Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Ask Slashdot: What To Tell Non-Tech Savvy Family About Malware?

timothy posted about a year and a half ago | from the tell-them-you-made-all-of-it dept.

Privacy 340

First time accepted submitter veganboyjosh writes "I got an instant message from an uncle the other day, asking me what was in the link I sent him. I hadn't sent him a link so I figured that his account had been hacked and he'd received a malicious link from some bot address with my name in the 'From' box. This was confirmed when he told me the address the link had come from. When I tried explaining what the link was, that his account had been hacked, and that he should change the password to his @aol.com email account, his response was 'No, I think your account was hacked, since the email came from you.' I went over it again, with a real-life analog of someone calling him on the phone and pretending to be me, but I'm not sure if that sunk in or not. This uncle is far from tech savvy. He's in his 60s, and uses Facebook several times a week. He knows I'm online much more and kind of know my way around. After his initial response, I didn't have it in me to get into the whole 'Never click a link from an unfamiliar email address' bit; to him, this wasn't an unfamiliar email address, it was mine. How do I explain this to him, and what else should I feel responsible for telling him?"

cancel ×

340 comments

Nothing (-1, Troll)

Anonymous Coward | about a year and a half ago | (#42305223)

Get them a mac and be done with it.

Re:Nothing (5, Informative)

Grishnakh (216268) | about a year and a half ago | (#42305281)

This used to be good advice, because Macs were such a small share of the market that the malware authors didn't bother with them. This isn't quite so true any more.

If you want to get them a platform that won't be targeted by malware authors for quite some time, install Linux Mint on their PC. As a bonus, it won't cost anything extra (unless they have some shitty printer that has no Linux support, but a new Linux-compatible printer is much cheaper than a new Mac). As an extra bonus, you can install the KDE version of Linux Mint and assuming they're coming from XP or Win7, they won't even have to learn a whole new GUI paradigm.

Re:Nothing (1, Interesting)

hendridm (302246) | about a year and a half ago | (#42305619)

This used to be good advice, because Macs were such a small share of the market that the malware authors didn't bother with them. This isn't quite so true any more.

It is true that Macs are not (relatively) free from threats anymore, but damn, they sure have a lot fewer to deal with. No?

Re:Nothing (5, Insightful)

lucm (889690) | about a year and a half ago | (#42305685)

This used to be good advice, because Macs were such a small share of the market that the malware authors didn't bother with them. This isn't quite so true any more.

It is true that Macs are not (relatively) free from threats anymore, but damn, they sure have a lot fewer to deal with. No?

Not anymore. Remember that story posted not so long ago?
http://thenextweb.com/microsoft/2012/11/02/microsofts-security-team-is-killing-it-not-one-product-on-kasperskys-top-10-vulnerabilities-list/ [thenextweb.com]

Apple is on that list twice (QuickTime and iTunes). Adobe is there a lot. No Microsoft products.

Feel free to bring the conspiracy/fraudulent research theories but really it's time people move on with old stuff.

Re:Nothing (0, Funny)

Anonymous Coward | about a year and a half ago | (#42305665)

Hacks always go after the widest distribution and so naturally Windows XP/Vista/7 are affected much more than Mac's since they are still a much larger percentage of the online systems today.

By that logic, I would recommend they use Windows 8. Nobody uses it! Not for long anyway...

Re:Nothing (0)

matunos (1587263) | about a year and a half ago | (#42305725)

Yep, that way instead of having to explain email to his uncle, he gets to explain Unix, and Open Office, etc.

Re:Nothing (4, Informative)

Runaway1956 (1322357) | about a year and a half ago | (#42305751)

Browser hijacks and browser vulnerabilities are exactly that, and have little to do with which operating systems they are being run on. Phishing attempts work on any operating system. My own operating system has been one flavor or another of Linux for many years now, and I have to be cautious. Mac, Windows, Unix, Solaris, Linux, DRDOS, MSDOS 6.22, - it doesn't matter which you are using if the exploit is aimed at the browser.

