Cheshire Cat's Grin

Hacked Off

It would have been nice to have some kind of warning about the extent of the damage done by the hacker.

It would have been nice to have some kind of warning about the extent of the damage done by the hacker.

Last spring my Yahoo email account was hacked. My first clue was when many of my friends and family informed me they received a strange email from me. “Are you OK? Please tell me you’re not really stranded in the Philippines,” inquired one concerned friend.

Right away I put out a Facebook message asking everyone to disregard the spammer’s request for money. I changed my password and thought that was the end of it. But a few people reported they were also getting spam from me coming from an @live.com address. Those complaints subsided quickly and I forgot about it.

The next time I checked my email, I noticed another problem. Not only did the hacker hijack my account to send out spam, the bastard had also deleted the contents of my inbox, my outbox, and all my contacts. The contacts were the most frustrating thing to lose, because I had spent years building my database, including addresses and phone numbers of many people I only contact a couple of times a year, such as when I send out Christmas cards.

Although I felt the deletions were malicious, I shrugged my shoulders and moved on. I knew when and how the hack occurred, and suffered embarrassment at the thought that I had been duped. Live and learn was my philosophy.

It happened when a pop-up box appeared while I was logged into Yahoo. The box had the Yahoo logo and a message stating they needed me to update my information, which included name, address, and password.  I would not have entered the information if the Yahoo logo hadn’t been there. Now I know any legitimate request from Yahoo would be input into a secure (https://) site.

After all this time I recently learned the hack was even more damaging than originally thought. Last month I submitted a guest blog to Somewhere in the City (SitC), with hopes of getting it published in advance of my friend’s events it was promoting. Over the next two weeks I became increasingly frustrated as I was not getting any email response to my submission. Paranoia crept in as I began to wonder if my article was good enough to be published. I had reached out to the SitC folks via Facebook, only to receive the vexingly cryptic comment, “Check your email.”

Then a friend asked me if I received her reply to my email. I had not, so I asked her to double check the email address in her outbox. She had used the reply button, but on creating the reply, my email address was converted to @live.com instead of @yahoo.com.

That’s when it dawned on me – the hacker had somehow created an @live.com account using my information, and set it up to reroute replies meant for me to that address. Emails initiated by others still reach me, but replies to my emails do not.

I wish I could use these buttons to clobber the malicious hacker who destroyed unknown opportunities.

I wish I could use these buttons to clobber the malicious hacker who destroyed unknown opportunities.

I thought about all the resumes and job inquiries I had sent out this spring and summer. I had only received three responses, all via phone. The lack of responses made me feel like a complete failure. But what if more potential employers responded through email? I would never have received their emails, and they would have written me off as just another flake.

Fortunately, after I realized what had happened, I was able to correct the misunderstanding with the folks at SitC. Then I created a Gmail account and began letting people know to use it as my primary email. Eventually, I want to phase out Yahoo mail altogether, but first I have to identify all the businesses using my Yahoo email and update my information with them.

I will never know how many opportunities I may have missed because of the hacker. That’s what infuriates me the most. There was no reason to intercept my email replies other than pure maliciousness.

Don’t make the same mistake I did, or you, too, will be hacked off.

Tagged on: , , , ,

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>