The Aftermath of a Compromise: An IT Consultant’s Perspective

The widespread evolution and adoption of the Internet in the last 30 years have provided many wonderful benefits to society and have allowed millions across the globe to be interconnected with one another. With many great benefits, however, the rapid increase of the Internet has also allowed bad actors to gain easy access to millions of potential victims. In this blog post, I wanted to shed light on a time that I had to assist in the aftermath of someone who was being taken advantage of online. 

While there are many great people in this world, sadly, some bad actors see a great opportunity in taking advantage of some of the most vulnerable people on the Internet, the elderly. For people in my generation, the adaptation of the Internet was fairly straightforward, as we have grown up with it all of our lives; however, for many generations of people, they grew up for a large portion of their lives without this new connectivity. In turn, it can make adaptation more difficult and thus make them vulnerable to being taken advantage of. 

I had unfortunately seen my fair share of videos and news articles online regarding these scams; however, these are not nearly as memorable as some of the times that I have firsthand dealt with the impacts of the aftermath. The Consumer Federation of America estimates Americans lose 119 billion annually to online scams. Let that number sink in; that is more money than you, I, or everyone reading this combined will see in a lifetime.

About a year ago, I received a text message from a previous client out of the blue asking why their Yahoo email account would require their Social Security number in order to continue receiving messages. Immediately upon receiving this text message, alarm bells went off in my head. This is not something that I had ever heard any reputable email provider requesting, and I knew that I immediately needed to act on it before it was too late. 

I called the client and asked for detailed information regarding where and how they were asked this information. The client explained they had previously received an email stating that Yahoo needed to verify their identity, threatening a total deletion of their email account if compliance was not met. My client, while experiencing the fear of losing years of communications, and photos stored on their account, clicked on the link and proceeded to enter their account email and password. They were then prompted by a screen, asking for their full name, home address, credit card information, and Social Security number. Thankfully, upon receiving this page, the customer felt very suspicious and did not provide this information; however, unfortunately, the bad actor was already able to gain to the password that the client had provided to the fictitious website.

In doing this, the bad actor was able to gain access to their email, which was connected to their important online accounts, such as social media and banking accounts. Upon receiving the password, the bad actor immediately changed the password, effectively locking my client out of their own account. In doing so, my client no longer received their emails, and thus feared that Yahoo had genuinely deleted their account. At this point, they contacted me, still not understanding that they had been compromised, but instead, wondering why Yahoo would’ve deleted their account on such short notice.

Thankfully, my client did not provide any of their personal information beyond their login credentials; however, this was still enough information for the bad actor to cause some serious damage. Upon entering my client's email account, they effectively forwarded all of my client's incoming mail to an email address of their own so that they could personally review it. On top of this, they began messaging other unsuspecting victims, the same emails in which my client had originally received, claiming to be Yahoo customer support. I was able to step in early enough while my client’s Yahoo account was still connected to their recovery phone number; therefore, using this, I was able to change the password to the account and effectively log everyone else out. Thankfully, the bad actor did not attempt to access any of the other accounts connected to the client's email; however, I fear that if I had not stepped in, the outcome could’ve been way worse. 

I urge anyone who is unsure or feels uncomfortable about an email or message they received on their computer to contact an IT professional, or someone that they trust in their life with knowledge on computers, before providing any sensitive information or contacting any outside phone numbers or information listed on the website. Unfortunately, these scams still continue to grow, and the best way to combat them is to simply ignore any attempt they make to steal from you.