Re:Nothing (1)

jamesh (87723) | about a year and a half ago | (#42305753)

This used to be good advice, because Macs were such a small share of the market that the malware authors didn't bother with them. This isn't quite so true any more.

If you want to get them a platform that won't be targeted by malware authors for quite some time, install Linux Mint on their PC. As a bonus, it won't cost anything extra (unless they have some shitty printer that has no Linux support, but a new Linux-compatible printer is much cheaper than a new Mac). As an extra bonus, you can install the KDE version of Linux Mint and assuming they're coming from XP or Win7, they won't even have to learn a whole new GUI paradigm.

We have detected a suspicious transaction in your bank account. Please go to http://www.sitethatlookslikeyourbankbutisnt.com.ru/ [sitethatlo...snt.com.ru] and enter your username and password to confirm the transaction and also enter a brief description about why you think the OS you are running makes a difference here.

Re:Nothing (0, Troll)

Anonymous Coward | about a year and a half ago | (#42305321)

Yes, because that would totally prevent his AOL account from being hacked...

Holy shit you Apple people are fucking stupid.

Re:Nothing (4, Informative)

Nerdfest (867930) | about a year and a half ago | (#42305327)

Most 'exploits' that get people these days are emails, etc, with fake notifications that get people to enter their login details for FaceBook, Gmail, etc. A Mac will not help for the majority of what gets people these days.

Re:Nothing (0)

Anonymous Coward | about a year and a half ago | (#42305533)

What I'm getting at is that non tech-savvy people will not remember/act on the advice you give them. Better to get them something -usable-, with a low chance of infection. You could give them a *nix install if you prefer, but I don't want to be a support contact for my family's systems unless there is a dire need (eg. hardware). Also, you described a phishing attack, which I don't classify as 'malware'.

Re:Nothing (5, Informative)

Austerity Empowers (669817) | about a year and a half ago | (#42305655)

What he's getting at is that any OS on any computer is vulnerable to this sort of attack. Any OS at all that has a web browser: Windows, OSX, Linux, Android, iOS, *BSD, Solaris, whatever.

Once you click that link and enter your credentials, you are hacked. No resident virus required that has to hook your system via known attack vectors. Of course once you are hacked, it is much easier to get to that next step, if that's important to the attacker. But usually it's not, they're perfectly happy with your accounts.

Re:Nothing (1)

Anonymous Coward | about a year and a half ago | (#42305687)

What he's getting at is that any OS on any computer is vulnerable to this sort of attack. Any OS at all that has a web browser: Windows, OSX, Linux, Android, iOS, *BSD, Solaris, whatever...

Which is the main reason you teach someone how to avoid this shit one time. Maybe twice. After that, they're on their own, and it fucking needs to be that way. Only way malware is going to ever become less of a problem is through education, not technology. This example clearly proves that.

Too cruel? Here, how about a car analogy then.

How many times are you going to help replace your friends flat tire because they keep driving over nails before you finally say, "fuck it, you're on your own."

Nothing (4, Interesting)

Andy Prough (2730467) | about a year and a half ago | (#42305365)

Get them a Chromebook and save $1200+ off the price of the Mac and be done with it.

Re:Nothing (1)

Concerned Onlooker (473481) | about a year and a half ago | (#42305625)

That's pretty much true. You should only get a Mac if you're trying to do real work. For web surfing and email a Chromebook would be better for most non-savvy users.

i think your uncle is right (5, Funny)

notgm (1069012) | about a year and a half ago | (#42305227)

you've been compromised, and now you're spamming /.

Re:i think your uncle is right (4, Informative)

mattkrea (2795977) | about a year and a half ago | (#42305261)

Yeah.. pretty sure this is the more likely scenario..

