[Gpdd] MISC: accidental spam

[Sandra Oliver-Poore]

About the spam.  But first Hi Birdie!  Great to hear from you, you have been
missed.

What I wanted to say is that you weren't spammed by a friend. A pernicious
evil hacker planted a Trojan or other malware on your friends computer.
Your friends actions were all innocent.  If you don't have the right
protection and are on any kind of a network you can be hit in a coffee shop,
on the road or at home if your network isn't properly protected, or by a
link in a message sent by an evil hacker who obtained your email address by
theft or purchase.  Once infected the Trojan searches the victims computer
for the information it wants and when it finds it sends it to its master,
who then uses or sells the information.  What that means is that it's the
buyer  or owner of your  friends stolen information who sent the spam, it
wasn't your friend.  Depending on the sophistication of the malicious
program it can even send out the messages from your friends computer. 

In this case we weren't all hit because the specific stolen information
didn't include all our emails, to hit all of us the GPDD would have to have
been hacked and it wasn't. 

There are more scenarios possible but this is the one that fits some
specific  experiences I have had best. People can check also their "sent
email" folder to see if their own computer was used. Also a person may see
"bounced" email notices in their inbox when some of the stolen email
addresses had been disconnected and were no longer viable.

The most important thing is: If you get an email from a friend, esp. an old
friend you haven't corresponded with for a long time  do not click on link
inside that email.  The titles of these emails are designed to be very
generic, like Hey!  Or even look like an add. You are enticed to click on
the link inside, that makes the offense less serious legally in many
jurisdictions.  If something looks suspicious to you email the sender
separately (don't send them back the bad email) and ask if they sent you a
message with that title.  I got one from a Mozilla (Firefox) recommended
add-in.     The other important thing is to have a highly rated antivirus.
When I was hit my friends who used McAfee were protected, I had Norton and
was not.  Go online to PC World Magazine, and check out the latest head to
head tests of programs.   Then I bought the malwarebytes I sent the link for
after the free trial and run it separately every few days in case something
slipped by, its effective and cheap but don't count on it alone, it's not
the best as primary protection.  I always  scan after I use a public Wi-Fi
network.  Also remember it may not be just emails they were after so change
passwords. 
Good luck Sandy and Sammy with AR