Internet and Email Security

[bootneck02]

My email account had been compromised and just a warning to other members that it is happening. I had thousands of emails so much so it crashed my Internet providers servers and my operating system. With the help of my Internet provider now back on the run but my advice to all is to have a password that is at least 10 figures long and is a jumble of Letters and Numbers long. To rectify the problem I had to reinstall my OS change my email account name and my passwords all a dam nuisance and took time to rectify. Perhaps Ian could put out a warning to members this is happening as it seems to be a thing which is happening more frequently now

 

[Ian]

Out of interest, was it an e-mail account with your ISP or one from a 3rd party provider (gmail, Yahoo, Hotmail, etc...)? I guess it was the former? ISP email addresses tend to have fewer methods of detecting intrusions and unauthorised access, whereas something like a gmail account can have 2-factor authentication or clever methods of detecting suspect access. It may be worth trying somewhere else for your e-mail?

It also may be worth checking your old e-mail account in this "pwned" database and see if it appears:

https://haveibeenpwned.com/

If your e-mail account had the same password that was on a compromised site that stored passwords insecurely, that may explain how it was taken ownership of.

 

[bootneck02]

Thanks Ian, I have been on the site and checked my old email address and my new one and the site confirmed the old one had been breached, the new one OK. I think this goes back to 2016 when Mint distros were attacked in 2016 and a lot of data was stolen from PC's.

 

[V_R]

Mint distros were attacked

I thought Linux was immune to stuff like that?

 

[EvanDavis]

I thought Linux was immune to stuff like that?

 

[bootneck02]

So did I but not going back to Microcrap as they seem to think the OS you bought is theirs and want all the information of what you are doing.

 

[bootneck02]

I thought Linux was immune to stuff like that?

So was I but there seems to have been a hole in Cinnamon now patched but the problem for me was that it not only took down my email but also my internet provider's servers which caused them a problem. But all solved now BUT it does reinforce the advice of Internet security people to have a password of 10 or more letters and numbers for email and other passwords for software.

 

[Urmas]

I think this goes back to 2016 when Mint distros were attacked in 2016 and a lot of data was stolen from PC's.

Hmmmmm...

Might be possible — but only if you had installed Mint Cinnamon 17.3 using an ISO downloaded on Feb 19-21 (2006), downloaded via FTP (NOT via torrents or via a direct HTTP).

The Linux Mint user forum was also compromised. User data ((usernames, passwords, additional personal data) was stolen and offered up for sale. So, people whose forums password is the same as their email password ended up the proverbial creek with rather a serious paddle deficiency.

http://blog.linuxmint.com/?p=2994
https://threatpost.com/linux-mint-website-hacked-isos-replaced-with-backdoored-versions/116370/
http://www.csoonline.com/article/30...ata-up-for-sale-iso-downloads-backdoored.html

 

[Abarbarian]

I thought Linux was immune to stuff like that?

No one is immune from attacks. It is the quality of defense that makes linux a much safer os than the commercial alternatives.

 

[bootneck02]

Yes at that time I was using 17.3. But it seems strange that the attack only happened 2 weeks agoAlso it did not attack me personally but my Internet provider which caused them a problem.on my email account.

 

[V_R]

Looks like we hooked a live one boys, reel 'em in!