Re:i think your uncle is right (1)

Anonymous Coward | about a year and a half ago | (#42305331)

Not sure why parent was modded funny as that is actually the most likely scenario.

Re:i think your uncle is right (3, Interesting)

Anonymous Coward | about a year and a half ago | (#42305393)

Yeah, he's spot on.

Uncle hacked hypothesis:
- malware resides in uncle's PC
- malware looks through uncle's address book
- malware sends email not to the people from the address book (otherwise the summary would've told us), but to the owner of the machine it already infected pretending to be someone he knows... what for?

veganboyjosh hacked hypothesis:
- malware resides in veganboyjosh's PC
- malware looks through veganboyjosh's address book
- malware, with the objective to infect more machines, emails veganboyjosh contacts pretending to be him

Which one makes more sense?

Re:i think your uncle is right (-1)

Anonymous Coward | about a year and a half ago | (#42305511)

Especially the "vegan" part. We already know he has made some bad decisions and is probably malnourished. Maybe B-12 deficiency...

Re:i think your uncle is right (-1)

Anonymous Coward | about a year and a half ago | (#42305657)

Root cause is more likely an IQ deficiency and an insecure, gregarious personality that identifies with the lunatic fringe, but isn't ready to take the leap into a compound environment. The B-12 thing will hopefully just remove him from circulation before he becomes a problem for us.

Re:i think your uncle is right (5, Funny)

Billly Gates (198444) | about a year and a half ago | (#42305435)

He couldn't be.

He is middle aged and knows better. He doesn't click on shit or go to weird sites. He also doesn't use IE. THerefore a AV scanner is not needed especially if you have a firewall. AV software is for wusses according to these folks and I am sure his 3 year old version of flash and 5 year old unpatched Java on his machine are no match to the mighty security of running firefox!

Don't believe me? Just ask any slashdotter who has not used Windows in 12 years. They know what they are talking about when it comes to Windows security as they post this all the time.

Join the dark side (-1)

Anonymous Coward | about a year and a half ago | (#42305437)

Fix his computer for a fee.

Re:i think your uncle is right (0)

Anonymous Coward | about a year and a half ago | (#42305739)

I get stuff from my address book but weird email addresses frequently now. I suspect somewhere my shared addressbook 'leaked' or got harvested. But the bot only has the names, not the addresses. Several people on an email listserv I manage have been hacked in that the account sent stuff to the associated address book which included the listserv address. Those people got removed from the list until they fixed their accounts. It's usually AOL, Hotmail, Yahoo, or sometimes Earthlink addresses. But I suspect your Uncle had the address book leak thing.

Fake one yourself. (5, Insightful)

jx100 (453615) | about a year and a half ago | (#42305235)

Log into AOL's SMTP server with telnet and make an email that looks like it's coming from your uncle. Show him how easy it is to fake, and that the "to" field is actually incredibly untrustworthy.

Re:Fake one yourself. (4, Insightful)

Megahard (1053072) | about a year and a half ago | (#42305303)

Send a fake email from your uncle to your aunt. The more chaos you can cause, the better the lesson will sink in.

Re:Fake one yourself. (5, Interesting)

toygeek (473120) | about a year and a half ago | (#42305483)

I did this once to prove the point to my wife. I made up some ridiculous email and then called her and asked her if she got it. She had. When I told her it was from ME, she finally got the point. The email was telling her she was a winner of free tickets to a concert for an artist that hasn't performed in a VERY long time. And I didn't have to telnet into a server to do it. I just set up my mail program.

Re:Fake one yourself. (1)

johnsnails (1715452) | about a year and a half ago | (#42305543)

set up a free smsglobal (or similar) account and show how u can also send an sms to his grandchildren from "Mum or "Mom" as the case might be saying meet me in the dark van next to the shops after school. And then use up the rest of ur credits messing with ur mates.

