i've been hacked by conservatives. a little help?
full disclosure: i'm a mac user but not as tech savvy as i wish i were (i.e. not really at all).
just after the election, some of my friends reported getting emails from me soliciting for funds to support the conservative party. they had been coming from my gmail account. sure, i was mad, disgusted at these kinds of tactics that use every method other than intellectual discourse and debate of issues to win elections, and more determined than ever to see the gov't fall, but i just changed my passwords to my fb and gmail accounts, dumped the offending pieces of email in the spam file and carried on with life.
they have since started again from a third email account (which i have since closed down, and started anew with a new password), is using all my known aliases in different cases for different letters(but all coming from one address as far as i can tell) but the tone has become increasingly hateful.
one a friend sent me over (received from "me" today) has this language in it:
"For the past two and a half years under the leadership of Prime Minister Stephen Harper, our Conservative government has been working hard for all Canadians. and making, me, (my name) "hard" at the same time.
The choice I have to make in this erection is queer. Do I want a to get rammed up the butt by(a third friend's name) or a weakened bastard named ( the friend's name who gave me the heads-up) with Stéphane Dion watching along with the average Canadian?
I share a great hard-on, evertime I hear Prime Minister Harper speak, a common sense of arousel of my penis, defending the sovereignty of my butt hole and then trying to stand up afterwords.
That is why I am asking you to make a small donation of $10, $20 or even $50 dollars so I can get a job. being a male hoe can only get you so far.
Let’s both donate money so the Conservative Party can continue to run those great ads, make sure the airplane stays in flight, and the buses are fuelled and ready to go!
BUMBACLAT!!!
To donate, click on the following link. (followed by a link i dared not click)
some of the text in other emails seem to suggest that the writer can't tell that the election is over, the conservative party has done a virtual 180 from its previous positions and is now adopting many of the ideas put forward by opposition parties during the election that it previously decried, or that paying down the debt isn't on anyone's current political radar.
can anyone shed some light on this and possibly answer a few questions for me?
1) i am of the opinion that it is more likely that someone i know (or a very clever conservative) found a way to get by the password protections at all of my email accounts, copied my address books, and is sending these out without actually having turned my computer into a zombie mailer with a virus or whatever. how likely is it that i am correct?
2) i've read that apple is now recommending virus protection for mac users based on some recent hacker activity against their platform. is this for real? or is mac just covering its ass for its own purposes? if this threat is real, how likely is it being used in this fashion by these kinds of people?
3) what's the best way to stop all of this from happening and fighting back with some fire of my own?
Welcome to babble!
Have you ever read "Dr. Jekyll and Mr. Hyde"?
Hey there nicknonsense.
I'm a volunteer moderator on babble and I need to tell you a few things.
I see that you aren't a newbie, but you need to know that we're a community here. I don't know you, and i don't know if you're for real, or a conservative troll having a few juvenile chuckles at your computer screen.
I trust Unionist's troll-sniffing capabilities, and mine are none too shabby either. In other words, I need a reason to not ban you right now. I'd call your "humour" in the 8-year-old boy range, except that's insulting to 8-year-old boys everywhere.
I may also censor your idiotic post just because I can and it's offensive on so many levels.Looking forward to hearing back from you. Have a nice day.
He is not a new babbler unionist he joined in 2005.
Also nick, just call the police, eh?!
___________________________________________________________
"watching the tide roll away"
I am not so sure he is a troll, as I have heard a couple of more incidents like this, just different scenarios, from people I know.
___________________________________________________________ "watching the tide roll away"
i can assure you i am not a troll and that my questions are sincere.
the 8-year old boy humour is entirely quoted from the letters being sent around in my name and i am as offended by the language in them as you are. hello?! it's the whole reason i'm writing (after lurking for some time) and asking for help.
and i thought this whole email fiasco was making ME paranoid? i don't know you either maysie, but you're telling me a lot about yourself with your attitude. thanks for nothing. i've done nothing to warrant this kind casual dismissal as a troublemaker, have i? is this how you've decided to express your desire to be inclusive? asking for a reason not to ban me when you admit you know nothing about me? i'm asking for help ffs. i KNOW i can't be the only person affected, as remind has so graciously pointed out, unless i am the victim of a personal attack by an acquaintance (which is what i'm trying to determine).
look, if you don't want to help, say so. if you can't, skip over the thread or read and learn. that's why i'm here. your welcome was even worse than the responses i got from the conservative trolls on my local msg board when i posted a similar message there asking for help. excuse me for thinking i might find some sympathetic souls here who actually might be willing to help stop this from happening to me and/or kick these mf's in the virtual nuts. your open mind and open hand have me totally underwhelmed right now. i've been a lefty my whole life, but threats of your ability and willingness to ban me on nothing more than your fear of the unknown have reminded me why i call myself an independent these days, even at my lefty family's dinner parties.
nicknonsense.
