- I got two identical spam messages from two friends. Which of us has been hacked?
- Can spyware see what you did before the spyware was installed?
- Who’s responsible for monitoring misleading advertising?
- Do I need more than one browser? Why?
- Can we no longer view websites without getting popups?
- Why does my account keep sending out spam?
Links above are to Ask Leo! articles based on the transcript below.
Download the mp3 [14M]
Welcome to AskLeo! Answercast #155. I’m Leo Notenboom and I’ll be answering questions that people have been asking out at askleo.com.
Today’s Answercast is brought to you by Saved: Backing Up With Macrium Reflect. Prepare for the worst; bounce back from the inevitable. You probably know I talk a lot about backing up on Ask Leo!. As I say at the end each of every Answercast, it really is the closest thing to a silver bullet. When it comes to computer problems, most especially including malware, nothing can pull your behind out of the fire like having a proper and recent backup just ready to go.
Macrium Reflect is my recommended go-to backup program. Saved: Backing Up With Macrium Reflect is my book that walks you through downloading it, installing it, setting up your backups, and making them automatic – and then walks you through testing those backups, restoring files and restoring your entire Windows system if you need to. But wait, as they say, there’s more! Once you register the book, using the link in the book, you’ll have access to companion videos that show you how to do each of those steps. Regardless of how you buy it, registered owners also get access to digital copies in pdf, mobi, and epub formats.
Check out Saved: Backing Up With Macrium Reflect today! Go to askleo.com/macrium for more!
I got two identical spam messages from two friends. Which of us has been hacked?
Leo, I’ve received two emails from two different friends, both of which have the same link in them. Hotmail threw both of them into junk mail area so I was suspicious and didn’t click on the link and deleted them. But I was wondering, have they been hacked? Or have I? Should I warn them or start looking into my own vulnerability?
You know without looking at the actual message source (meaning the headers that you don’t normally look at) it’s nearly impossible to say. It could be you, but ultimately, I don’t think it’s likely. It could be them. Or, believe it or not, it could be nothing at all.
Remember that it’s trivial to make email look like it’s “from” someone that it’s not. Nothing has to be hacked for that to happen. In fact, spammers have been doing that for years. So it’s not at all uncommon to get email supposedly from someone who actually had nothing to do with it at all, and who has not been hacked. That, in and of itself is so very common, that getting spam from someone you know, well, it’s pretty meaningless when it comes to understanding what might actually be happening.
That you got the same kind of message from two friends is only slightly more interesting.
Spammers want to send you messages that you’ll open. One way they do that is to send you messages that look like they come from your friends. And again, no one has to be hacked for that to happen. The spammers just fake the “from” line and send you the email.
How do the spammers know you are friends? That too, is actually possible without anyone being hacked. For example, there was a data leak at Facebook for a while that exposed friendships. Information you post publicly on social media can also make it very apparent who your friends are and it doesn’t have to be a true friend. Just someone that perhaps you’ve interacted with in the past. From the spammers point of view, as long as the “from” line that they choose to fake is something vaguely familiar to you, perhaps you’ll actually open their spam.
Now, of course, it is possible that your friends have been hacked.
That too, is unfortunately common. I hesitate only because you had two friends send you the same message at roughly the same time. That feels more like random spamming. However, if both of your friends’ accounts had been hacked, then yea, the spammer could have found you in your friends’ address books and thus your friends’ accounts could, quite literally, be sending you spam directly – because, yep, it’s possible that they’ve been hacked.
It’s actually unlikely in my opinion that you’ve been hacked. Normally when an account is hacked, it sends spam. Hacking is rarely related to the spam an account gets after the hack. In fact, the most common symptom of a hack is simply you can’t login because the hacker changed your password.
However, there is a tiny chance so why not be safe? Change your password. Check out my article, “Email hacked? 7 things you need to do now” to at least get some ideas of the recovery steps you might want to take. Even if your account hasn’t been hacked, it does no harm to stay safe.
Can spyware see what you did before the spyware was installed?
