Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: Screen Name Hijack; What's Up With This CC?

  1. #1
    Senior Member Tim C.'s Avatar
    Join Date
    Oct 2002
    Location
    New Jersey
    Posts
    2,154
    Blog Entries
    1

    Angry Screen Name Hijack; What's Up With This CC?

    It's happening again. i originally had this going private to the moderator, then thought it might be more effective this way.
    while researching back for some info related to a particular post i made a month or so ago, i'm discovering a few posts that did not come from me. definitely not.
    mind you it's no capital crime i suppose, but it does piss me off because the posts are not mine. the subject matter of the posts vary, but mainly consist of off-color comments, a dark sarcastic manner that i find strange for a prankster. i actually discovered it a few weeks ago. i didn't bother calling it out, thinking well, possibly it was me while under the influence of ambien, ;] seriously however, upon checking further, the dates a times-of-day don't line up. so i'm perplexed. i checked with my family until i realized how stupid of me to even think this. then i thought all internet stuff is traceable with ip addresses to each terminal, are they not? anyway, i just don't see what the purpose is by posting on my screen name. the posts are made of one-line type responses to other's. i figured to ignore it and maybe the joker will stop. don't draw attention to it, right?
    this happened once before and actually dr wise brought it to my attention. i thought to change my screen name but ended up just changing my password.
    question is, has this this happened to anyone else? and what should i do about it?

  2. #2
    Tim, Jim or Dr. Young may be able to help you, but if you could post a link to any of these hijacked posts (or send as a PM) this would be a big help. I can only find one member named Tim C. (thought maybe there would be a Tim C). Also, you might want to log out, then log in again, go to your profile, and change your password if you have not tried this already. It won't do anything about past posts, but could prevent future ones, esp. someone has discovered your password (be sure the new one is sufficiently strong).

    (KLD)

  3. #3
    Also wouldn't hurt to do periodical anti-malware and anti-virus checks with up to date software.

  4. #4
    Also when members reply to a spammer sometimes Spammers Mirror literally clone and all heck happens ...They got nothing better to do ...
    If you suspect a spammer contact mod's via pm and Admins asap

    Sorry you got hijacked

    There are lot's of losers out there / up to no good

  5. #5
    Tim, unfortunately, I don't think that we have the software to analyze the IP address of each post that was made by a user who signed in with your username and password. What I suggest is that you change your password immediately and not let anybody know what it is.

    Wise.

    Quote Originally Posted by Tim C. View Post
    It's happening again. i originally had this going private to the moderator, then thought it might be more effective this way.
    while researching back for some info related to a particular post i made a month or so ago, i'm discovering a few posts that did not come from me. definitely not.
    mind you it's no capital crime i suppose, but it does piss me off because the posts are not mine. the subject matter of the posts vary, but mainly consist of off-color comments, a dark sarcastic manner that i find strange for a prankster. i actually discovered it a few weeks ago. i didn't bother calling it out, thinking well, possibly it was me while under the influence of ambien, ;] seriously however, upon checking further, the dates a times-of-day don't line up. so i'm perplexed. i checked with my family until i realized how stupid of me to even think this. then i thought all internet stuff is traceable with ip addresses to each terminal, are they not? anyway, i just don't see what the purpose is by posting on my screen name. the posts are made of one-line type responses to other's. i figured to ignore it and maybe the joker will stop. don't draw attention to it, right?
    this happened once before and actually dr wise brought it to my attention. i thought to change my screen name but ended up just changing my password.
    question is, has this this happened to anyone else? and what should i do about it?

  6. #6
    Do you have your PC set up so that it remembers your password and you don't have to enter it every time you log in to CC? Mine is. If so, could anyone else have access to your PC?
    - Richard

  7. #7
    Senior Member Tim C.'s Avatar
    Join Date
    Oct 2002
    Location
    New Jersey
    Posts
    2,154
    Blog Entries
    1

    Thanks for replying, I was found it was a former weekender.

