So … how do spammers hack into your account?
Step 1 is getting hold of an email address. They can do this in various ways:
- by checking your website for contact info – this is why, in recent times, we have recommended to our clients to use a contact form rather than publish your email on your website. This is often done by using little programs called spiders than zoom around collecting addresses and sending them back to the originator.
- by making good guesses: If you have a website, you more than likely have an email address linked to that website for example: info@…; admin@… etc.
- by getting access to your contact list: They do this by hacking your online accounts that store contacts. Obviously the owners of online storage systems have processes in place to avoid this but it is good to be aware of it.
Step 2 is checking if that email address is valid. They do this by:
- sending all those irritating messages we normally just delete. the best thing to do with these emails is to use your email client to move them to spam or trash folders and clear them regularly. These emails normally have a read receipt type of code attached to them that will revert to the originator that the email has been read – using the spam folders etc blocks this functionality. DO NOT respond to these emails as this lets them know the email is valid.
- Mailing list subscription form: Setting up fake “self help” and other sites that promise you breaking news and information on various topics etc. To get the info though, you have to subscribe to the newsletter. There are many valid companies that use this technique, but, again the onus is on you to make sure that the company is valid before submitting your info.
- Buying email lists: this is why it is very important to make sure that you are not on mailing lists you don’t want to belong to and you are sure that these lists are not shared or sold.
- Phishing scams: these are emails sent from apparently important companies, banks etc that generally request your banking details, credit cards etc. Be vigilant here … NEVER put your details on ANY site that you are not 100% sure of. If necessary contact the organisation via telephone if you are really not sure.
Step 3: Hacking your password. Passwords are the “weak link” – once the hacker has your email address and password they can then setup a sending capability and send emails from your account!!.
KJM Projects and Hetzner do have security protocols in place to detect this type of activity and will block the email immediately and block the account. The account will then need to be reset.
If your account is not hosted through Hetzner, or by KJM Projects please ensure your hosting provider has similar protocols in place. If not, you can transfer your hosting account to KJM Projects by emailing Kevin.
- Make sure your password is secure – we cannot stress this enough!!!
- Avoid simple passwords such as names in small letters and especially the word “password”!
There are programs that are specifically written to decipher passwords and they can do this faster than you would believe possible.
Try this nifty site to check the security of your password. It will tell you how much time it would take a professional hacker to crack your password. The info you type in is safe as the processes happen in a secure environment.
Give it a try, you will more than likely be horrified at the result.
So how can you create secure passwords and manage them?
Some tips on creating secure passwords:
Your password should:
- be fairly long (recommended 12 characters or more)
- contain capital and lower case letters, special characters and numbers.
Extra Tip: Use a Password Manager – see below – to generate a password
- the same password for different accounts. Make sure each important account has its own password.
- the word “password” in any format
- “Keyboard Sequences” e.g. 753, 123, qaz, qwerty or rgn
- common words or names
- numerical substitution e.g. P4ssw0rd or K3v!n
- a recent news event or similar occurrence; e.g. Conference2017 or BombManchester2017
Check your password on
More than one email or online account?
How to change your password if your website is hosted by KJM Projects
- Login to your webmail account using your current full email address and password: https://secure.konsoleh.co.za/frameset_home.php
- Click on the settings cog in the top right hand corner
- Click on Manage Mailbox in the left column
- You will be asked to re-enter your password
- Click the blue Change Password button in the right column
- Enter your new password in the Enter New Password field
- Re-enter your new password in the Confirm new password field
- Scroll down to the bottom of the page and click the green Update mailbox button.
Please change my password