It was the content of the email that you quoted that caused my heavy handed response. Many trolls open with exactly that m.o.
People have likened babble to a party, where, when new, you don't know people and they don't know you. Having some knowledge of who you are does provide context for the rest of us. I lack that information, still.
Also, babble has just been through a rather extensive time the past few days of the use of male sexual/violent imagery in the aim of indicating domination/humiliation/etc. I regret my role in making you feel unwelcome. I tend to be snarky with those I'm thinking are trolls and I don't offer respect.
For the question of your thread, I have no info or helpful advice for you, not being a techie in any way. I hope you find a way around this icky problem.
Assumimg the poster is not a troll, the reply-to: address of an email is easily forged. Spammers do it every single day. The platform, Mac, Windows, PC, is irrelevant.
What you need are the headers of the email. That will tell you the source IP and you can determine if comes from a network or even a specific address in every case.
Once you have that, you can contact the ISP to have the offenders service disconnected as the emails would violate abuse policies. Further, if you like, you may call the police and ask them to investiagte if the emails violate any laws such as misrepresentation, fraud, or criminal harrasment.
I had my mailer do that last year, and I am still not sure of the content exactly I was emailing out. I know for sure I REALLY pissed off someone on yahoo.com, because it was him emailing me and calling me a shitty person and how ashamed I should be and how dare I and he is going to report me to yahoo and he hates me - that is what tipped me off to the fact that I was even sending something. It was an old account I only used a few times.....I am like, wtf?
Luckily it wasn't my regular email, it did not have an address book, it just mailed at random.
Nicknon, how do you connect to the internet? Because if there is an unsecured wireless network in your home, they could be parked outside somewhere and using your mac to distribute spam, install malicious software, and peeking at all your personal stuff in general.
I live in an apratment building and I am surprised to see people with wireless networks at home not knowing that they have to secure thier computers.
One was my next door neighbour and he was surprised when I told him. He has since secured his network. If your not on wireless you should have a good firewall installed.
I want to apologize also. I didn't intend to accuse nick of being a troll. It was a light-hearted (i.e. typically dumb Unionist) comment meaning, "Maybe you have been having some Mr. Hyde moments when you do terrible things that you don't realize in your 'normal' moments." Bad joke, bad taste.
As for your email problem, sounds as if you have a "worm". It's a virus that heads straight for your address book and sends a pre-scripted email to all your contacts. Invest in some decent free anti-virus software (I've used AVG for many years without a hiccup). That should solve it. If it doesn't, check out the Jekyll and Hyde theory. It's very very hard to believe that some neo-con hacked into your computer. Neo-cons are incredibly stupid individuals.
ETA: I notice you say you're a Mac user. Well, maybe it's not a virus, and maybe AVG doesn't exist for Mac. I'm no expert on any of this stuff.
There are no such viruses on Mac and he has not demonstrated that the emails came from his computer only that the From: and reply-to: fields are his. Why would anyone hack into a computer to send email when it is so easily forged? See my comments above.
So how did the real sender get the address list? I bet our poster has sent emails to groups using CC rather than BCC.
The first rule in troubleshooting computer solutions is look for the easiest answer first and eliminate all posibilities on the way up the complication ladder.
Nick.
I've thought and reflected on my behaviour in this thread with you, as well as our PM exchange and I would like to apologize for my posts in this thread. I was over the line and wrong to speak to you the way I did. I'm sorry. I didn't mean to make you feel unwelcome, and I recognize that's what happened. I hope you're able to feel welcome on babble, and continue to contribute your thoughts to the various discussions. I also hope very much that you're able to solve your email/spam problem.
I have heard of spammers harvesting names from cc's in emails but never from actually opening emails. Did you mean opening attachments or clicking on links in forwarded emails?
Yup, I think FM's explanation is by far the likeliest.
The trick is to neither reply to such emails (because that says you're real), nor to re-forward them without first chopping off other addresses and using BCC. Just opening an email can tell a sender you exist depending on how you've set your "Receipt" settings. But you're right, just opening the message can't reveal your address book.
my suspicions are becoming increasingly focussed on one person with whom i would have exchanged many many emails in years past. tho i can't remember at any time having done mass email to my entire address book (not sure i would even know how without sitting and spending the time to figure it out, something i haven't done before), i did know this person well enough that it's possible he may have been able to access those email accounts by answering correctly the questions you get prompted with automatically when you forget your password.
so while i think it may be personal and nothing to do with actual cpc funny business, i still wonder if i might be wrong. tho there is bad blood between he and i, this individual was a lifelong lpc supporter, and hardly what i would call an intolerant homophobe. given these facts and the language used in the one letter i quoted, i have some lingering doubts as to the true identity of the spammer. i need to be sure before formulating any kind of response. as i mentioned, these intially came from my gmail account and then stopped after changing all my privacy settings. this new round came from an email account i haven't used in ages. none of my contacts have seen anything more since changing shit up at that account yesterday, but it's still early obviously.
but i think i can speak candidly here and say i wouldn't put it past some clever conservative jerkface with an axe to grind, given how many opinionated posts i've made at theglobeandmail.com and other public forums like it.
thanks for the help everyone. if i can determine the identity of this individual, and report it to police, can anyone tell me what i can expect? anyone have any experience with this before? i half-expect them to laugh and do nothing.
much appreciated and very big of you. apology accepted.
how about a do-over?
pleased to make your virtual acquaintance, everyone.
