HackerPocalypse 2011 - The Lesson

If you would like to start this journey with me by reading part one, HackerPocalypse 2011 - The Story, please feel free.So yesterday, I told you the emotional parts, the sadness and sorrow of the losing 10+ years of email and memories. Today I am going to talk technical. If this has happened to you, here are the things you need to know.First of all, though I am a very savvy web person, I think I was the victim of a spam email. It looked like it was coming from Google. It was identical to their emails. It was about security. They didn't ask for my username and password, just told me about some security features. I checked the reply to address and it looked right. I clicked on the link in the email and it took me to (what looked exactly like) a Google page. It asked me to login to my email and then said I had updated my security settings.Looked totally legit but I think that is the only possible way they got my login information.I jumped out of bed when I was made aware about the situation (more on that here) and took action immediately. When I couldn't login to my account, I contacted Google and reported it. This caused the hackers to not be able to log back in. It is important to read ALL the steps first and try to follow them in order because you may give the hackers a chance to hack again if you don't. Many of these steps may only be Gmail centric since I am not familiar with other programs.

  1. Contact Gmail or your email provider. Get passwords reset and changed. Make it clear that you do not have access and believe you were hacked. The hackers set up my fail safes (security question, default phone number to text password to, and secondary email account) to their information.
  2. Once you gain access, in Gmail there is a little button on the very bottom right of the page. It says this:
    Last account activity: 10 minutes agoDetails
    1. The "Details" is the button. Press that and a record of where you are logging in comes up. Chances are, they are using something to cloak their location. Don't try to catch them here. Just press: This account does not seem to be open in any other location. However, there may be sessions that have not been signed out. Log out from all other sessions. This will force the hackers out if they are still in your account.
  3. The next step is to go to the mail settings. Press the button for Forwarding and POP/IMAP. Most likely they created a new reply to address. It should look a lot like your real address but be on ymail, hotmail, etc. I think they choose ymail since if you are reading fast, it looks like gmail.
    1. IMMEDIATELY disable the forwarding. They set it to forward all incoming mail and delete them from your inbox. Save changes at the bottom.
  4. Now that you have kicked them out of your email, let's do some damage control. Look in the trash folder for all your email that was dumped. I am pretty sure they have written a program to dump all into the trash.
  5. Find the emails they sent to your contacts. They "bcc'd" everyone but you can still see the names. DO NOT USE YOUR CONTACT BOOK YET. Copy and paste those names into an email and let everyone know you are not in Madrid or London, you have not been held up at gun point, and it's your call if you want to tell them to send you money or not... ;)
  6. Once you have sent those, it's time to recover email. In the trash, press the check box at the top of the navigation, you know, so it selects all. Once all 100 emails in the trash are selected, a little piece becomes highlighted under the navigation. It says, All 100 conversations on this page are selected. Select all xxx conversations in Trash. The second part of this is a link. If you click it, you will select all emails in the trash. I highly suggest just doing that to save your emails. I could not save mine, please save yours!
  7. Click the Move To button and move them all to your inbox. If you have utilized filters/folders, you can easily archive those back. You will have to trash some and save others. This will be, most likely, tedious but better than losing everything like me!
  8. You can do all that later, it will take time. For now, you are good. We have more to do.
  9. Be sure you change ALL of your passwords. Do not make them all the same. Sorry, it's for your own good. Change characters, change numbers, change cases... make them different! In my case, they had logged onto my Facebook so I knew they had more information.
    1. Make it a little complicated to be safe. Like your password could be HacKersSucK'2011 or hackersSUCK_2011 or hackerSuck/2011 or hacker$$uck'1969 ... lots of options to use random characters. Get creative but jot it down in a safe, non-web, place.
  10. Now, here is where they really get nasty. Remember in number 5 when I said not to use your contact book yet? Yeah, well there was a good reason. I didn't notice this until 7 or 8 hours into the clean up of my mess. Those jerks messed up my contact list! They used a program to add the tiny word "in" after every email address... all 500 of them! Had I not used the "copy from the BCC" method, I would have sent a bunch of emails and gotten them all bounced back. This is why my instructions to you are important and purposeful.
    1. Gmail has a nice feature where you can restore you contacts to a previous point. I restored mine to the night before the hacking and voila! All fixed. Easy enough but not top priority when you get hacked.
    2. P.S. What I mean by the word "in" appended to your emails, all my contacts looked like this: SuzyQin@blankmail.com when her real email would have been SuzyQ@blankmail.com. Devilish suckers, huh?