If spyware is installed by malicious websites, or maybe even the government, is that spyware able to track internet information which had existed before the spyware was installed?
Ultimately, it really depends on exactly what you mean by “internet information”.
It’s important to realize that malware can do anything it wants to on your machine and can access anything that is stored on your machine. That, in and of itself, exposes some historical information – but it might also be a foot in the door for more.
There’s a fair amount of historical information that’s commonly stored on your machine. Your browser history is perhaps the most obvious example. And yes, malware can access anything on your machine so it can access that. Other things might include, perhaps, the recent documents list in Windows (or in specific applications) which might show what you’ve been working on for some period of time in the past. The recycle bin is another good example. In fact, the recycle folder in your email program is another potential source for information that could be accessed by spyware. More complex software could, I suppose, even look at things like your cookies or your browser cache and determine the sites that you’ve been visiting and perhaps some of what you had looked at while you were at those sites.
All of this happened before the malware was installed, it’s just reporting back the information that it finds on your machine.
But there’s an interesting scenario that I actually hadn’t considered until I thought about your question. Malware can do anything – and thus it can record your keystrokes or however it is that you login to, say, your email program. Keyloggers are the common term, although they often now log much, much more than keystrokes. So, the malware can capture your username and password to your email account, any account actually. That then, when reported back to the malware’s originator could allow them to log in and access your email including your email history in the form of your sent mail folder if it happens to be stored online.
In fact, in the case of a service like Google, they might be able to access your search and other history depending on what services you used and what options have been set. If you have a Google account that you’re normally logged into, check out history.google.com/history, for an idea of the information that’s been kept.
So the short answer is yea, not only can spyware do whatever it wants on your machine, “whatever it wants” includes looking at the files and records of your previous actions that might be stored on the machine.
Now, as to whether or not there’s spyware that actually does such things, well, I’m skeptical. Hackers are more commonly after simpler stuff. But nonetheless, it’s yet another reason to keep your machine updated and your anti-malware tools and practices running and up to date.
Who’s responsible for monitoring misleading advertising?
Leo, thanks for your site. Which agency controls or watches the advertisements of all the links that are posted? The big complaint that I have are the sites to clean your PC, which say “Free”, and at the end you have to pay for activation. Should it be a requirement that a big red note says, “This is not a free site”? I fully realize that there’s no free lunch but these lead you on to sites and cause you to waste much time.
The practical answer to this specific question that you asked is no, there’s not really such an agency. Yes, in the United States you might think of your state’s Attorney General but practically speaking they’re rarely going to step in and help unless it’s something really, really serious. Besides, most of these ads have some very slippery wording that actually keeps them out of trouble.
I call these “weasel words” – words that can be interpreted to mean something, something else or nothing at all. Seriously, here’s an example, the phrase, “Free Download”. Now typically, the word “free” will be much larger and more prominent than the word “download”. All that really means is that the download is free; you can download without paying anything at all. Now you might think that implies that the program that you just downloaded is itself free; that’s not what they said. They said, “The act of downloading that file was free”. What happens next may or may not be. You could download it to your computer without paying anything. Running it – well that’s another matter.
Here’s another example – free system cleanup analysis. With the same emphasis on the word “free”. Again, you can download the program for free. You can even run the program for free and it will analyze your computer all for free. Oh, you want to do something with the results of the analysis? Well, that’s going to cost you. All they promised was a free analysis or a free scan or a free something that actually does nothing particularly useful. Nothing except leading you to the point where they should say “for this to be useful and to do what you thought we promised, you’ll need to pay”.
Again, if you read the wording of what they offer carefully, they did not offer to fix anything for free. You and I, and many others, simply assumed… I mean what good is a scan without a repair? Other than being good for someone to make money, I guess.
I would love for these advertisements to be clearer.
The ones that I’ve mentioned are at least honest, albeit with a high degree of mis-direction. And you know why the mis-direction is there? Because it works. Not as many would click on those ads or use those downloads if the ad included information that payment would be required for anything useful. And enough people do get duped into paying at the end that it makes it worth while for these companies to continue to do what they do.
