Hmmm. I mustn't have the Hiijack product. I don't see a hijack.cfg file.
J. Carl Wagar EntreNet Communications Inc <http://www.entrenet.com> www.entrenet.com <http://www.thehostingservice.com> www.thehostingservice.com 24 Swain Ave, Ottawa, ON, K1G 4T1, Canada Email: <mailto:[email protected]> [email protected], skype: jcwagar Tel: +1 613-737-7327, Fax: +1 613-737-5801 Cel: +1 613-818-8898 From: [email protected] [mailto:[email protected]] On Behalf Of David Barker Sent: Wednesday, February 26, 2014 2:28 PM To: [email protected] Subject: [MBF]Re: Great number of hijacked accounts last few days Make sure you are running the latest version of Declude 4.12.05 it has some improvements with the Hijack as well as make sure you use the HIJADDR ON is used in the hijack.cfg From: [email protected] <mailto:[email protected]> [mailto:[email protected]] On Behalf Of Katie La Salle-Lowery Sent: Wednesday, February 26, 2014 2:17 PM To: [email protected] <mailto:[email protected]> Subject: [MBF]Re: Great number of hijacked accounts last few days Now NINE. Four different domains. The originating IP's are all foreign - and lots of them. In fact, they are changing spoofed IP's after just a few messages, so Declude hijack isn't working as well as HAMR, since it is IP based, but it has pegged 2 of the 9 while HAMR has done its thing on all nine so far. So, while I'm suggesting that clients run independent scans just as general good practice, I don't suspect infected customer computers. I am certainly advising that that password is compromised and that if it is used for other accounts, those accounts need to be changed as well and urging them to not use the same password for everything, but, as you are all quite well aware, people are very resistant to that idea. They don't get that making it easy for themselves also makes it easy for the bad guys. <http://www.centric.net/> Katie LaSalle-Lowery [email protected] <mailto:[email protected]> 1120 S. Russell; Ste B Missoula, MT 59801 ph (406)549-3337 fax (406)541-9338 From: [email protected] <mailto:[email protected]> [mailto:[email protected]] On Behalf Of David Barker Sent: Wednesday, February 26, 2014 11:58 AM To: [email protected] <mailto:[email protected]> Subject: [MBF]Re: Great number of hijacked accounts last few days Sometimes the problem is that a user's computer is infected by a virus which then has access to the mail client in which case the password is irrelevant to the conversation. From: [email protected] <mailto:[email protected]> [mailto:[email protected]] On Behalf Of Carl Wagar Sent: Wednesday, February 26, 2014 1:49 PM To: [email protected] <mailto:[email protected]> Subject: [MBF]Re: Great number of hijacked accounts last few days We are seeing a 3 to 4 fold increase in spam in the last months and a few hijacked accounts, almost one a day, where they seem to magically know the password. Someone suggested I'ts because they have hacked Linked-in, adobe, target and other database in recent months. People have to use different passwords for every system! Carl J. Carl Wagar EntreNet Communications Inc <http://www.entrenet.com> www.entrenet.com <http://www.thehostingservice.com> www.thehostingservice.com 24 Swain Ave, Ottawa, ON, K1G 4T1, Canada Email: <mailto:[email protected]> [email protected], skype: jcwagar Tel: +1 613-737-7327, Fax: +1 613-737-5801 Cel: +1 613-818-8898 From: [email protected] <mailto:[email protected]> [mailto:[email protected]] On Behalf Of Katie La Salle-Lowery Sent: Wednesday, February 26, 2014 1:40 PM To: [email protected] <mailto:[email protected]> Subject: [MBF]Great number of hijacked accounts last few days We have had EIGHT hijacked accounts in the last two days. For us, that's a great many. Imail HAMR and Declude hijack have been doing their jobs, for which I am very grateful. Is anyone else seeing an increase in hijacked accounts the last couple days, or are they just picking on us? <http://www.centric.net/> Katie LaSalle-Lowery [email protected] <mailto:[email protected]> 1120 S. Russell; Ste B Missoula, MT 59801 ph (406)549-3337 fax (406)541-9338
<<image001.jpg>>