I hope this hard earned education of mine is helpful to people out there. Please, leave me a comment and tell me if this information helped you out of a hacking situation. I just think these people are the lowest of the low. Fine, email our friends, they aren't stupid enough to think we went on a surprise vacation to Madrid but to systematically destroy our electronic storage? Unconscionable. So inhumane and truly shows people with a lack of morals and care for anyone but themselves.If you haven't yet, and would like to read the story of my experience (and not just my tips and lessons) please read my blog here: HackerPocalypse 2011 - The Story

HackerPocalypse 2011 - The Story

Here is the first part of a two-part story. This is the story of HackerPocalypse 2011.I am a savvy online person. I can spot scams a mile away. I debunk chain letters and forwards. This scam was so insidious that I was caught in its web. If I was caught, you could be too. This first part is the story of what happened, the next blog will be about how to prevent it and what to do when it happens to you. As my cousin said, "There are two kinds of people in this world. Those that have been hacked and those that will be."It was 5:30 in the morning on a Thursday. I was coming off a rough week. We had three events that week. The lead up was harsh. 60-70 hour work weeks. Coming home only to sleep, change and go back to work. I was busting tush. We got to unwind after the last event on Wednesday with a few adult beverages and afterwards I headed home. I was beat. So extremely exhausted. I finally went to bed around 10:30. I fell into bed totally wiped out.At 5:30 in the morning I started getting texts. One eye open, I noticed the name and decided I would go back to sleep. Why the heck would he be texting me at 5:30 in the morning? Whatever, check it later. I had tossed and turned all night... my brain never fully shutting off. I just wanted my last 2 hours of sleep... I wasn't to get them.Next was a text from my brother on the east coast. Weird. He rarely texts and never this early. What is going on? With one eye open I see the words "email" and "robbed." I close my eyes. "Was Ronin robbed? Did I get an email? Is my little brother okay?" I am starting to realize I won't be able to go back asleep when the next two texts come in. Both from a local friend. I put together that the first two texts were friends on the east coast but this was close to home. Why was Eric texting me at 5:45 in the morning? Seriously, dude... I'm sleeping.I open both eyes to read this one... "Your personal email has been hacked - change your password ASAP!"I sit bolt upright. WHAT?I try to access my email on my phone. Last email received: 2:17 a.m.It is now 6:07 a.m. and I can't access them. In just about 4 hours, they locked me out of my email.I am half awake, dizzy with the vertigo I try to avoid by not sitting bolt upright from a prone position, made worse by my confusion and exhaustion. I try accessing everything from my, what now looks like an extraordinarily tiny, iPhone screen.Dude. Seriously? I stumble to my living room put my computer on the floor and stretch out. Lights are still off in an attempt to fix the problem and still catch some zzzzzzz's...  5 or 10 minutes later these exact words cross my mind, "Not Likely."This is going to be harder than I expected. I can't access any of my gmail accounts. Eric sends me the text of the message to my work account. This is the first time I see what all 500 of my contacts (friends, family, work acquaintances, strangers who emailed me once, businesses) saw...

HiMy regrets for this sudden request, I have been involved in a robberyduring my trip to Madrid, Spain. I got mugged and all my belongingscash, mobile phone and credit cards were all stolen at gun point.  Ineed your help as am trying to raise some money.I've made contact with my bank but they are not providing a fastsolution. I need you to lend me some money to sort my self out of thispredicament, will pay back once I get this over with.Please let me know if you can assist me in anyway so i can forward youdetails to effect a transfer. You can reach me via email or thehotel's desk phone +3493106____.ThanksTalia--Talia H DavisMarketing Manager*Allied Jewish Federation of Colorado"In the midst of difficulty, lies opportunity." --Albert Einstein"All the world's a stage and most of us are desperately unrehearsed." --Sean O'Casey