Another pet peeve of mine are things that look like programs but are actually recurring services. You think you’re purchasing a program with a one-time payment. I mean, you download the program, you try it out and now you want to buy it like so many other programs – except that you don’t look carefully at checkout time. What you find is that you’re paying not for a program but for an annual subscription. It’s not $29; it’s $29 per year or worse.
I’m not saying that subscription services for software are bad. I am, in fact subscribed to a few. What’s bad is playing on people’s expectations that they’re buying a one-time thing, only to find out that they’re committing to something much more.
And unfortunately, you know there really is no practical recourse for individuals. Yes, you can complain to various agencies (like I said, your state’s Attorney General or whatever might apply in your country) but my belief is that unless it’s a horrific lie, they’ll slip through on the technicality that they were telling the truth: you just misunderstood.
Even when it is a horrific lie, most of the watchdog agencies are so overwhelmed that it would have to affect a lot of people over a long period of time to get their attention.
So, what’s a poor user to do? I can’t emphasize this enough – be skeptical – always. As you’ve said, there is no such thing as a free lunch so don’t’ expect one. Same with the programs that offer to clean or magically fix your problems. You don’t need software, free or otherwise, to clean your computer. No software is going to magically fix your computer’s problems.
Another saying that’s really good to remember? If it’s too good to be true, then it’s probably not true.
Instead, turn to resources that you trust. Now I don’t care who that is. It could be a friend, it could be a relative, someone who is perhaps a tad more computer savvy and experienced with the types of issues that you’re facing. Develop a relationship built on trust. Use that relationship then to learn what’s really possible, what you can do yourself and when additional tools might be called for. And when those tools are called for, exactly what tools might be trustworthy and appropriate but above all, above all, be skeptical.
Do I need more than one browser? Why?
I run Windows 7, Internet Explorer 11 and Firefox 28 on a nearly new LG all-in-one with an I5 processor. I have two issues with Internet Explorer. When accessing a video link from an email, for example, I get sounds but no picture. When booking an online ticket, I can’t complete the process as when pressing “next” I’m returned to the first page. I don’t have either of these problems with Firefox. Any suggestions?
Honestly, I think you’ve answered your own question. If it works in Firefox, use Firefox.
You know browsers are complex beasts; websites can be complex beasts. When you combine them, well, things get geometrically more complex. All three of the top browsers: Internet Explorer, Firefox, and Chrome, are good, solid browsers – including many others like Opera.
I have no problem recommending that you use any one of them as your primary browsers. Pick whichever one feels best to you; pick the one whose interface you feel is the most intuitive; perhaps the one you feel performs the best on the sites that you typically visit. Seriously, any of them will do just fine these days.
Then install another one. If you use and like IE and then have either Firefox or Chrome installed as well. Make sure that you leave the default browser set to the one you like the most. For example, IE. But I can pretty much guarantee that sooner or later you’re going to want one of the others.
Some websites just don’t work well in every browser.
Cross browser compatibility is a difficult thing to achieve 100% success on. While there are standards there’s enough variations in how things work that it’s not that hard to accidentally overlook something that works a little differently in one browser as compared to another. The sites that works fantastic in Firefox just might not look good in IE.
On one hand it’s the website’s fault for not doing it correctly; on the other hand, it’s unrealistic to expect every single website to test against every possible browser. Stuff happens.
Now, some browsers just work on every website. You know those standards I just mentioned? Internet Explorer has a reputation for a long time for not being standards compliant. Things written correctly would simply not display correctly in IE.
And it was, in fact, Internet Explorer’s fault. Period.
And yet, it was the most popular browser by virtue of being included in Windows. IE itself has gotten a lot better in recent versions. They even added what they called a “compatibility mode” for websites that don’t display well. But there are people that still swear that IE doesn’t display many websites properly. All I can say is, could be.
