one is on the company and one is on you.

Any company you do business with where you create an account and store personal data on their servers HAS to give you the option to remove it. Sometimes this requires you to delete your account though so be prepared for that. Otherwise, i'd be very skeptical of a website that says they don't store your CC info but yet displays it upon checkout. I'd be curious who this is because fly-by-day sites don't care, well established ones are much more cautious about this nowadays.

<--works in web development in ecommerce
 
Joined
Jan 12, 2018
Messages
856
Location
Puget Sound
Real Name
Ken
I have now noticed that all new emails are NOT going to the Inbox. There is a new folder with just an apostrophe as the title.

Is this really bad? How do I get the emails to go to the Inbox?
The new folder is a bit concerning. I am wondering if they may have created a forwarding rule as well. Changing your password would not stop this behavior. You might want to dig into all of your settings to see if they tinkered while they had access.

--Ken
 

Butlerkid

Cafe Ambassador
Administrator
Joined
Apr 8, 2008
Messages
23,522
Location
Rutledge, Tennessee
Real Name
Karen
There were no forwarding instructions, but I did find this in the Rules. I turned it off! After you guys see it, I will delete it!

1617910765745.png
Subscribe to see EXIF info for this image (if available)
 

Butlerkid

Cafe Ambassador
Administrator
Joined
Apr 8, 2008
Messages
23,522
Location
Rutledge, Tennessee
Real Name
Karen
Was this a payment option being stored when you check out like how Amazon does it (i.e. select your address, select your payment option, buy) or was it the browser auto-complete where if you've stored your credit card info in say Chrome when it sees a credit card payment form it'll auto complete the fields for you? I ask because these are 2 different scenarios where one is on the company and one is on you.

Any company you do business with where you create an account and store personal data on their servers HAS to give you the option to remove it. Sometimes this requires you to delete your account though so be prepared for that. Otherwise, i'd be very skeptical of a website that says they don't store your CC info but yet displays it upon checkout. I'd be curious who this is because fly-by-day sites don't care, well established ones are much more cautious about this nowadays.

<--works in web development in ecommerce
I refuse to allow the browser to store credit card info! Not sure what specific payment option you are referring to in your response to Mike.
 
Joined
Jan 12, 2018
Messages
856
Location
Puget Sound
Real Name
Ken
There were no forwarding instructions, but I did find this in the Rules. I turned it off! After you guys see it, I will delete it!

View attachment 1681844
A redirect is a forward, so it is good that you turned it off. You could report this address to Google, but I suspect that they may have moved on. so whatever messages that you found in that folder have most likely been seen by the hacker.

And if you had a really wicked sense of humor, you could forward a message to that address stating that they found out who the hacker was and they will be taking action soon. That might get their attention. But then again, I do not joke around when things like this happen. It only invites more possible action.

Good luck,

--Ken
 
Joined
Jan 12, 2018
Messages
856
Location
Puget Sound
Real Name
Ken
I refuse to allow the browser to store credit card info! Not sure what specific payment option you are referring to in your response to Mike.
I was at a credit union conference where we had a presentation from an IT security consultant. He showed us just how much information the Autofill feature captures over time, and how easy it is for somebody to capture that information if they were unethical. In short, they can hide fields on a web page like credit card number and CCV code and when you hit Autofill in your browser, that information get filled in as well as the fields you see. He did a live demonstration of how that information is captured and then used. TL;DR - never use Autofill and never let it gather any data.

--Ken
 
Joined
Mar 25, 2011
Messages
3,145
Location
London
I was at a credit union conference where we had a presentation from an IT security consultant. He showed us just how much information the Autofill feature captures over time, and how easy it is for somebody to capture that information if they were unethical. In short, they can hide fields on a web page like credit card number and CCV code and when you hit Autofill in your browser, that information get filled in as well as the fields you see. He did a live demonstration of how that information is captured and then used. TL;DR - never use Autofill and never let it gather any data.

--Ken
Yes, there are ways to capture this.
That’s why I recommend single use virtual Credit Cards.
 