    Yeah, a former part time caregiver, thinking he was clever. He wanted me to think I was more forgetful than I really am. I started numbering the posts as per SCI nurse when it dawned on me. I had a suspicion, but then became convinced when I saw a few eBay auctions pending. If I began bidding eBay auctions that I forgot about, I'd lock myself up. Nah, I'm not that bad yet. It's only the second time it's happened, but just because he saw me frequently reading CC (i read much more than post) he thought to sub comments, stupid ones too. It shows he reads CC? I called him today and he laughingly admitted to it. What for? What a flipping jerk. This happened several years ago too. Like I'm not dealing with enough these days?
    Thanks guys

  8. #8
    Senior Member ~Lin's Avatar
    Join Date
    Nov 2011
    Location
    Indianapolis, IN
    Posts
    3,070
    You said former, did you fire him over this or was he doing this because he was upset about being fired? I guess im asking which came first lol.
    Board Member of Assistance Dog Advocacy Project working in Education. Feel free to ask me any service dog questions!

    I am not paralyzed. I have a genetic connective tissue disorder with neuro complications and a movement disorder.

  9. #9
    Senior Member Tim C.'s Avatar
    Join Date
    Oct 2002
    Location
    New Jersey
    Posts
    2,154
    Blog Entries
    1

    My oversight guys. It's not that I hand out my passwords, etc.

    Quote Originally Posted by ~Lin View Post
    You said former, did you fire him over this or was he doing this because he was upset about being fired? I guess im asking which came first lol.
    My failure lies in observing the proverbial "honor system". Being the soul proprietor and only user of my computer as my main portal to the world outside my little home, everyone including my primary live-in, as well as regular 2x mo. weekend caregivers come equipped with their own portals. (Lest I'd happily loan them a spare from my inventory of laptops). Still, there comes the occasion I must draw upon the dangerous labor pools of the unknown caregivers when I'm in a bind as a fill in. Still again, I must say I've been rather lucky in this regard by not getting stuck with any "Hannibal Lecter" types caring for me. That said, when I find myself being cared for by an unknown entity, I think to get good if I give good. So I let the guy use my laptop to check his email during his downtime, what harm...?
    Moral of story peoples, make sure you first log out!
    Yeah, practical joke from weird sense of humor.

  10. #10
    Senior Member zagam's Avatar
    Join Date
    Jan 2007
    Location
    Western Australia - Hammer wielding daemon
    Posts
    619
    Browsers with JavaScript are vulnerable to MITM attacks. You go to a dodgey site with JavaScript. You are pwned. Then you enter your credentials to this site. These are then sent via the attackers proxy and harvested. TLS won't help you as JavaScript will downgrade your TLS and proxy will still talk to site in strong TLS.

    The only fix is to disable JavaScript. I hope you did not use your CC screen name and password in other apps. TLS also needs to be fixed client side.

    This is not the same as the arbitrary code execution issue in Java that caused Apple to drop it. I have not seen successful arbitrary code execution in the wild. To do this you need to get lucky with placement of location independent code in an executable text segment. Getting x86 code to run this way is a challenge.

    It is JavaScript extension language that in the guts of the browser that is real problem. This has caused similar problems to others such as VBA which enabled the macroviruses and is never used for anything useful.

    If low level HTML DTDs were compiled in to browsers and websites used low level HTML then this problem would not exist. My favourite browser is Lynx and any site that does not work with it is defective and therefore webmasters should be informed. (I like HTML 2.0, tables, etc. as documented in plaintext RFCs at the IETF. Blame the W3C and send them the bill.)

    These attacks have been used on employees where I work. The credentials have then been used by spam bots to send spam though our email server.
    Last edited by zagam; 12-25-2012 at 10:10 PM. Reason: Quincy McGoo and those little words

Similar Threads

  1. How did Microsoft Hijack
    By Cris in forum Life
    Replies: 0
    Last Post: 03-02-2005, 07:25 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •