Last year, while flying down to where I was consulting at the time, I found that my business email account had been shut down. I figured that I would find out soon enough what was going on so I didn’t fret all that much about it. Actually, I pretty much was betting I knew what the issue was and my only question was why it took so long.
![Agent [smith]](http://farm3.staticflickr.com/2662/4120185389_9dcbd36b25_m.jpg "Agent [smith]") |
On the previous Sunday I noticed that an inordinate amount of spam was coming back on me via bad email addresses, way more than I’d normally seen. At some point last year I figured that my business email account had been spoofed, which is what they call it when your email address has been somehow taken from your website. I thought it was via some script.
When my email was shut down, it turns out someone had actually hacked my email account, which was set up at my host, and all this time they’d been sending these spam emails through that account. I was slightly stunned because I thought my hosts site was more secure than that, especially since no spam goes out through any of my other email addresses created there, and yet I’d wondered why it was still so strong after more than a year of my removing a script that had caused the original problem for me back in 2006.
I accept the fault for two reasons. One, my belief that my host wouldn’t be hacked for my email when it had been hacked months earlier through two of my blogs. Two, the password I had on that email account wasn’t particularly strong, as I’d set it up almost 9 years ago, and I just never thought about it all that much; idiocy. lol
There are these things we do and don’t do that threaten our online security, and we all need to be smarter about it. We don’t create passwords that are at least a little bit more difficult for a spambot to crack easily. We don’t update our software or our blogs when we’re notified of an update. We don’t check on some of the things we’ve attached ourselves to all that often, thus don’t know what’s being said or what’s going out in our names.
The thing is it’s really easy to protect yourself. For blogs, just update the software when the updates are available. For passwords in general, even if you have problems remembering them longer is better, and having at least one capital letter somewhere in there is even better than just going longer. For instance, you could have the word “invincible” but make the C capital, which suddenly makes it a strong password. Many sites require at least one number; do that as well.
On social media, don’t make all of your usernames and passwords the same on every site. If someone figures out one they’ll have access to everything. Some people will recommend that you change your passwords at least once a year but if you can make it pretty difficult up front, you might not have to do that as often.
One final thing. For any site that has anything to do with your money never save your username and password via the browser. All of us at some point inadvertently end up on a site with malware that’s looking to steal those things, and if you don’t have pretty good software to stop it at least you’ll have protected your most important information.
Think security first online; there’s just too many people looking to hurt you.
Yeah.. I really agree with this post Mitch, as long there are hackers and crackers out there, we cannot lower down our guard. Hope you will never encounter such a problem again.
Same here Edward, although I’m always looking over my metaphorical shoulder…
Hi Mitch,
Sorry that has happened to you. When it comes to hackers, they will always be there. I do change my password on my blog once a month. It is a very long one with symbols and letters and so on.
When it comes to passwords, it is best practice to always make them long and each one needs to be different on each and every account we have out there in internet land. Never use the same one twice.
I also write them down (yes on 20th century index cards) lol and have them on Evernote.
Stay safe out there!
-Donna
You’re a lot better than I am Donna. I have pretty good passwords but there are so many (by last count 10 pages of them) that I just don’t have that kind of time to change them monthly. However, I do listen to my Spidey senses, so if I’m not feeling so secure I’ll change things up here and there.
I totally agree with you, Mitch! And I am sorry that such a situation happened to you. I think everyone should read your story as online security is often unsung. You certainly made many people more aware of the fact how dangerous hackers can be. Thanks for sharing your experience!
Thanks Dorothy. It’s why I put these things out there every once in a while; always trying to be helpful. 😉