Announcement

Collapse
No announcement yet.

Screen Name Hijack; What's Up With This CC?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Screen Name Hijack; What's Up With This CC?

    It's happening again. i originally had this going private to the moderator, then thought it might be more effective this way.
    while researching back for some info related to a particular post i made a month or so ago, i'm discovering a few posts that did not come from me. definitely not.
    mind you it's no capital crime i suppose, but it does piss me off because the posts are not mine. the subject matter of the posts vary, but mainly consist of off-color comments, a dark sarcastic manner that i find strange for a prankster. i actually discovered it a few weeks ago. i didn't bother calling it out, thinking well, possibly it was me while under the influence of ambien, ;] seriously however, upon checking further, the dates a times-of-day don't line up. so i'm perplexed. i checked with my family until i realized how stupid of me to even think this. then i thought all internet stuff is traceable with ip addresses to each terminal, are they not? anyway, i just don't see what the purpose is by posting on my screen name. the posts are made of one-line type responses to other's. i figured to ignore it and maybe the joker will stop. don't draw attention to it, right?
    this happened once before and actually dr wise brought it to my attention. i thought to change my screen name but ended up just changing my password.
    question is, has this this happened to anyone else? and what should i do about it?

    #2
    Tim, Jim or Dr. Young may be able to help you, but if you could post a link to any of these hijacked posts (or send as a PM) this would be a big help. I can only find one member named Tim C. (thought maybe there would be a Tim C). Also, you might want to log out, then log in again, go to your profile, and change your password if you have not tried this already. It won't do anything about past posts, but could prevent future ones, esp. someone has discovered your password (be sure the new one is sufficiently strong).

    (KLD)
    The SCI-Nurses are advanced practice nurses specializing in SCI/D care. They are available to answer questions, provide education, and make suggestions which you should always discuss with your physician/primary health care provider before implementing. Medical diagnosis is not provided, nor do the SCI-Nurses provide nursing or medical care through their responses on the CareCure forums.

    Comment


      #3
      Also wouldn't hurt to do periodical anti-malware and anti-virus checks with up to date software.

      Comment


        #4
        Also when members reply to a spammer sometimes Spammers Mirror literally clone and all heck happens ...They got nothing better to do ...
        If you suspect a spammer contact mod's via pm and Admins asap

        Sorry you got hijacked

        There are lot's of losers out there / up to no good

        Comment


          #5
          Tim, unfortunately, I don't think that we have the software to analyze the IP address of each post that was made by a user who signed in with your username and password. What I suggest is that you change your password immediately and not let anybody know what it is.

          Wise.

          Originally posted by Tim C. View Post
          It's happening again. i originally had this going private to the moderator, then thought it might be more effective this way.
          while researching back for some info related to a particular post i made a month or so ago, i'm discovering a few posts that did not come from me. definitely not.
          mind you it's no capital crime i suppose, but it does piss me off because the posts are not mine. the subject matter of the posts vary, but mainly consist of off-color comments, a dark sarcastic manner that i find strange for a prankster. i actually discovered it a few weeks ago. i didn't bother calling it out, thinking well, possibly it was me while under the influence of ambien, ;] seriously however, upon checking further, the dates a times-of-day don't line up. so i'm perplexed. i checked with my family until i realized how stupid of me to even think this. then i thought all internet stuff is traceable with ip addresses to each terminal, are they not? anyway, i just don't see what the purpose is by posting on my screen name. the posts are made of one-line type responses to other's. i figured to ignore it and maybe the joker will stop. don't draw attention to it, right?
          this happened once before and actually dr wise brought it to my attention. i thought to change my screen name but ended up just changing my password.
          question is, has this this happened to anyone else? and what should i do about it?

          Comment


            #6
            Do you have your PC set up so that it remembers your password and you don't have to enter it every time you log in to CC? Mine is. If so, could anyone else have access to your PC?
            - Richard

            Comment


              #7
              Thanks for replying, I was found it was a former weekender.

