Strict Standards: Static function JDatabase::test() should not be abstract in /home/lyonsdig/public_html/libraries/joomla/database/database.php on line 350

Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /home/lyonsdig/public_html/libraries/joomla/database/database.php:350) in /home/lyonsdig/public_html/libraries/joomla/session/session.php on line 462

Strict Standards: Accessing static property JCache::$_handler as non static in /home/lyonsdig/public_html/libraries/joomla/cache/cache.php on line 394

Strict Standards: Accessing static property JCache::$_handler as non static in /home/lyonsdig/public_html/libraries/joomla/cache/cache.php on line 396

Strict Standards: Only variables should be assigned by reference in /home/lyonsdig/public_html/plugins/system/mobilebot/mobilebot.php on line 32

Strict Standards: Only variables should be assigned by reference in /home/lyonsdig/public_html/plugins/mobile/terawurfl/terawurfl.php on line 47

Strict Standards: Only variables should be assigned by reference in /home/lyonsdig/public_html/plugins/system/mobilebot/mobilebot.php on line 519

Strict Standards: Only variables should be assigned by reference in /home/lyonsdig/public_html/plugins/system/mobilebot/mobilebot.php on line 544

Strict Standards: Only variables should be assigned by reference in /home/lyonsdig/public_html/plugins/system/mobilebot/mobilebot.php on line 300

Strict Standards: Only variables should be assigned by reference in /home/lyonsdig/public_html/plugins/system/mobilebot/mobilebot.php on line 308

Strict Standards: Only variables should be assigned by reference in /home/lyonsdig/public_html/plugins/system/mobilebot/mobilebot.php on line 327
Spoofing, Spamming, and Your Account Security

Lyons Digital Media, Home

Spoofing, Spamming, and Your Account Security

securityThis past week, we received an email abuse report from our data center. We always take these issues quite seriously and investigated the report. The spam emails were coming from our server. We were able to verify this by looking at the header information of the email messages, which clearly showed them passing through our customer's server even though the email account listed as the sender appeared to be bogus.

The messages were sent from an email address that had been compromised. An email account had been hacked by brute force and the spammers used the account to send mail under various aliases through the customer's server.

Following security procedures, we changed the password on the account to a new secure password, notified the customer of the issue, and monitored the mail flow to insure that no more messages were being sent by the account.

 

Email Spoofing

We hear about, and see, email messages that appear to have been sent by customer accounts. You may even get emails from yourself, that you know you did not send. When this happens, your email account is being spoofed.

Email spoofing occurs when a malicious sender impersonates a legitimate email address, usually by forging the 'sent by' alias or Display Name of the account without actually using that person's email server. For example, let's say your email messages always go out as Bob Martin ( This e-mail address is being protected from spambots. You need JavaScript enabled to view it. ). A spoofed email may still say it's from Bob Martin, but a closer look at either the detailed address book data or the full header information of the message will show that the actual sending account isn't legitimate: Bob Martin ( This e-mail address is being protected from spambots. You need JavaScript enabled to view it. ). You can also look at the header information and determine that the sending server was not yours (or your friends').

Generally speaking, you can mark these messages as 'junk' because the junk filters in most email accounts will analyze the email account not the alias. Unfortunately, we can't stop the spoofing, but you can use sender authentication to reject the incoming bounces.

What Can You Do?

Persons bent on malicious web activity have become more skilled and more determined. As a result, all end users of web services need to step up their game to secure their site and email. We strongly recommend the following:

  • If your default email or website login account is generic-sounding (admin, administrator, info, sales, etc.), change it to something much less generic.
  • Always use secure passwords for all your logins. 
  • Do not repeat the same password across different login accounts.
  • Change your passwords often.
  • Use a password vault program like 1Password to store your passwords, online identity information and more. These type of programs may also generate secure passwords for you.
  • Review the email accounts you have set up in your account cPanel. Are there unused accounts that appear to have a lot of mail stored in them? Check them to see if they've been compromised. 
  • If an email account is unused, but needs to be kept for archival purposes, set up a forwarder so that all mail addressed to that account goes to you or another person in your organization. Once the forwarder is set up, delete the email account so that it isn't a target for malicious activity.
  • Keep your software up to date, especially web programs like Joomla, Wordpress, Drupal, etc. Subscribe to the security newsletters for the program you use so that you get notified whenever a security update is available. 
  • Don't use third-party toolbars in your web browser unless you are absolutely sure of the origin and quality of the company providing the toolbar. This is especially true if you use Internet Explorer. These add-on toolbars are often used as a quick and easy way to gain access to your computer.
If you notice any suspicious activity in your Lyonshost account, please notify us immediately. We'd rather take a few minutes to check out your account and find nothing, than spend hours chasing a hacker out of your website account.