That is it in its entirety (with some of the phone number removed so no one contacts them). Did you find this blog because you searched this information? Good. Keep reading and read my second blog about what to do when this happens to you. I found out some tricky information.Well, I imagine it was shocking to the 300 people I saw the day before at a huge event that I had, evidently hopped on a plane, gone to Madrid, gotten mugged at gun point, and emailed them. Shocking how fast the world moves.Now that I have given up sleeping, I have settled in for the long haul. I am in my recliner taking the right steps (again a plug for part two, how to fix this once it happens). I find out that they may be jerks but they are smart and fast. They covered their bases. As I am requesting access to my account (because at this point, I had absolutely none and no obvious way to regain access other than Google intervention) I am Googling the scam. I find records that (duh) this has happened many times before. I let those who have been there, guide me. I learn tips and tricks but I also learn something horrifying... in many of these testimonials the hackers deleted all of their email.WHAT?! Dude, hack my email account my don't destroy my electronic life! Now I am nervous. Will that happen to me or not? Will my emails from my brother who has passed away be safe? The business records I keep in my email? The institutional history I have for various organizations... the horrid memories I, for some sadistic reason, saved in my email.... will they all be gone?I raised this concern to one friend. He laughed it off... this was serious to me. By then it was time for most normal people to get up and the phone was ringing and my Facebook was blowing up. Another dear friend, Mel, who is also a writer, got on with me. When I told her I knew and what I feared awaited me when I had access again, she understood. You see we are both collectors of words. That was a 10 year collection and I feared it was gone.I began changing every password to something different and obscure, praying I could remember all of them. They had access to my bank info, Facebook, etc. In fact, Mel said they had been on my Facebook chat at one point. Everything got changed. Down to my password for this blog. I wasn't going to let these people have anything more than they have taken already.I was granted access to my account again around 8 am. I was scared to see what I would find.Inbox: EmptyFamily folder: EmptyMoney folder: EmptySent folder: EmptyIt was the same in every folder. I had a lot of them.... and a lot of emails. One person online had said their emails were in the trash folder. I checked it. Over 11,000 emails in the trash. WHEW! They hadn't made them disappear forever.First step, passwords all changed.Second step, settings checked.... what's this? They had changed my email to forward every single incoming email to an account they set up - taliah.davis@ymail.com (clearly they didn't know me). I cleaned that up right away. Hackers, you are SHUT DOWN!Third step, I emailed everyone to tell them this:

Well friends and family and acquaintances who I happened to email at any point in my life...You might have received an email from me very early this morning telling you I was in Madrid and needed money. I amA. not in MadridB. not been robbed at gun pointandC. while we are all always in need of money... don't need you to do anything.My email was hacked. Every email that I ever had dumped into the trash for me to try to recover. Please ignore that email and NEVER, NEVER put your password into any website or anything. I can't figure out when or where or how this happened to me but it is becoming all too common.Call this an opportunity for us to catch up. Very sorry for any inconvenience.Best,Talia

It turned out to be a great vehicle for catching up with old friends. Once that as out, I started the process of trying to recover my email.I went to the trash and was saving hundreds of current emails at a time. Then I thought, well the older ones are the more precious so do that first. I got some saved from November to March of this year (the time I was finishing up in Israel and then moving back to Colorado) when, while chatting with Mel online and on the phone with my mothers...BLINKThe trash permanently deleted.I hyperventilated This can't be happening.Gone. All gone.My mother is screaming a million miles away... "Talia! Talia! Talk to me! What happened??"I'm crying hysterically. I tell her that my emails deleted themselves. They must have left a program to do something or were still in the account and saw what I was doing.I used the Gmail feature to force anyone logged in out of the account and cried. My moms tried to console me. I needed to hang up. Several friends were chatting with me and asking what was going on through Facebook or GChat or text message. Most people said, "That sucks."Mel got it.We mourned together for those lost words, sent into cyberspace by the evil hackers.I called my father. He was meeting with another rabbi in Denver that day, unbeknownst to me. He calmed me down. He reminded me that I had the memories of the things I lost but also that it was literally, that day, the start of a new month, Elul. Elul is the last month before Rosh Hashanah and Yom Kippur. It's a time for refreshing and renewing and letting go of the past.These hackers, whom I am tempted to call many nasty names, gave me freedom from the electronic chains that held me to some of my past.Once I did all I could do online, I closed my laptop and crawled back into bed. It was almost 10am. Four and a half hours after this ordeal began with a text message. I took a 20 minute nap and got up feeling refreshed. I dressed and met my father for a rare treat, a lunch together.We talked and he counciled me. Go to your specialists, right? My father is a specialist in sitting in council.My mothers, on the other hand, they called every computer person they ever met or heard of trying to fix this for me.Mel mourned the words with me.Eric told me to get a dirty chai (even though I felt nauseous) and face the day.My brother played it cool and quiet, in his perfect way. Offering support when I needed it but hanging back so as not to overwhelm me.And my dear friend Amanda, who saw me later in the day, hugged me, laughed with me, and reminded me that life goes on.The silver lining of the experience was the number of people who said they would have totally believed it if I ran off and had gone to Israel but Madrid? No way. Another friend said he knew it wasn't true because I would have kicked the mugger's butt first. HA! What great friends!It's been over a week since this happened. I've found that I am missing things that I will never recover but mostly, I am not missing much. I feel lighter. I feel refreshed. I still feel angry but I have moved forward.I know people might be reading this thinking, what a self-indulgent woman. What a waste of a blog or how melodramatic... For me, this was the death of something very important. What I lost in those 4 hours can never be recovered. The words of a brother who died, of friends who have died, memories, scraps of thought to write about forever gone into the dark hole of my brain... gone, never to be seen again.But I hope people can learn from this experience. So HackerPocalypse 2011 - The Lesson (aka part 2) will focus on that. Stay tuned.