Re:Fake one yourself. (-1)

Anonymous Coward | about a year and a half ago | (#42305699)

If your wife needed you to do that before she was able to understand it, then she's severely lacking in intelligence. Of course, your wife lacking intelligence works in your favor; she wouldn't have married you otherwise.

Re:Fake one yourself. (0)

Anonymous Coward | about a year and a half ago | (#42305647)

Let's get this out of the way first - I'm not an expert. Now, let's reply to this post mentioning how I'm stating the obvious. Are we done? Good. Now on to my inquisitive statement -

I assume that the AOL SMTP servers require login, and that they modify the "sender" address label to match that who logged in similar to how Google does (ie, "granpajo@aol.com on behalf of rustyshackelford@red-hot-tubgirl-grits.cn")?

Tell your family what Mike tells his... (0)

Anonymous Coward | about a year and a half ago | (#42305237)

...that'll a man will jump out of their screen and yell, "WHERE'S YOUR DAUGHTER?!" http://www.youtube.com/watch?v=U0wY4wIB5_4

Think up a meatspace analogy (5, Interesting)

The MAZZTer (911996) | about a year and a half ago | (#42305239)

In this case, let's say your uncle mails his letters by leaving them in his mailbox (I think some places let you do this) for the mailman to pick up. Now let's say a shady guy comes along and copies the names of people your uncle is mailing letters to, including yours, then sends him a letter purportedly from you asking him to loan you money by wiring it to a specific bank account or whatever.

Your NAME was involved but you had nothing to do with it, and the scammer found out your name from him.

Re:Think up a meatspace analogy (2)

aitikin (909209) | about a year and a half ago | (#42305431)

That's actually probably one of the best analogies for this purpose I've ever heard/read. Consider it stolen.

Re:Think up a meatspace analogy (1, Funny)

marty23571113 (972462) | about a year and a half ago | (#42305749)

(I think some places let you do this) Yeah several million places

Uhm... No, it's just spam. (4, Funny)

Anonymous Coward | about a year and a half ago | (#42305241)

I don't see why you think his account has been hacked.

Someone simply sent him email with your address as the "From" address. Doing that is trivial, and spammers do it all the time.

Post your uncle's email address and your email address, and thousands of us here will send you email with your uncle's email address as the origin.

Go ahead, post both addresses. You can trust me. I'm "Anonymous Coward", and you've seen millions of articles from me which show my wide variety of expertise.

Re:Uhm... No, it's just spam. (2, Insightful)

Anonymous Coward | about a year and a half ago | (#42305305)

There's no reason whatever to think the uncle's account was hacked. None. A little knowledge is a dangerous thing.

Re:Uhm... No, it's just spam. (2)

BronsCon (927697) | about a year and a half ago | (#42305333)

There's no reason to think it was not hacked. There's, likewise, just as much reason not to change the password. Standard practice in the security community is to assume that everything has been compromised and act accordingly; this is because a good hack will be all but undetectable.

Tagged as funny, but makes a point. (5, Interesting)

mark-t (151149) | about a year and a half ago | (#42305313)

Really, I can't think oi a good reason to presume that either account was actually hacked. What's evidently happened, however, is that both parties have had their email addresses harvested, using one (falsely) as a sender and the other as recipient.

Re:Uhm... No, it's just spam. (2, Funny)

Anonymous Coward | about a year and a half ago | (#42305319)

I'm "Anonymous Coward"

No you aren't, you liar! You hacked my account! How dare you!

Re:Uhm... No, it's just spam. (1)

reybo (2540564) | about a year and a half ago | (#42305375)

When you think about, there's a far better chance the miscreant behind that email invaded, not the uncle's email account, but the nephew's PC with a worm or trojan that spams his email address list.

Re:Uhm... No, it's just spam. (0)

Anonymous Coward | about a year and a half ago | (#42305385)

if they have access to the names of people that he has emailed then they have some sort of access to the account.

