Sir Sel pwede mo po ba akong turuan mag-hack ng Yahoo! Email? Kasi duda ako na may kabit ang asawa ko nakachat niya lagi. …

My Answer

Thank you for requesting something from me. This shows that you trusted me.

However, I am afraid I couldn’t teach you how. To let you know, hacking someone’s email account is illegal. Secondly, email accounts from Yahoo, Gmail and Hotmail couldn’t actually be hacked by directly attacking the email system.

And I just want to warned you not to ask help from someone who offers a hacking service because they’re intention is not to do what you have requested but to get something from you.

You might ask me this: But I learned that you were a victim of hackers, isn’t it true that there are really hackers who can hack email accounts?

It might be true that my selaplana@yahoo.com account was hacked last 2004. But I think, the real problem was not in the Yahoo Email system but in my password. I was using before a very simple password, and I think, the hacker successfully guessed it.

My Advice

If you really think that you’re wife has been dishonest to you, hacking her email account is not the solution. You must talk to her patiently. Show to her that you really care  about your relationship. Don’t hurt her but show your love to her.

And pray to God for His guidance.

Here’s the screenshot of the SERP when searching for the “www.prc.gov.ph“.

And right below the title of the website, Google placed this comment “Ang site na ito ay maaring makasama sa computer mo (my translation: This site may cause harm to your computer)“.

But what really are the causes why Google considered the PRC’s official website as harmful?

The flag, “This site may harm your computer”, is Google’s way of protecting its users from the harm brought by websites that install malicious codes in the background or the websites that are promoting harmful websites.

In other words, if your website is flagged in the search engine result page, then it only means either of the two: (1) contains or simply spreads malicious codes; (2) linking to a harmful websites.

But in the case of the PRC’s official website, the flag by Google to the website could mean that Google found malicious codes from the website itself especially that the said website offers documents and forms in ZIP and PDF files.

What I means is that maybe some of the files hosted by the site are infected by malicious programs like virus, trojan, worm, etc.

In the Google Safe Browsing – Diagnostic page for www.prc.gov.ph, we’ll find this information:

What is the current listing status for prc.gov.ph?

Site is listed as suspicious – visiting this web site may harm your computer.

Part of this site was listed for suspicious activity 1 time(s) over the past 90 days.

What happened when Google visited this site?

Of the 89 pages we tested on the site over the past 90 days, 2 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2009-08-01, and the last time suspicious content was found on this site was on 2009-07-14.

Malicious software includes 4 scripting exploit(s), 4 trojan(s), 4 exploit(s).

Malicious software is hosted on 2 domain(s), including gamemaill.com/, f1y.in/.

1 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including f1y.in/.

This site was hosted on 1 network(s) including AS9658 (ETPI).

But sometimes the flag is false. Maybe Google identified something from the site as malicious code but in reality it’s not.

However, we still need to check our site just to make sure that it’s really safe because while your site is still flagged by Google, then you might lose a lot of traffic that should be driven into your site.

Remember that when clicking  a flagged website from the SERP, instead of redirecting you to the website, Google will direct you first to a warning page that is shown like the screenshot below:

Those who understand what are written on that warning page will of course decide to return to the SERP instead of visiting your site.

And while you’re losing visitors, you’re also losing income.

In checking whether your site or blog is harmful or not, use a site-advisor tool. Here’s few of the site-advisors I knew:

1. McAfee Site Advisor.
2. Norton Site Advisor.

But the best thing to do is to use the Google Webmasters’ Tools. It’s Google that flags websites in the search results, so it’s Google that can help us identify the file or the webpage in our site where it found something wrong.

Once you checked and corrected the problem, file a reconsideration request at Google Webmaster Central and explain in your letter what have you done to correct the problem and why Google should remove the flag on your site.

how are you
I would like to introduce you a very good trade company . I bought the electronic products from them recently.
All the products are original and high quality .and they have good after-sales-service.
Please take some time to have a look: www.nimoyf.com .May be you can get more profit.
E-mail:nimoyf@vip.188.com
Sincerely
Sustines

Well, that’s how they make money online.

Now, people with similar brain-content with those who hacked my email account are currently making money online by hijacking someone’s twitter account using a worm called “Koobface“.

Previously, Koobface worm targets facebook and MySpace users only. Now, the program of this worm has been modified so that it can manipulate twitter accounts.

Actually, the Koobface worm does not infect your twitter account but your PC only. However, once you are using a Koobface-infected PC in logging in to your Twitter account, then that will be the time that Koobface worm takes over your Twitter account and automatically publish tweets with links to malicious websites that have Koobface codec. If someone follow the links in the Koobface tweets in your Twitter, the Koobface codec will be  automatically installed to his PC, thus the infection spreads.

Koobface worm is actually utilizing the shortened URLs used in tweets. So, you better be careful in following links from tweets.

For more info regarding the Koobface worm, kindly visit the blog of Pandalabs.

Morro will directly compete with the anti-virus products of McAffee, Symantec, etc, but it will be a free to use product not like that of the McAffee or of the Symantect wherein you need to pay the yearly subscription.