              Yeah, a former part time caregiver, thinking he was clever. He wanted me to think I was more forgetful than I really am. I started numbering the posts as per SCI nurse when it dawned on me. I had a suspicion, but then became convinced when I saw a few eBay auctions pending. If I began bidding eBay auctions that I forgot about, I'd lock myself up. Nah, I'm not that bad yet. It's only the second time it's happened, but just because he saw me frequently reading CC (i read much more than post) he thought to sub comments, stupid ones too. It shows he reads CC? I called him today and he laughingly admitted to it. What for? What a flipping jerk. This happened several years ago too. Like I'm not dealing with enough these days?
              Thanks guys

              Comment


                #8
                You said former, did you fire him over this or was he doing this because he was upset about being fired? I guess im asking which came first lol.
                Board Member of Assistance Dog Advocacy Project working in Education. Feel free to ask me any service dog questions!

                I am not paralyzed. I have a genetic connective tissue disorder with neuro complications and a movement disorder.

                Comment


                  #9
                  My oversight guys. It's not that I hand out my passwords, etc.

                  Originally posted by ~Lin View Post
                  You said former, did you fire him over this or was he doing this because he was upset about being fired? I guess im asking which came first lol.
                  My failure lies in observing the proverbial "honor system". Being the soul proprietor and only user of my computer as my main portal to the world outside my little home, everyone including my primary live-in, as well as regular 2x mo. weekend caregivers come equipped with their own portals. (Lest I'd happily loan them a spare from my inventory of laptops). Still, there comes the occasion I must draw upon the dangerous labor pools of the unknown caregivers when I'm in a bind as a fill in. Still again, I must say I've been rather lucky in this regard by not getting stuck with any "Hannibal Lecter" types caring for me. That said, when I find myself being cared for by an unknown entity, I think to get good if I give good. So I let the guy use my laptop to check his email during his downtime, what harm...?
                  Moral of story peoples, make sure you first log out!
                  Yeah, practical joke from weird sense of humor.

                  Comment


                    #10
                    Browsers with JavaScript are vulnerable to MITM attacks. You go to a dodgey site with JavaScript. You are pwned. Then you enter your credentials to this site. These are then sent via the attackers proxy and harvested. TLS won't help you as JavaScript will downgrade your TLS and proxy will still talk to site in strong TLS.

                    The only fix is to disable JavaScript. I hope you did not use your CC screen name and password in other apps. TLS also needs to be fixed client side.

                    This is not the same as the arbitrary code execution issue in Java that caused Apple to drop it. I have not seen successful arbitrary code execution in the wild. To do this you need to get lucky with placement of location independent code in an executable text segment. Getting x86 code to run this way is a challenge.

                    It is JavaScript extension language that in the guts of the browser that is real problem. This has caused similar problems to others such as VBA which enabled the macroviruses and is never used for anything useful.

                    If low level HTML DTDs were compiled in to browsers and websites used low level HTML then this problem would not exist. My favourite browser is Lynx and any site that does not work with it is defective and therefore webmasters should be informed. (I like HTML 2.0, tables, etc. as documented in plaintext RFCs at the IETF. Blame the W3C and send them the bill.)

                    These attacks have been used on employees where I work. The credentials have then been used by spam bots to send spam though our email server.
                    Last edited by zagam; 25 Dec 2012, 10:10 PM. Reason: Quincy McGoo and those little words
                    http://zagam.net/

                    Comment


                      #11
                      NoScript

                      I use NoScript to enable this for sites that require JavaScript.
                      However, if you enable the wrong site you will still be pwned.
                      You should inform webmasters of every site you need to enable
                      JavaScript as those sites are the cause of this problem.

                      https://addons.mozilla.org/en/firefox/addon/noscript/
                      http://noscript.net/ http://en.wikipedia.org/wiki/NoScript
                      http://zagam.net/

                      Comment


                        #12
                        HTML is bad by design

                        One more problem with HTML is that link target and link text may be different different.
                        Code:
                        <a href="pwny.example.com">abank.com</a>
                        This becomes harmful when bad mail user agents show HTML version as HTML, by default. It is called a bank phish, but enabled by defects in the design of HTML.

                        The content at pwny.example.com loads your bank's abank.com content first. Then it pops up a copy or bank's log in page and collects your details.
                        http://zagam.net/

                        Comment

                        Working...
                        X