Re:Uhm... No, it's just spam. (4, Insightful)

hidden (135234) | about a year and a half ago | (#42305491)

When the from and to names are people who genuinely know each other, it generally means that one or the other of them's address book has been stolen. Less frequenty, it may mean that a third party (that they both know) had their address book stolen. Subby doesn't think his address book has been stolen, so that leaves the relative as the most likely victim.

Who we think the most likely victim is maybe be another story, but his logic seems fairly sound to me, if we accept the initial assumptions...

Re:Uhm... No, it's just spam. (0)

Anonymous Coward | about a year and a half ago | (#42305557)

This is 50% funny and 50% true. I get spam mails from *myself* all the time.

Re:Uhm... No, it's just spam. (4, Funny)

Frankie70 (803801) | about a year and a half ago | (#42305591)

I get spam mails from *myself* all the time.

I think you have accidentally hacked your own account.

Re:Uhm... No, it's just spam. (1)

matunos (1587263) | about a year and a half ago | (#42305715)

That doesn't explain how the spambots knew to send an email purpotedly from him to his uncle.

It's possible one or both of their Facebook privacy settings are overly lax, allowing anyone to see their email addresses and friendship.

are you sure (2)

PieceOfShitAndroid (2538056) | about a year and a half ago | (#42305245)

Are you sure it was your uncle who sent you the instant message?

MOD PARENT UP (1)

kumanopuusan (698669) | about a year and a half ago | (#42305361)

You can never be too sure, especially since the submitter thinks his uncle has been compromised.

Re:MOD PARENT UP (1)

Frankie70 (803801) | about a year and a half ago | (#42305605)

kumanopuusan, I think PieceOfShitAndroid has hacked your slashdot account and is using it to ask people to mod his posts up.

Re:MOD PARENT UP (1)

kumanopuusan (698669) | about a year and a half ago | (#42305631)

How can you be sure it was PieceOfShitAndroid posting in the first place?

Re:MOD PARENT UP (1)

Austerity Empowers (669817) | about a year and a half ago | (#42305673)

There is no spoon.

Just make shit up (5, Interesting)

Anonymous Coward | about a year and a half ago | (#42305249)

Seriously. Show him a segment in the e-mail header and say that's proof his shit was hacked. He won't know the difference anyway.

Good luck (1)

Anonymous Coward | about a year and a half ago | (#42305253)

Explaining email issues can be very tricky, since there can be problems with authenticity at both ends of a one directional communication. For instance, perhaps your email host is owned, they can send messages as you. Alternately, the recipient's email host is poorly configured, and it's accepting mail with spoofed sources. It gets even more layered, when it you look at whether or not the sending MX is authoritative for the domain the message originates from, which is where SPF comes into play. Everyone who has a domain, whether it's used for sending email or not, should specify an SPF record (or TXT with appropriate content) specifying which servers can send mail, if any. Every mail server, besides not being configured to be a relay, needs to avoid accepting mail from senders using addresses only it should be authoritive for.

Just feel superior (0)

Anonymous Coward | about a year and a half ago | (#42305263)

Tell him nothing else, just feel superior that you don't get malware. OR
You could point him to a website that has a simple explanation of how it is that you know for certain it is you know his machine is infected, instead of someone else's who has both your and his email addresses in it.

Did the message spoof your email address (0)

Anonymous Coward | about a year and a half ago | (#42305279)

Or did it just spoof your name, and attach some made-up email address. In either case, tough to blame your uncle for "lack of sophistication". Anyone might have followed a link to "take a look at this hilarious clip" or whatever, under the circumstances, unless they were unusually observant and/or paranoid.

Re:Did the message spoof your email address (4, Insightful)

Ritchie70 (860516) | about a year and a half ago | (#42305355)

I consider myself pretty savvy, but I've been fooled a couple times by "fake" emails harvesting login credentials when I was tired and not thinking.

Both times I realized within minutes that I'd been had and went and changed the passwords immediately, but it's really easy to be fooled if you aren't paying attention.

