A mom’s way of spam fighting

Enea Ostrich

It was just about a year ago that I discovered that an e-mail account for a local association I was working with was seized, but I didn’t know how or by whom.  It took some work to get that account back by the server, but I did manage to get full control of it.  It taught me an important lesson—do not answer e-mails that appear to be sent legitimately by your server.

Spammers are getting trickier.  Recently a man in Rossmoor contacted me (and all his other contacts) via e-mail and apologized for an e-mail sent earlier that day that was spam.  I called him and he told me that he wasn’t sure how it had happened, until I relayed what had happened to me a year earlier.

In my case it was answering simple questions that the server had asked me via e-mail.  It was then that he told me he had responded to an e-mail on his blackberry and didn’t even realize anything had happened to his e-mail account until he tried to sign in a bit later.

He did what any of us would when we realize we can’t get into our account.  He retrieved it by getting into the server’s Web site and answering the secret questions that are needed in order to sign into the e-mail again.

After he managed to get in, he sent a quick note to all his contacts explaining what was wrong and to not pay attention to the spam e-mail.

His story is common and a simple way of spammers to hack into your e-mail account.

In my case that did not happen.

I was manning the hotmail account and one day I went in to retrieve messages and couldn’t get in no matter what I did.

Although I panicked a bit, I went through the pages needed in the help section of the server’s site.  It was then that I realized all the questions I had answered still did not get me into the site and the server informed me that I needed to do that in order to get signed in.

I then had to use another e-mail to contact the server and explain what had happened and tell them I was indeed the authorized person for that e-mail account.

What I found out through this experience is that getting your e-mail back is not the only thing you need to do.  Some of these spammers really delve into your account.  In my case they had not only seized it, but took the liberties of changing everything I had set in the profile.

They changed the name of the account holder, the contact e-mail, and the questions and answers in the secret questioning area.

They even took the liberty of adding a contact that I was not familiar with.

It included the word “data” within the e-mail, so I immediately deleted that contact.  I figured that it was the way the spammers could keep track of me if I decided to get my e-mail back.  They could continue to send spam e-mails even when I got my e-mail back—how bold.

What I want people to know here is that you need to check through everything in your e-mail account when you finally get it back—it just takes a bit of work.

What this experience last year taught me was that you hear about the importance of changing your password, but you don’t hear about how spammers can easily get into your account even without that way in.

Just like the Rossmoor man and I, we all want to have the ability to believe that our e-mail accounts are secure, but it is only as secure as we make them.  With these experiences I have mentioned here, I hope that it helps someone out there today who feels frustrated in thinking they lost their e-mail account forever.

You didn’t—just contact your server.

Enea Ostrich is a longtime resident of College Park East in Seal Beach.