Why Honesty Is Always The Best Policy

I was talking to a friend tonight about how so much hurt can be avoided if people were just honest with each other. We both recounted bad experiences and lessons that could have been learned easier if only we or our partners had the guts to just tell truth. What I think is so funny is you can always see it when someone else is in the middle of it but never when it is your own situation. You watch movies or read books and watch lives and relationships unravel all because of a misunderstanding or the inability to just have a simple conversation.And I am not denying that the conversation is one of the hardest ones most of us are faced with, however, for 20 minutes of facing reality and confronting yourself and your partner with the truth, you can save hours, days, weeks, months, even years of pain, hurt, and resentment. But this seems to be the one conversation we shy away from.I was telling my friend about a situation with a guy I was seeing a few years back. We were having a blast, cooking together, enjoying each other's company. For a few months we had a great time and without warning or a word, he stopped calling me. He stopped returning text messages, forgetting or canceling our dates. He was always too busy to see me. But I never knew why. He always had an excuse but never a reason.So I finally got him to meet me for lunch. I wasn't living in Denver then and drove all the way down to meet him at a restaurant. We got 30 minutes into lunch... an excruciating 30 minutes, until I just asked him what the hell was going on. What happened to us? He fumbled. He stumbled. He poked around until he finally came out and told me he had started seeing someone else.I won't say I wasn't hurt because I was. I was sad. But I think I was really sad because he couldn't tell me. Because he had led me on for weeks, letting me believe he cared about me when in reality he wanted to be with someone else. And he didn't understand why I was hurt. I politely, yet abruptly got up and left the restaurant wishing I never had to see him again. Except, at the time, we worked together and I had to work with him every so often. And that was hard and I will be honest and say I was a bit vindictive in my conversations with him at the time (the woman he dumped me for was in the process of a divorce but in the very early stages... when she became available, I became irrelevant).It never feels good to be worthless to someone, easily thrown over... that isn't a good feeling for anyone.But sadly, that wasn't the only time this has happened to me. A very similar... nearly identical situation has happened more recently. And in addition to that there was the guy who kept me a secret until I realized I was just the girl that he was ashamed of but liked to have around. Why else would you keep someone hidden? So I ask, why can't you just be honest with me? Tell me where you are in your life, tell me that you enjoy my company (only if you do) but are involved with someone else or hope to be involved with someone else.It is just so unreal. The pain that comes from the omission, the clearly avoidable pain. Because finding out this way makes you question yourself... makes you think, "I must not be as good as them." And frankly, that just isn't fair to me.I have adopted the honesty policy for myself. After these types of situations and being in relationships that are uncomfortable, I try to be honest with my partner... and I've been called mean and a bitch for it but it really does spare the pain in the long run.And the, I suppose, funniest part of this whole thing... I don't hate them. They hurt me, a lot, yes. Their cowardice and inability to look me in the eye and say, "I am sorry but..." is painful but they were in my life for some reason and I still care for them. But that is a burden I put on myself and I take that responsibility.So just be honest. Please. It sucks for a minute but saves you the long-term hurt.

Hi. My name is Talia. And I have road rage.