Re:Did the message spoof your email address (0)

Anonymous Coward | about a year and a half ago | (#42305545)

You might still be "savvy" if you fell for it once, but the second time you were just plain careless. Sorry...

If he doesn't believe you (1)

Anonymous Coward | about a year and a half ago | (#42305287)

Why is he asking you for help? Just say "If you trust me enough to ask, trust me enough to accept my explanation."

Re:If he doesn't believe you (1)

DarwinSurvivor (1752106) | about a year and a half ago | (#42305467)

He didn't ask for help, he asked why he sent him then link. If you can't even be bothered to read the summary, don't bother trying to answer the question in the title.

Re:If he doesn't believe you (0)

Anonymous Coward | about a year and a half ago | (#42305621)

You must be new here.

Create a non-admin account for them (1)

Beeftopia (1846720) | about a year and a half ago | (#42305291)

Creating a non-administrator/root account for them should prevent the installation of most malware. DON'T give them the password.

And tell them that the Internet is like Mos Eisley: "It is a wretched hive of scum and villainy. We must be cautious."

Keep an up-to-date firewall and virus scanner like Norton. Turn on automatic updating for the operating system. And for the security software.

Hope for the best.

Re:Create a non-admin account for them (1)

therufus (677843) | about a year and a half ago | (#42305357)

Norton? LOL.

From the fact that he's completely illiterate about computers automatically implies he already has Norton installed. That AND the fact he's on AOL.

It seems OP is pretty savvy, why not register a domain name for him and set up an SMTP account you can remotely administer. It doesn't mean he'll never have his email hacked, but he'd be less of a target.

Re:Create a non-admin account for them (1)

maugle (1369813) | about a year and a half ago | (#42305471)

Probably because the OP does not have anywhere near enough time to spare setting up and maintaining a custom domain name and SMTP account for every relative.

Re:Create a non-admin account for them (1)

antdude (79039) | about a year and a half ago | (#42305599)

Ditto, and OP would have to support them which is a pain in the butt. :(

never talk to strangers (2)

metalmaster (1005171) | about a year and a half ago | (#42305317)

Explain how to expand the e-mail header to show the senders full address ie. Josh

Then simply explain the whole "never talk to strangers" bit and make comparisons to tech where possible.

Re:never talk to strangers (1)

metalmaster (1005171) | about a year and a half ago | (#42305341)

ie. josh [ 766567616e626f796a6f7368@shadymail.net ]

maybe the problem is on your end (0)

Anonymous Coward | about a year and a half ago | (#42305325)

I mean, when you're mailing from maximizeyoursize@maleenhancement.com there are just predictably going to be misunderstandings.

Re:maybe the problem is on your end (1)

Opportunist (166417) | about a year and a half ago | (#42305501)

You joke, but some people actually run into big problems with such things.

Like a friend of mine who happens to live in the small Austrian village "Fucking" [wikipedia.org] (despite the name the link is safe for work). I'm dead serious, a google picture search will provide the proof that this town exists.

Do you think he can order ANYTHING online? He doesn't even make it past the spam filter.

Neither one hacked (1)

Anonymous Coward | about a year and a half ago | (#42305343)

I think this is mentioned, but nothing mentioned indicates either party was hacked. The from part of an email can be forged as easily as the from address on a piece of stationary. That email could have come from anywhere in the world and anyone. The only thing we can gather is that the spammer somehow connected the submitter's name with that of his uncle. It could have been either side, or a public mention of both addresses, or a third relative getting hacked that has both of you in their contact list. The raw headers *might* be able to tell you if it came from an aol email server but that still doesn't itself tell you who sent it.

Re:Neither one hacked (1)

Opportunist (166417) | about a year and a half ago | (#42305475)

Not targeted enough. The chance that you get two identical emails from different sources and notice something's amiss is way too high. Plus too many people who know a thing about security would receive it and maybe warn their friends and relatives.

