Saturday, May 16, 2015

Countermeasures Once You Have Been Spoofed

Several months ago, my friend Ken Cope reported that my name was being used on Facebook to sell some horrible weight reduction product. That was weird but I did nothing about it. I now think I know how it happened and I am writing it up so that you can possibly avoid these things.

For a variety of reasons, I run Windows on one of my laptops. This is the device I use to read books in bed and on the train so it needs to have a Kindle reader which means it can not be Linux/Unix but must be Windows or Mac OS. It came installed with Windows 8 which is, IMHO, a disaster but I installed classic menu and tried using some apps from the Microsoft store including a world clock. Well, one of these apps had a virus.

Or possibly the virus came with a plugin for Google Chrome.

In any case, Google Chrome started behaving obnoxiously bring up billions of advertisements, so I reverted to Firefox and the problems mostly went away.

But then all of a sudden when I tried to edit my Kindle parameters, it brought up a window to Amazon but unbeknownst to me it was really a hacked non-Amazon window with a questionnaire. I foolishly filled it out and it contained no information of value. I have no idea what the point of that was. But it was clear to me that somehow my browser had been hacked and that it had whatever my browser knew, which included passwords.

I brainwiped the computer and went and changed all sites that had passwords that the browser on the computer knew. You must never use these passwords again because it now has it in its database and it will make use of them on another account of yours should you reuse it.

Probably you should not have your browser ever remember a password. Once a program is infected, delete it. Once a password is compromised, never use it again. Never load applications from the Microsoft store.

No comments:

Post a Comment