Butlerkid

Cafe Ambassador
Administrator
Joined
Apr 8, 2008
Messages
23,522
Location
Rutledge, Tennessee
Real Name
Karen
I was at a credit union conference where we had a presentation from an IT security consultant. He showed us just how much information the Autofill feature captures over time, and how easy it is for somebody to capture that information if they were unethical. In short, they can hide fields on a web page like credit card number and CCV code and when you hit Autofill in your browser, that information get filled in as well as the fields you see. He did a live demonstration of how that information is captured and then used. TL;DR - never use Autofill and never let it gather any data.

--Ken
I don't use Auto fill. And I don't "synch" the email with any other emails or accounts. I tend to leave everything on "manual"..... LOL!
 
Joined
Oct 15, 2008
Messages
2,482
Location
GA
I refuse to allow the browser to store credit card info! Not sure what specific payment option you are referring to in your response to Mike.
One is where you store your payment option on the site and the other is browser stored. Think about your utilities if you do auto pay. They store that info but they have to give you the option to remove it.

Another thing to consider is to make sure you're using credit cards and not debit cards. Ccs you're not on the hook for if something goes wrong. Debits you are. If you shouldn't do anything it would be to give anyone direct access to your bank account.
 
Joined
Oct 15, 2008
Messages
2,482
Location
GA
I was at a credit union conference where we had a presentation from an IT security consultant. He showed us just how much information the Autofill feature captures over time, and how easy it is for somebody to capture that information if they were unethical. In short, they can hide fields on a web page like credit card number and CCV code and when you hit Autofill in your browser, that information get filled in as well as the fields you see. He did a live demonstration of how that information is captured and then used. TL;DR - never use Autofill and never let it gather any data.

--Ken
This is very true and very easy to set up. The other side of this is don't buy things from non-trusted sites or ones that have a good reputation for online sales. The risk is minimal if you keep that in mind. If you want to get adventurous then do tokenized payments like Google and apple pay but I'd just steer clear of questionable sites overall.
 

Butlerkid

Cafe Ambassador
Administrator
Joined
Apr 8, 2008
Messages
23,522
Location
Rutledge, Tennessee
Real Name
Karen
One is where you store your payment option on the site and the other is browser stored. Think about your utilities if you do auto pay. They store that info but they have to give you the option to remove it.

Another thing to consider is to make sure you're using credit cards and not debit cards. Ccs you're not on the hook for if something goes wrong. Debits you are. If you shouldn't do anything it would be to give anyone direct access to your bank account.
My browser does not have Credit card numbers. And we never use Debit cards..for anything. Any on line store that has a credit card also requires a pw that is different from all my other passwords.
 
Joined
Jan 12, 2018
Messages
856
Location
Puget Sound
Real Name
Ken
Yes, there are ways to capture this.
That’s why I recommend single use virtual Credit Cards.
I had a close friend who had this service through BofA, but I believe they eventually phased it out. I don't see that many financial institutions offering it in the US. It is a shame as you would think it would cut down on losses.

--Ken
 
Joined
Mar 25, 2011
Messages
3,145
Location
London
I had a close friend who had this service through BofA, but I believe they eventually phased it out. I don't see that many financial institutions offering it in the US. It is a shame as you would think it would cut down on losses.

--Ken
Oh that’s a shame, the online banks in the EU and UK offer that.
My traditional brick and mortars do not.
 
Joined
Jan 12, 2018
Messages
856
Location
Puget Sound
Real Name
Ken
Oh that’s a shame, the online banks in the EU and UK offer that.
My traditional brick and mortars do not.
There is Apple Pay, but that is not the same. I suspect that some banks must still offer it, but I have not searched them out.

--Ken
 
Links on this page may be to our affiliates. Sales through affiliate links may benefit this site.
Nikon Cafe is a fan site and not associated with Nikon Corporation.
Forum post reactions by Twemoji: https://github.com/twitter/twemoji
Forum GIFs powered by GIPHY: https://giphy.com/
Copyright © Amin Forums, LLC
Top Bottom