Join the Experiment


  • Subscribe below to be notified of the next 60-Day Experiment plus other relavent news! Click here to see larger image
    As a gift, download the free Personal Information Manager program.
    Name
    Email

Recommended Reading

60-Day Successes!


Archives

Tools We Love

Add me to your TypePad People list


  • All content on 60 Days to 100k is Copyrighted © 2005 by Maximize Communications, Inc. and the authors. All rights are reserved. No unauthorized publication without written permission is granted.

« Centralize Your Business | Main | Untold Marketing Secrets »

What Will You Do When You Get Hacked?
Here's the 7 Lessons I Learned Today...

I guess it happens to everyone sometime. I just wasn't ready for it.

Some sleaze ball operating from a European IP address (which means he could be anywhere) managed to get my account information for my primary domain in one of my three accounts.

Then he (or she...or it) sent out more than a million spam e-mails using my MaximizeCommunications.com domain. That will get a respectable server blacklisted in a heartbeat.

To my host's credit, they shut me down before most of those could be delivered. (Imagine how many bounced e-mails I would have received. Or spam complaints - even worse!)

But also, imagine my panic when I logged in this morning and saw error pages that said my account had been suspended...

Here's what happened and how it was worked out so quickly...and why.

But first, I wanted to tell you...

about the wonderful subscribers on my list. I sent out an e-mail notifying everyone that my sites were down and why. No less than 7 people offered space on their servers to host all my accounts temporarily while this was being resolved. That was amazing.  Wow! Thank you so much.

Next, I can't say enough about my host - Lunarpages.com. They sent me an e-mail immediately telling me of the suspension, but unfortunately I didn't have my alternative e-mail (like a yahoo or gmail e-mail) input in my profile, so it went to the suspended e-mail account and I didn't get it.

Lesson 1: Make sure your host has a way to reach you when everything fails.

When I called customer support, a junior technician was very nice, but confirmed I was suspended and when I got my security issues fixed, I should give them call back. That's the kind of thing that would have sent me ballistic much earlier in my un-evolved life. But this time, I just suggested maybe I should talk to a supervisor.

Lesson 2: Be nice.

Nick got on the phone. He was the supervisor who suspended the account. He told me exactly why, what needed to be done on my end, and how I could protect myself from further damage.

Lesson 3: Talk to the expert.

I took notes, including Nick's full name. Then I did what he said.

  • Run anti-virus full scans on all my computers. Check...
  • Run anti-spyware on all my computers. Check...
  • Check my files and folders for my websites for any strange files that shouldn't be there. Check...
  • Check with all my outsource partners to make sure they don't have access to my cPanel, but use FTP accounts instead. Check...

Lesson 4: Do what I was told and keep notes of the results. (No spyware or viruses by the way.)

Then I called Mark Hendricks - a trusted mentor who has gone through this stuff before. I wanted to confirm that I was doing all I could do and to be aware of anything I should get the hosting company to do. As I suspected, he suggested changing all my passwords just to be sure that whoever hacked me couldn't get into my vital info.

And one other thing: Make sure they de-listed the IP address that had become blacklisted and reinstated the account on a clean IP.

Did that...

Lesson 5: Always get a second opinion.

I changed the e-mail passwords on all my accounts, removed unused FTP accounts and changed passwords everywhere else.

Lesson 6: Change passwords frequently.

Then I called back Lunarpages.com and got the account reinstated. The junior tech hesitated and suggested waiting until tomorrow when he could get the supervisor's approval. I said I had talked to Nick and read the steps he suggested, including calling back to get it reinstated when all were completed.

It was reinstated within minutes.

Lesson 7: Take notes, be clear, stay calm, be persistence until you get results.

Posted by drperdew on July 23, 2007 in Web/Tech |

Technorati Tags: , , , , , , , ,

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d8341c244f53ef00e00998c8e58833

Listed below are links to weblogs that reference Me?...Hacked?!!:

Comments

Paul Stack

Dave:

Your ability to communicate shines during problems like this. Thanks for the information.