Not sure what you can expect from the police. They may write it up, but I doubt you'll get any real help, simply because it would be a) hard to determine who did it and b) something they probably would not spend a lot of resource time on.
The way you described things in your last post it could be the old friend you mentioned. But like FM said above, if you look at the message header you should be able to trace back a general idea of where the e-mail originated from.
If your right click on the email click on properies on the drop down box.
Its tells you where it came from. Put the sender on your spam list and get on with it.
You can find the ip address of the sender instead of just the address of the email account (ie the server they sent it from, if they didn't use your computer it would be the actual computer that they sent it from not yours). I assume you don't use oulook but for those who do here are the insructions. If it was a Yahoo, Gmail, Hotmail or AOL mail here are the instructions. It is easier to do if you look at the original email sent out so if one of your friends would let you come over and view the original email that would be perfect. If not you can still use the message that was forwarded back to you but then see the link below for sorting through recieved from addresses.
The recieved from field should contain their computer name or IP address and their server name and possibly the internet protocol.
Most spammers hide their ip address but if it is a friend he won't know how to do that. And even with spammers you might be able to figure it out by looking through the recieved from addresses carefully. Check out the page with the Outlook instructions for giving you guidelines on being able to sort through the recieved from sections if there are more than just one.
You can then look up the IP address with any whois search like this one and possibly get a name or even an address or in the very least you can narrow down people that you know who use that intenet service for identification. You can talk to someone at the internet service about one of their clients breaking into your account. It might break the terms of their policy for internet service. I have no idea how the seriously the internet service providers take this, though.
ps sorry it took me awhile to get back on these instructions but I had a problem a few years ago when I was trying to trace my emails and had to find everything!
Not everyone uses Windows. nicknonsense stated (in the opening post) that he uses a mac.
In any case, the advice about looking at the header and following up on that is good, assuming it's a simple and unsophisticated hack.
had a tech-savvy friend do some digging on my behalf.
heres' what he found:
Source:
The source IP address is 66.46.145.67.
Geo-Location Information
Country Canada
State/Region ON
City Toronto
Postal Code m5v3g2
Latitude 43.6667
Longitude -79.4168
Area Code
google earth leads me to the 5th house on the left on manning ave just past barton ave, i think (i don't know toronto as well as i should). anyone feel like putting a flaming bag of dog poo on his front step and ringing the doorbell for me?
anyone have any suggestions about how to proceed further? i suppose i should also mention this person has been signing me up to every viagra sales site, every fetish porn site, every singles dating site both gay and straight, every free credit check site etc etc etc. i just mark them all as spam and forget it, so they don't bother me more than once, but thought i might mention it.
this is starting to look a lot less like my first suspect, who lives in halifax, and more like an ontario conservative jerkwad just trying to get in my craw.
That's funny, I just googled the postal code and got Wellington Street near King and Spadina. Might want to hold onto that flaming dog poo.
I Whoised it and found this
OrgName: Allstream Corp.
OrgID: ACCA-2
Address: 200 Wellington Street West
Address: 16th Floor
City: Toronto
StateProv: ON
PostalCode: M5V-3G2
Country: CA
Full Whois infor can be found here.
Here is the Allstream Website. Sorry, I think you have been spammed.
That IP number is your Ip adress. The street address is where your server is.
Your tech savy friend right clicked on the message.....just lika any experienced computer user would do. I really think you should just let it go.
No actually the IP address is the IP of the company, not his, unless he works for Allstream! And Allstream is a marketing company as well as an internet service provider (check out their website)
If it is a client of theirs through their ISP service they should be able to track the email internally to find out where it came from, it does break the terms of contract. But as I said I don't know how much they will care.
If it is your ISP then your friend read the wrong recieved from line.
is it possible allstream is the conservative party's service provider? or my suspect's?
i do not work for allstream.
I would check and see if it is your friends (the one who recieved it not the one who sent it) email provider first -if it was sent to him and then to you your tech-savy friend may have pulled the wrong IP address from the recieved from box. But the email did go through them at one point either being sent by them as a marketing company for a client or sent by someone who uses their ISP services.