Wednesday, June 22, 2016

Jen's Chatty Hacker- UPDATE

Updated 06/24/2016-
The virus scan GA ran after deleting the "Jen Hacker" email detected an infection of "high severity" - a virus.  Who knows if it was related, but a heads up to anyone who got one of those to run a scan.  Just because you have not observed  changes to your system does not mean the virus is not wreaking havoc in your hard drive.  Here's the virus:  XPL/Gen CW _
XPL/Gen CW _ is a malicious software that once it is executed has the capability of replicating itself and infect other files and programs. These type of malware, called Viruses, can steal hard disk space and memory that slows down or completely halts your PC. It can also corrupt or delete data, erase your hard drive, steal personal information, hijack your screen and spam your contacts to spread itself to other users. Usually, a Virus is received as an attachment on an email or instant message.

_______________________________________________



Early this morning, Hoboken Councilwoman Jen Giattino's personal Gmail account was hacked.

Stay tuned, it gets interesting....

At 4:41 AM, GA was BCC-ed on an email signed "Jennifer Giattino, Hudson Place Realty..." The email read:
Please kindly view an important document which i sent through Secure PDF. Please check and advise if any issues, or confirm if OK
The email had an Adobe .PDF icon and links to "View" and "Download."


A second, nearly identical email came at 7:36 AM signed "Jennifer Giattino, Hudson Place Realty..."


Listen to me.

NEVER NEVER NEVER "click" on a link emailed to you even if even the message is signed "Your loving MOTHER."

First, ask  yourself: "Why would my mother be sending me a link to "Girls Gone Wild" on VHS?"  Remember that Mama doesn't have a computer.  Remember she's in Bora Bora.

DO NOT CLICK ON unexpected e-mail LINKS until you verify the SOURCE.  Just because someone signs "Your loving Mama" (or "Jen Giattino") doesn't mean it was sent by your loving Momma (or "Jen Giattino")  I'll bet the sender doesn't love you at all.

Think.  Why the hell would Jen email you a document from her "workplace" in the middle of the night?  When an email appears 'off' that's because it is.  I don't want to embarrass individuals, but if you have contacted Giattino to tell her "the link didn't work" then I AM talking to you.

You clicked.  Who knows if you got infected with some lurking Trojan or nasty virus?  GA is not kidding.  If you clicked on that link, you should run your virus scan/cleaner.

 But hey, don't listen to me.  This information about email threats is on the Symantec website:

click image to read

Back to the story...

At 7:49 AM I forwarded the suspect email to "JGiattino@HudsonPlacerealty.com"  with the message:


Hi Jen. I've gotten 2 of these emails from you... it looks like a virus. You may want to warn folks not to click on the link.

Hope all's well.

Nancy


At 7:51 AM, the hacker replied:
 No nancy its not a virus, did you view the document ?


I replied...


And...


Well folks, I called Giattino. 

Jen confirmed she'd been hacked and was quite surprised to hear that she'd "replied" to me.  I forwarded the 'reply' email for her use.

It appears the hacker came in though her personal email account, like an open door, and accessed her workplace email account.   From there, the chatty hacker replied to me as Giattino at her place of business.  

Isn't that a crime?  I think so.

After I spoke to (the real) Jen, I sent this to the fake one:


And that concludes the Strange Tale of Jen's Chatty Hacker!

7 comments:

  1. Delete the emails and empty your Trash and Recycle bin.

    ReplyDelete
  2. This happened to a friend of mine once. If you check your sessions log on gmail (bottom right of the page) you can see what IP address logged into your account and the times it did so. My friend was hacked by someone overseas who re-routed everything a few times. But if it's local, you'll be able to tell.

    ReplyDelete
    Replies
    1. Thanks, snoopy!

      Jen, are you listening? Wow, I didn't know about Gmail's sessions log.

      Delete
  3. Interesting squib I found on line:

    New Jersey has a unique parallel statute to the Federal Computer Fraud and Abuse Act 18 USC § 1030 , which, unlike the federal statute, explicitly allows the prevailing party to recover not only compensatory damages but also punitive damages and “the cost of the suit, including a reasonable attorney's fee . . . .” N.J.S.A. 2A:38A-3 (emphasis added).

    The New Jersey Statute thus provides an extraordinary opportunity for practitioners to potentially shift court costs. Last year, the New Jersey Supreme Court in Fairway Dodge, LLC v. Decker Dodge, Inc., 191 N.J. 460 (2007) and the U.S. District Court for the District of New Jersey in P.C. Yonkers, Inc. v. Celebrations! the Party and Seasonal Superstore, LLC, 2007 W.L. 708978 (DNJ March 5, 2007) interpreted the New Jersey Statute, including the provision for attorneys fees and punitive damages.

    ReplyDelete
    Replies
    1. Could be useful if the ip can be traced, it's domestic and Hudson Place Realty wants to prosecute. Thanks.

      Delete
  4. I don't even open emails that look suspicious. They go straight to trash and then get deleted.

    It's possible you were actually talking to a computer program that captured your name from your address and put it into a canned response.

    ReplyDelete
  5. You sure showed them.

    ReplyDelete