I’m talking specifically about violating the TOS or “Terms Of Service” as defined by your ISP – AOL, Comcast, Verizon and any number of others. Have you been the unknowing victim of an email hack? It seems like the hackers are out in force these past few days as I keep hearing from folks who received an email or letter similar to the ones below:
AOL Subject: Terms of Service.
Dear Member,
We want to inform you that your account was used to violate our Terms of Service. Here are the specific details of the violation:
Screen Name: xxxxxxxx
Date: 2012-03-11 20:33:32.0
Date: Sun, 11 Mar 2012 17:01:21 -0400 (EDT)
SN in violati0n: xxxxxxxx
Subject: http://eveningdresswholesale.com/wp-content/plugins/wp-safe/lifenews.php?ke=pt138.gif
Please understand that we are sending you this email to inform you of what has occurred on your account. We are aware that this may have been done without your knowledge or authorization. If this is the case, we recommend that you immediately run anti-virus software on all of your computers and reset all of your passwords using the following guidelines:
All of your new passwords should meet the following criteria
1. Minimum of 8 characters in length
2. Not be one of the last 10 passwords you used
3. Contain characters from ALL of the following categories
a. At least one upper case character (A – Z)
b. At least one number (0 – 9)
c. At least one special characters (()#~!$%^&*-+=|{}[]:;”‘<>,.?/@)
Strong password example -> Pr0viDEnce@123
Please be advised that continued violations of our Terms of Service may result in closure of your AOL account(s).
Or – how about this one….
ACTION REQUIRED BY MARCH 6 TO PROTECT YOUR SERVICE
(this alert was sent on March 2nd so you would only have 4 days to react to it)
Dear Valued Xfinity Internet Customer
Comcast has received a report from a trusted security provider stating that one or more of the devices connected to your network are infected with malware….. the letter goes on to say, the infection allows cyber-criminals to re-direct your computer and other devices to websites that may look legitimate, but are fraudulent and intended to steal your personal information, website logins and passwords…..
In many cases, users don’t even know their accounts have been hacked until someone from their email address book replies to them showing a bogus email sent from your account.
It seems strange to me that these types of exploits continue to happen on such a regular basis. Apparently, many people simply don’t heed the warnings of improper password usage and still use passwords that are far too easy to guess.
Forbes recently published their annual listing identifying the 25 worst passwords for 2011 – the Top 10 from the list are shown below:
1. password
2. 123456
3. 12345678
4. qwerty
5. abc123
6. monkey
7. 1234567
8. letmein
9. trustno1
10. dragon
Is your current password on this list?
To see the entire Forbes list click here:
http://www.forbes.com/sites/davidcoursey/2011/11/21/25-worst-passwords-of-2011-revealed/
Obviously, we all still need to work on our secure password selection process. So, to that end, here’s a couple of links to password generators that will allow you to set the number of characters (8 characters should be the absolute minimum number selected) and some additional configuration details and end up with a more secure password.
http://www.pctools.com/guides/password/