The other problem though is that for a long time in many websites were actually written to work specifically with that non-standards compliant Internet Explorer. What that means is that even though IE was doing things wrong, websites wanted to work with the most popular browser and thus they did things wrong as well in order to work with IE.
As every one, over time, did a better job of adhering to standards, now those old websites that were written to work with IE won’t work properly in other browsers or even later versions of IE. The bottom line here is that you can see pretty quickly, it’s a bit of a mess. The practical, pragmatic solution for you as an average user is very, very simple. Install another browser and use it when you need to.
Can we no longer view websites without getting popups?
I’m getting a lot of ads popping up when I’m on a site (I guess they’re called pop-ups). It could be anything – an ad for an insurance company, or some other product disrupting my viewing and often it’s very hard to delete it; it just keeps popping up regardless. Is there any way I can eliminate these interruptions and if I do will it affect my viewing or access to these sites? The reason I ask is this: I can remember a few times I had to allow these pop-ups in order to continue accessing a site. Is it impossible in today’s internet that we can’t view the internet without these interruptions?
The problem here is that pop-ups come from many, many different sources and may be of many different kinds. Some are the very legitimate price you effectively pay for viewing a free website. Others not so much.
First, remember that free websites are not free. They cost money to set up; they cost money to maintain; they cost money to be informative and useful. Trust me on this; I know! So, that money has to come from somewhere. Money to pay the people that run the site; money to pay the people that help the people run the site; money to pay for the hardware; money to pay for the software. You get the idea. There’s really no such thing as “free” on the internet.
Somewhere, somehow, someone has to pay the bills. Advertising is perhaps the single most common way that websites attempt to generate revenue. Many websites will actually use pop-up advertising. Those happen in two distinct forms.
First, are pop-ups that actually open up an entirely new browser window. That window might appear in front of or behind that window that you’re looking at. It’s also the kind that’s the easiest for a browser’s built-in pop-up blockers to block.
The second kind appears like a small window or an overlay within the web page that you’re looking at. These are more difficult to block – nearly impossible in fact. To the browsers, really, they’re not pop-ups at all. They’re just parts of that same web page that, for a while, were hidden. When they unhide, they appear to pop-up.
Now. Website owners choose to what to do in cases like this. They choose what kinds of pop-ups to use or not on their site. For example, Ask Leo! has no pop-ups that make new browser windows. In fact, it’s also not supposed to have any kind of pop-up except for the newsletter offer that appears once every 180 days after you’ve been on a page for 30 seconds. Occasionally, an advertiser will include some kind of an on page pop-up but that’s about it.
Other website make different choices. Websites that include more aggressive pop-ups actually, typically make more money because, to put it bluntly, those more aggressive pop-ups are actually more successful at getting people’s attention.
Now, there’s another kind of pop-up that’s not under the control of website owners. That’s the pop-up advertising that’s generated on your machine. Sometimes toolbars and other software that might be installed on your machine include embedded pop-up advertising. They actually hook themselves into your browser in such a way that they modify the pages that you visit – and very often the search results. With that modification, they add pop-up advertising to sites that don’t have it.
The site gets no benefit. You just get annoyed. But the advertiser gets seen and the advertising service that caused that pop-up to get added, they get money. More often than not, these are the results of what we call foist ware or “PUPS” Potentially Unwanted Programs. They get on your machine by being offered when you install something else unrelated. I say offered because there’s often a checkbox in the set up program that you can uncheck not to install them. In other words, if you’re not paying attention, they get installed.
The upshot is that you need to very careful what you install and watch for installing things that you don’t really want by accident. Remove unwanted toolbars and other PUPS and foist ware that you might very well see on your machine. If you do that, you’ll probably see the number of pop-ups decrease dramatically in your internet travels.
But the rest, the honest presentation of advertising by the sites you visit, pop-up or not, well, that’s how they stay in business.
Why does my account keep sending out spam?