But, do we need the Morro when in fact there are already lots of free antivirus available online?

According to the Microsoft, Morro will offer basic features in fighting against the wide range of viruses which is common to other paid antivirus products.

There are other free anti-virus products like that of the AVG, but there are limitations on it set by the company so that users of the free anti-virus will be forced to pay certain amount in exchange of getting more features on the anti-virus software.

With that, I can say that maybe you really need the Microsoft’s Morro Anti-Virus and that this anti-virus will be advantageous to you.

However, in my case, I think, I don’t need it anymore.

I am currently using the combination of DeepFreeze plus AVG Free Anti-Virus. With this combination, my computer is already safe to viruses, spywares, trojans, malicious bots, adwares, and any other malicious softwares.

The DeepFreeze software is responsible in freezing the harddrive so that those malicious softwares that successfully avoided the AVG (free) anti-virus will still be kicked off whenever the computer rebooted. While AVG free anti-virus software is responsible in detecting malicious softwares and then automatically quarantine them.

And if I want to visit harmful websites, I use another combination for the security of my computer. This time, this is the combination of the DeepFreeze, AVG Free Anti-Virus and Mozilla Firefox. With this setup, I am not worrying that my computer will be infected by adwares, spywares, or trojan that automatically install into the computer while visiting those harmful websites.

how are you
I would like to introduce you a very good trade company . I bought the electronic products from them recently.
All the products are original and high quality .and they have good after-sales-service.
Please take some time to have a look: www.nimoyf.com .May be you can get more profit.
E-mail:nimoyf@vip.188.com
Sincerely
Sustines

This message was actually set as the default message in my email signature. But the question is: who changed my email signature?

I did check the WhoIs information of the domain, “NIMOYF.COM” and I found out that the registrant of this domain is coming from Beijing, China.

Registrant Contact:
wangxian
xiang wang
010-58344173 fax: 010-58987487
beijin
beijin beijin 160000
cn

Administrative Contact:
xiang wang
010-58344173 fax: 010-58987487
beijin
beijin beijin 160000
cn

Technical Contact:
xiang wang
010-58344173 fax: 010-58987487
beijin
beijin beijin 160000
cn

Billing Contact:
xiang wang
010-58344173 fax: 010-58987487
beijin
beijin beijin 160000
cn

DNS:
ns1.4everdns.com
ns2.4everdns.com

Created: 2009-03-23
Expires: 2010-03-23

Because of this information, I am suspecting that a hacker hacked my Yahoo Mail account. But how?

I think, the hacker who hacked my Yahoo Mail account used a special program in hacking email accounts. This hacker is not just guessing on what might be the password that I was using for that Yahoo Mail account because I am using special characters as part of the password.

Now, if the hacker really used the software in hacking email accounts, then I might not be the only victim here. So, I googled the sentence below:

I would like to introduce you a very good trade company . I bought the electronic products from them recently.

It’s enclosed with the quotation mark so that Google will search webpages that contains exactly the texts above. And the result showed that there are other people in the internet who talked about it already. And they experienced what I experienced.

So, maybe the hacker used malicious programs in getting the username and password of the victim’s email accounts like Trojan, Keyword Logger, etc.

Babala- ang pagdalaw sa web site na ito ay maaaring makasama sa iyong computer!
Mga mungkahi:

* Return to the previous page and pick another result.
* Try another search to find what you’re looking for.

Or you can continue to kameraworld.com.ph at your own risk. For detailed information about the problems we found, visit Google’s Safe Browsing diagnostic page for this site.

For more information about how to protect yourself from harmful software online, you can visit StopBadware.org.

Actually, Google showed this message to me because when I am going to visit the site, I searched it first through the Google Search Engine.

The Trojan Downloader activates when the infected page is opened using the web browser. You will know that the page is infected if the page shows the following message:

Not Found
The requested URL / was not found on this server.

The Trojan then decrypts its body and launches the malicious script for execution. The Trojan then uses the vulnerabilities listed below:

1. a buffer overflow in the Live Picture Corporation DXSurface.LivePicture.FlashPix.1 ActiveX control in DXTLIPI.DLL when processing “SourceUrl()” (CVE-2007-4336)
2. in the Windows Media Player plug-in, when processing an excessively long “src” parameter in the “embed” tag (MS06-006). The vulnerability is present when the plug-in is launched in browsers which are not Internet Explorer.
3. in the QuickTime.QuickTime” ActiveX object (CVE-2004-0431);

This is to download a file called “ldr.exe” from the URL shown below:

http://java62.com/load.php****

This file is 48640 bytes in size. It will be detected by Kaspersky Anti-Virus as Backdoor.Win32.Agent.ich. This file will be saved to the Windows system directory under the following name:

%System%\~.exe

The file is then launched for execution. The Trojan then uses the “Msxml2.XMLHTTP” ActiveX object, and the objects which have the following unique identifiers in the system registry:

