[Wswss] [Sbms] good evening & Re: hey

Dennis Kidder w6dq at att.net
Mon Mar 25 19:28:38 EDT 2013 

Walt,

Unfortunately, this has become quite commonplace these days.  And I am 
compelled to write this email as there is a great deal of misinformation 
about what is actually going on.

Typically, it is someone who has had their email account password 
compromised, usually because of inadequate password strength.  The 
hackers use a "brute force" attack to obtain passwords that are common 
words or names.  In this particular case, our alleged perpetrator, 
stuart73, has had his account at AOL cracked.  What is quite alarming is 
that the tools that are used to execute these attacks are readily 
available on the Web!  And some are so simple to use it is downright 
frightening.  If stuart73 is reading this, he should be paying attention 
to the following discussion!

In order to keep your own accounts from being cracked in a similar 
fashion (yahoo, gmail, aol, etc) it is necessary to have a very strong 
password that will resist the brute force attacks.  Mixing characters -- 
numbers, punctuation, lower and upper case -- is one way.  A good way to 
come up with a strong password is to use a phrase well known to you.  
The phrase should consist of at least 8 to 10 words. Take the first 
letter of each word in the phrase as the basis for your password.  Now, 
you can change case, substitute numbers or punctuation (e.g.: "3" for 
"E", or "!" or "1" for an "I") and the resulting password becomes quite 
strong and will resist some very sophisticated attacks.  It is also a 
good idea to regularly change your passwords.  Equally important is to 
use different passwords with different accounts.  Yes, this can be a 
real bother if you have a lot of accounts, but if you want to protect 
your personal/private information, well ....

When you receive an email like this, the best thing to do is to delete 
it.  However, since I have spent many years in computer security, I tend 
to have an interest in what the actual link is and what it might be 
doing.  Not for the faint of heart, we set up machines for the sole 
purpose of capturing and analyzing malware. But that is beyond the scope 
of this email ...

Never, under any circumstances should you click on one of these links 
that you receive.  There is no telling what damage may result!  Pay 
attention to the link's URL ... and be aware that the link itself may be 
hypertext and masking the REAL URL!  In most mailers, passing your mouse 
over the top of the link (without clicking it!!!)  will display the real 
link in the status line at the bottom of the window.  If you receive 
something like this from a friend or colleague and question its 
veracity, send a reply to the sender asking if they sent it.  If it was 
intentional, you'll know.   If it wasn't, they'll know their account has 
been compromised.  Win-win.

These days it is important to be aware of the techniques used by hackers 
to obtain your private information!!

Thar be Dragons out there!!!

YMMV!

73,

-dennis W6DQ
Fullerton CA

On 3/25/2013 2:17 PM, Walter Clark wrote:
>     Who are you Stuart?
>     How do we know this link isn't microwave porno like that stuff Rhode
>     and Schwarz brought to our meeting once.
>     I'd suggest no one look at this until we find out who StuartL73 is.
>     Rein. Can you ban this guy. At the bottom we see that he is some kind
>     of radical Republican or something.
>
> [DEL: [1]http://www.actolatino.com/includes/newversion.php?qomhqagnlq711fx :DEL]
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> ______________________
> You open that scab, there's a hell of a lot of things... This involves these Cub
> ans, Hunt, and a lot of hanky-panky that we have nothing to do with... -- Richar
> d Milhouse Nixon
> _______________________________________________
> Sbms mailing list
> [2]Sbms at lists.altadena.net
> [3]http://lists.altadena.net/mailman/listinfo/sbms
>
> References
>
>     1. http://www.actolatino.com/includes/newversion.php?qomhqagnlq711fx
>     2. mailto:Sbms at lists.altadena.net
>     3. http://lists.altadena.net/mailman/listinfo/sbms
> _______________________________________________
> Sbms mailing list
> Sbms at lists.altadena.net
> http://lists.altadena.net/mailman/listinfo/sbms
>

More information about the Wswss mailing list