Hi, Leo. I changed my password four times on Yahoo yet my account keeps sending out spam. I’ve emailed Yahoo with a spammers address. Where can I report someone who’s stolen my contacts to email people? At least I have the address of just the last one who stole my account. What should I do? People are annoyed because I keep sending out spam – four times in one month. What should I do besides changing passwords and security questions? Even if I change to a non-Yahoo for email don’t these people already have my contacts somehow? Is there a way to delete my contacts? How do I report these people? I feel like Yahoo did nothing with the last ones.
You know, there are a bucket load of issues here, and quite frankly an awful lot of confusion. This can be a very frustrating situation but what happens next, if anything, depends exactly on what’s really going on.
First, I have to ask: how do you know that it’s your account being used to send spam? What’s incredibly important is to realize that just because the spam says it’s “from” your email address, that doesn’t necessarily mean that the spam was actually sent from your account.
Spammers can fake the “from” address. It’s very easy to do. That means that they can make an email message look like it came from you or me without ever having to access our accounts. They don’t have to hack anything. It’s trivial.
So, the first thing is: never assume that spam with your email address in the “from” line actually came from you. In most cases, it actually hasn’t. How do you tell for sure? Well, there are two ways: Is the spam in your sent mail folder? If it is, then yes, your account has been hacked and it was used to send spam. There’s clear evidence. Of course, hackers can and often do, delete the sent mail but nonetheless if you find the spam that’s been sent in your sent mail folder that’s an unambiguous result – your account has in fact been hacked and it is sending spam.
The other approach is to look at the headers of the spam messages themselves. Now I’m not saying the simple headers that you see by default in most email programs, like the “from” line but the full list of headers that geeky people, like me, look at. If you “view original” in Gmail on a message you’ll see them. Or in Outlook, look in the “Advanced Properties” of the message, I believe.
And of course there are other ways on other mail services and programs to take a look at these full message headers. Someone knowledgeable about what to look for can look at those headers and determine if indeed the message came from your actual email account or if it’s just a spammer faking the “from” address.
So, what do you do if they’re not sending from your account, which honestly, is what I think is going on? They’re sending email that looks like it came from you but your account was never involved.
You can do absolutely nothing. It is completely out of your hands. Let your friends know that it’s not you; it’s not your account and get on with your life.
If your account was involved, well then things get more interesting. You need to change everything in that account that could be used for password recovery. That means the passwords and the secret questions, like you mentioned. But it also means the associated mobile number or an alternate email address.
You even need to check if that hacker added automatic forwarding or messaging processing rules that would still allow them into your account. You need to check it all. You probably need to change it all. As long as one tidbit remains that the hacker could use to regain access by faking a lost password recovery? He will.
Oh, and about the contacts thing. As long as you’re certain that the contacts came from your online address book and you’re really, really certain about this, then it’s possible that your account had been compromised at least once. The problem is that now the cat’s out of the bag. All the hacker needed to do at that time is make a copy of your contacts. Exporting the entire list perhaps. Then no matter what you do with the account after that, he still has that list. He can still send fake email to look like it comes from you and send it to that list.
Once again, there’s nothing that can be done about this either. Other than making sure you can completely recover your account and secure it properly. Once the hacker has your contact list, he has your contact list.
Well, by now you probably realize that I do the Ask Leo! Answercast every week so if you have a question about your computer the internet, or technology head out to askleo.com to search for your answer or to ask your question. You might hear it answered here in a future Answercast.
I also put out a newsletter every week. The Ask Leo! newsletter includes answers and fixes, and safety tips, and opinions, and even the occasional answer as to just why things are the way they are.
Please back up! You know I plug this every week because it’s so incredibly important. Nothing can save you from almost any disaster, like a proper and recent backup.
All of my answers they are are based on my own personal experience and should be used entirely at your own risk. I just don’t know you, your abilities, or the specifics of your machine and those of details can make all the difference.
The Ask Leo! Answercast is a production of Ask Leo! and is copyright 2014. Thanks for listening. I’m Leo Notenboom and I’ll be back soon with another Ask Leo! Answercast.