{BD96C556-65A3-11D0-983A-00C04FC29E30}
{BD96C556-65A3-11D0-983A-00C04FC29E36}
{AB9BCEDD-EC7E-47E1-9322-D4A210617116}
{0006F033-0000-0000-C000-000000000046}
{0006F03A-0000-0000-C000-000000000046}
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
{6414512B-B978-451D-A0D8-FCFDF33E833C}
{7F5B7F63-F06F-4331-8A26-339E03C0AE3D}
{06723E09-F4C2-43C8-8358-09FCD1DB0766}
{639F725F-1B2D-4831-A9FD-874847682010}
{BA018599-1DB3-44F9-83B4-461454C84BF8}
{D0C07D56-7C69-43F1-B4A0-25F5A11FAB19}
{E8CCCDDF-CA28-496B-B050-6C07C962476B}

This is to download a file called “ldr.exe” from the link shown below:

http://java62.com/load.php?MSIE

It uses the “ADODB.Stream” ActiveX object to save this file under the following name:

c:\sys.exe

rnd – four random Latin letters Example:
syskmtz.exe
syskqoq.exe

The downloaded file will then be launched for execution.

To protect your computer from Trojan-Downloader, you need to install Shield Deluxe and Security Shield.

Your files are encrypted with RSA-1024 algorithm.
To recovery your files you need to buy our decryptor.
To buy decrypting tool contact us at: ********@yahoo.com

Experts recommend that all Internet users enable maximum protection from malicious code and network attacks on their computers and refrain from executing suspicious programs received from untrustworthy sources.

Detection of Virus.Win32.Gpcode.ak was added to Shield Deluxe and Security Shield signature databases yesterday, on June 4th, at 15:39 GMT. Please make sure to update if you haven’t already.

If you haven’t installed yet Shield Deluxe and Security Shield, then you need to download it now.

Best Way To Shop Online (note: these keywords is linked to an online store)

These are our lowest prices of the year — but they won’t last long. So take advantage of these incredible savings now and stock up on all your favorite products.

SAVE BIG on holiday gifts too with gift subscriptions for everyone on your list — family, friends and co-workers.

At just $5 these are terrific as main gifts or stocking stuffers. Click here to start shopping now and don’t forget to pass this offer along and let everyone know what a great deal you’ve found. Happy saving!

Limited-time offer…Act now!

Well, it’s a spam-email. Spammers use my email address as the sender of this spam-email. But why? Am I really popular for them to use my email to fool the people that I am endorsing their poor company?

If you received similar email using my email address, FYI, I am not the real sender of it. I’m sorry but spammers love my email address.

Dear Account User,

This Email is from Yahoo! Customer Care and we are sending it to every Yahoo! Email User Accounts Owner for safety. we are having congestions due to the anonymous registration of Yahoo! accounts so we are shutting down some Yahoo! accounts and your account was among those to be deleted.We are sending you this email to so that you can verify and let us know if you still want to use this account. If you are still interested please confirm your account by filling the space below. Your User name,Password,Date Of Birth (DOB) and your Country information would be needed to verify your account.

Due to the congestion in all Yahoo! users and removal of all unused Yahoo! Accounts, Yahoo! would be shutting down all unused Accounts, You will have to confirm your E-mail by filling out your Login Information below after clicking the reply button, or your account will be suspended within 24 hours for security reasons.

* User name: …………………………

* Password: …………………………..

* Date of Birth: ……………………….

* Country Or Territory: …………….

After following the instructions in the sheet, your account will not be interrupted and will continue as normal. Thanks for your attention to this request. We apologize for any inconveniences.

Warning!!! Account owner that refuses to update his/her account after two weeks of receiving this warning will lose his or her account permanently.

Of course it looks like legitimate email especially if the email user who receive this email will consider the email address where this email is coming from. If you’ll read the last part of it, it says, “Warning!!! Account owner that refuses to update his/her account after two weeks of receiving this warning will lose his or her account permanently” it seems that the email users will get nervous and will immediately reply it by sending their personal information.

Now, if you already had replied this, then you’ll definitely loss your precious email account.

Why?

It’s because, it is another email scam. Just look at the information they’re asking you: “username, password, date of birth and teritory.” If you freely give your username and password, then scammers can easily access your account and own them.

Now what will happen next?

First, scammers will scan the entire content of your email to find ways on how to utilize them. They can use this in black-mailing you… for extortion… to access your personal financial accounts… and a lot of things. Now, what if your email is the one used in your paypal account. Once they have your email account, then your paypal will be next.

For your information, my Pasugo-Online.NET website was hacked in 2004 because the hackers successfully hacked my email account (selaplana@yahoo.com) which is connected to that website. And not only that, I also lost my personal website which I started building since 1999 (geocities.com/selaplana).

My other posts related to this:

• Won Euro Millones Lottery International Email Address Draw
• I Won From Lottery Again?
• Links in Emails? Be Careful!
• Scams Through the Email
• SMS Scam Again
• Ms. Enriquez Impostor is Making Money Online