Paul Stack

Posted by: Paul Stack | July 23, 2007 at 08:25 PM

Criss Bertling

Dave,
I love how you handled this with your lists! Brilliant. Not only did you let us know what was going on, but you helped prepare us for when - not if - it happens to us. Thank you for always sharing yourself and your experiences with us. That's why we love you!
Criss

Posted by: Criss Bertling | July 23, 2007 at 08:42 PM

Jeff Burdic

Nice Dude.

Posted by: Jeff Burdic | July 23, 2007 at 08:59 PM

Judy Webb

Welcome back! Welcome Home!

Posted by: Judy Webb | July 23, 2007 at 09:27 PM

Wayne Stewart

Dave Perdew, you are the consummate pro. You handle this all with such aplomb, when I would have been taking up space on my shrink's couch. Thanks for sharing, we are now all the wiser.

Posted by: Wayne Stewart | July 23, 2007 at 09:50 PM

Manuel Cortez

Thank you for the INFO. great to hear you ar O.K

Manuel Cortez

Posted by: Manuel Cortez | July 24, 2007 at 12:49 AM

Albert Grande

David, welcome back to cyberspace!

Thanks for the very important lessons and what we can do about it...This is an invaluable check list. The bad guys are out there and we need to be ready for them.
Hmmm, there might be an information product in the making here!
Stay well!

Posted by: Albert Grande | July 24, 2007 at 04:42 AM

Teri Lee

Thanks for the excellent info!

This happened to me just this weekend!

The part that is making me go into a slow burn - so to be a blaze... is that I have contacted the customer support by email and by phone for the hosting co. and am getting no reply!

Of course the site is still suspended and I can't move my add-on domains until they are deactivated on the suspended one as I get the "owned by someone else" error even though I changed the dns!

Also the other part that made me mad was that in the header of the spam email they forwarded to me (their supposed proof) showed that everything but my domain mailing "program" was from netzero, yahoo, france etc. and promoted some fake charity in France as well.

duh! I make my living teaching web masters how to set up their web sites install scripts etc., (and will definitely add this to my tutorials if I can get them to resolve it...), but the main point is that the spam was not about any service or product even remotely similar to what I do. Plus, I have been online since 1998 without EVER getting any other complaints... and a long time (years) with this hosting co.

So what do they think I all of a sudden decided to go into the spam business?

Sorry to vent - I am very angry and can't see how to fix this since they won't help me other than to cancel all of my accounts with them and move all of my sites - a real pain especially to move my wordpress blog...

Oh well, live and learn I guess...

Thanks!

"Techie" Teri

PS. Kinda funny that "Techie" part huh :)

Posted by: Teri Lee | July 24, 2007 at 12:00 PM

drperdew

Hey Teri -

Thanks. You just re-affirmed how important it is to work with a really good (read - responsive) hosting company.

Sorry about your troubles. Really a pain...

dp

Posted by: drperdew | July 24, 2007 at 12:45 PM

Marie Kane

Dear Dave,

Thanks so much for sharing this experience with us. Both your attitude and the specifics are useful for all of us.

I had a security scare myself lately and along with making sure that nowhere in my computer are there unsecured or encrypted docs containing user names or passwords or other sensitive info, I am also looking into a program called Cryptainer
which comes highly recommended by folks in the know about this kind of thing and which is available in both free and low cost versions. It is a way of putting an encrypted "vault" on your computer and saving files into it. According to them, no one has penetrated this thing yet. Just FYI. Glad all is well!
Best, Marie Kane

Posted by: Marie Kane | July 24, 2007 at 01:59 PM

Marie

PS Whoops, I meant unencrypted docs in line two, paragraph two above.

Posted by: Marie | July 24, 2007 at 02:01 PM

Verify your Comment

Previewing your Comment

Posted by:  | 

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

About

Subscribe to this blog's feed
AddThis Social Bookmark Button

Recent Posts

Twitter Updates

    follow me on Twitter

    Categories

    November 2007

    Sun Mon Tue Wed Thu Fri Sat
            1 2 3
    4 5 6 7 8 9 10
    11 12 13 14 15 16 17
    18 19 20 21 22 23 24
    25 26 27 28 29 30  

    Recent Comments