Seriously. It's bad. I get very angry when people go way too slow in the left lane or cut people off to get in the far left lane for no reason or when people make stupid choices that risk other people's lives. All valid concerns... not worth rage though.Today, driving into work, the traffic was gross. There was a 5 car pile up and it was nasty. I was trying to merge from the HOV/toll lane onto the highway and get to the right because the accident was in the left lane. This nice guy in a bright blue pickup truck saw me trying to get over. He had been sitting in the mess longer than I (short cut through the HOV/toll lane) but he said to me (our windows were down), "Do you want to get over?" And I said yes. So he didn't blaze forward, he waited patiently for me to be able to drive forward and get in front of him. He wasn't obsessed with beating the other drivers on the road or totally in his own world. It made a huge impact on me.My carpool buddy, Chad, always laughs at me when I drive. Well, he laughs at me even when I am just the passenger. I get mad when people cut us off or do things that could cause an accident or are just stupid. He just drives along without strong emotion, just trying to get home safely to his family. And I wonder, why can't I be like that?"What's your rush? We will get there." OH! So annoying! My dad still lectures me on driving. In the past year we had a few opportunities to travel together where I drove. Don't tailgate, don't pass so crazy, you are going to fast... Didn't he see that I had somewhere to go and these people were in my way? He told me, "Some drivers are like children, they want to play games with you. Slam on their brakes, cut you off, speed up. Some drivers are like parents thinking, you cut me off and I need to teach you a lesson. And they bait the drivers." Okay fine, dad... then what kind of driver am I supposed to be?!"A safe one. I just want you to get home safely and in one piece. And I don't care if you are late. You are with me."Thanks dad.Thanks Mr. blue pick up truck driver.The road rage isn't cured but I think I am on the right path.

Protesting with Prayer

A certain so called "church" group was in Denver last weekend. I am not going to mention their name because I do not believe in giving them free publicity to fuel their hate. I was going to go to their protest and all the counter-protests and I was going to video tape it and take pictures for Patheos. And I was going to write about the experience and the hate these people spread. I was really motivated to go and write about it.

Of the like 20 places they were going to protest, 15 of them were Jewish locations. They have some really horribly hateful things to say about Jews.

And then the day came that they were going to be here, the first day, and I thought, you know, it's rainy out and they were going to be all the way up north in Boulder and they weren't hitting too many Jewish groups that day, it was mostly high schools and churches and I was FAR south of there at work that day... and I was thinking, oh well, maybe I'll go tomorrow.

And I looked at the schedule for the next day and it was the beginning of the sabbath, it was Friday. I thought, I should go... but then I thought maybe I won't go, it's the sabbath. I'm not going to go before the sabbath and I have to work that day... maybe I just won't go.

And then I looked at their protest schedule for Saturday and it was pretty much exclusively Jewish organizations that they were protesting. Not just protesting but they were planning to be outside before Saturday morning services and during the service. While people were praying, they wanted to disrupt the prayer. And I thought to myself I should go, I should go, I should go and videotape it and see what's happening. And I then thought to myself, nah, you know, it's the sabbath and I don't like to work on my Shabbat and I don't like to videotape or use electronics on Shabbat.

Why am I going to put myself out and watch these people protest while people are praying?
Could the best protest that I could participate in be davvening, praying, myself?

And I never ended up making it to any of the protests or counter-protests, though I completely support the people who got out there a stood up for love and not hate. We have a really phenomenal group of people that got out there to all of these sites and stood up to these people and counter-protested their hate. But you know, I realized these people who are full of hatred don't deserve my energy or my thoughts or any sort of positive energy that I might exude or throw off of my being, that they would receive by them being in MY presence.

I can't say that we can totally ignore them because sometimes that just isn't right but I won't be writing about them beyond this blog entry and I certainly won't be mentioning their name.

But I will be praying that that their message of hate dies soon.

(Originally posted at the Jewish Portal at Patheos)

SHORT BLOG = #JackassDay

So today has officially been declared Jackass Day.

Bad drivers, bad boys, bad social networking sites... just all around annoying. But the best part is nearly everyone in the office is on the same page. So we are trying to trend #JackassDay on Twitter now. And having a great time...

Hilarious... so enjoy Jackass Day and if you want to be cool, help us trend #JackassDay by Tweeting about Jackass Day with the hashtag - #JackassDay

:)