- By Paul Solman
PBS NewsHour business and economics correspondent Paul Solman frequently answers questions from Next Avenue visitors about personal finances, business and the economy. But today he is writing a personal tale. His advice appears on Next Avenue as well as Solman’s PBS NewsHour blog, Making Sen$e With Paul Solman, and the Rundown, NewsHour‘s blog of news and insight.
Do you have a question for Paul Solman? Email it to us and we’ll pass it along.
What follows is of a personal nature and only loosely within the ambit of economics, but friends have suggested it may be of general interest and even some use.
What the Hacking Message Said
On Wednesday night, at about 11 p.m., all previous emails and contacts vanished from my Yahoo! Mail account, which I have relied upon since the advent of email lo these many years. The next morning, friends began reporting that they had received the following message from my account:
I’m writing this with tears in my eyes, I came down to London, United Kingdom for a short vacation. Unfortunately, I was mugged at the park of the hotel where I stayed, all cash and credit card were stolen off me but luckily for me I still have my passport with me.
I’ve been to Police here but they’re not helping issues at all and my return flight leaves in few hours from now but I’m having problems settling the hotel bills and the hotel manager won’t let me leave until I settle the bills. Well I really need your financial assistance.
Please let me know if you can help me out?
I’m freaked out at the moment.
(MORE: Stop Thief! That’s My Identity!)
Now the first time you receive one of these from a friend — and I’ve gotten several — the natural reaction is to sympathize, to reach out. But as my contacts had been wiped by the hackers, I had no way to reassure people en masse that this was a hoax.
What Happened if People Responded
Moreover, the hackers had reset my “options” so that any replies automatically went to a slightly altered email account they had set up: my name, but with a period instead of an underscore between Paul and Solman.
I still don’t know if anyone was taken, though I changed my password promptly and fixed the “Reply To” default.
Why I Stuck With Yahoo Mail
Associates have been puzzled by my allegiance to Yahoo given its increasingly retro status. And presumably, they don’t even know about the ads that try to tempt me with available singles in “West Newton,” attentive to my whereabouts but impervious to either my age or standing as the world’s most contentedly uxorious mate.
So why would I rather stick than switch?
“Path dependency,” I explained. “Transaction costs.”
I’ve grown accustomed to the interface. I know where the Yahoo settings are. My contacts list has swelled over the years; my folder list runneth over. What old dog has the time or energy to export, import, file transfer, learn new tricks?
Yes, I have a NewsHour.org account, but to tell you the truth, it makes me hungry. Honestly. Every day, order-out lunch menus are posted for the staff at HQ in Virginia. Unfortunately, delivery to me here in Boston is — how to put this? — impractical.
Switching My Email Account
So I am trying to switch at last to a long-held, mostly dormant, Google Gmail account, as urged by numerous Twitter followers, including the savvy Vivek Wadhwa, who tweeted: “I switched over to Google — far ahead of Yahoo in security, authentication, features. Also excellent spam filters.”
My esteemed friend, Professor Terence Burnham of Chapman College, replied: [email protected] is a terrible signal — out of touch. For now @gmail is okay/good. Welcome!”
And a very old friend wrote: “A few people I know — all on Yahoo — have been hacked with the same story premise. Yahoo was not at all helpful; and their security stinks.”
It Could’ve Been Worse
But looking on the bright side, my friend Lisa, the architect, wrote:
“At least your hack was a sob story and not sending porn to all your clients … as happened to my account last year.”
And I must admit: The flood of emails and phone calls has reconnected me with a lot of old friends. Net net, not a bad experience at all, so long as no one got taken.
As for my switch to Google Gmail, the transfer of contacts has proved easy enough. But after trying to alert several hundreds of the many people on my email list, Gmail shut me down for more than 24 hours.
So, if you know anyone who might be on my email list, I’d appreciate your alerting them to this post.
Paul Solman is a member of the Twitterati and can be followed at [email protected]. His daily blog can be followed, well, daily at Making Sen$e by linking here or just Googling the words: “Making Sense.”
Advice From Next Avenue
Next Avenue readers report similar experiences. Below are some additional suggestions for what to do when your email account has been hacked. — Richard Eisenberg, senior Web editor of Next Avenue’s Money & Security channel
After your email is hacked, contact your email provider. Twitter’s help page has links to the support pages of major email services. Also, report the hacking to the Federal Trade Commission at ftc.gov/complaint or call (877) FTC-HELP.
If you want to continue using your email service, replace your password with one that will be hard for hackers to guess. For example, use a mix of numbers, symbols and letters instead of your date of birth or last name. The Federal Trade Commission recommends using a password with at least 10 characters.
Remember that all email services can be compromised, so you’ll never be fully safe. If your Gmail account is hacked, change your password by choosing Mail Settings, Accounts and Imports, then Change Password.
Once one email account has been broken into, change your passwords for others you have as well as your online financial accounts. That’s because those accounts could be at risk as a result of the hacking.
Install a free or low-cost firewall. That can help stop intruders from gaining access to your PC in the future.
Download and frequently update security patches you receive. They could correct weaknesses a hacker might exploit.
Finally, shut down your PC when you are not using it. The more time your computer is off, the less time hackers will have to get into your email account.