A much better way would be to set up some kind of service where someone has to enter his own and some other email address. First, you know who to target: The one stupid enough to use such a service. And you know exactly whose mail they would open. Make it some sort of personal service to increase the chances that the mark will open the mail, thinking it is from someone he likes/loves and trusts.

The current season with its greeting card craziness is perfect for that purpose.

Re:Neither one hacked (1)

Rob the Bold (788862) | about a year and a half ago | (#42305477)

I think this is mentioned, but nothing mentioned indicates either party was hacked. The from part of an email can be forged as easily as the from address on a piece of stationary. That email could have come from anywhere in the world and anyone. The only thing we can gather is that the spammer somehow connected the submitter's name with that of his uncle. It could have been either side, or a public mention of both addresses, or a third relative getting hacked that has both of you in their contact list. The raw headers *might* be able to tell you if it came from an aol email server but that still doesn't itself tell you who sent it.

"Once is happenstance. Twice is coincidence. Three times, it's enemy action."

If someone's got your email address and the address of someone you correspond with, and sends bogus emails to the correspondent with your return address, someone's been compromised.

Re:Neither one hacked (0)

Anonymous Coward | about a year and a half ago | (#42305531)

The raw headers *might* be able to tell you if it came from an aol email server but that still doesn't itself tell you who sent it.

You misspelled "open mail relay."

You're not responsible for his security. He is. (1)

Anonymous Coward | about a year and a half ago | (#42305347)

I have similar problems with my family (usually my mid-60's parents). Funny thing is, they're not dumb. But about a year ago when I was explaining to my mom for the 40th time what a URL is and how to copy and paste it in your browser, when she (a 10+ year computer user) asked me what a "browser" is, I gave up. They spent their money on that machine and if they can't figure out how to use it properly, it's their own fault.

Re:You're not responsible for his security. He is. (1)

thereitis (2355426) | about a year and a half ago | (#42305457)

They're not alone. I sent a family member an email with a link and they said the link didn't work. I tried it again myself and it did, in fact, work. Turns out the email client they were using didn't hilight the URL as a clickable link. You think people would know how to copy/paste that sort of thing these days but that's not the case.

If he asks and doesn't take your advice (5, Insightful)

Rob the Bold (788862) | about a year and a half ago | (#42305359)

A person can ask for advice. They can act on it as they see fit. If your adult uncle ignores your advice, you are off the hook. Maybe you know what's best for him, but if he's asked you and doesn't believe you, there's nothing you can do. I know you wish you could help, but you can't. We sell computers to people who aren't IT admins with the implication that they don't need to be one in order to operate them. Sadly this isn't true, but it's beyond your duties as a nephew to try to disabuse him of this notion.

This answer is probably less than satisfactory, but the world is an imperfect place and our ability to change that is very limited.

Perhaps other Slashdotters have some Jedi mind tricks for you to try, but I'm not optimistic, based on personal experience.

Re:If he asks and doesn't take your advice (1)

Nemyst (1383049) | about a year and a half ago | (#42305743)

The problem is that usually, in such a scenario, the relative/friend then screws up and asks you to fix it. Not wanting to fix it, after you've shown that you are well capable of it, will end up causing issues for you with said person.

If you could wash your hands of the whole matter, it wouldn't be an issue, but I've just about never seen a situation where this is the case.

"From" is like the upper left of an envelope. (4, Insightful)

theedgeofoblivious (2474916) | about a year and a half ago | (#42305363)

Tell him that the "from" that shows up in emails is like the upper left corner of an envelope.

I could write a letter, address it, and in the upper left corner write

PRESIDENT BARACK HUSSEIN OBAMA
1600 PENNSYLVANIA AVE. NW
WASHINGTON, DC 20500-0003

And you could mail the letter. And the letter might even be delivered. But that doesn't mean that the President really sent that letter. It just means that whoever sent it claimed to be someone else when they were sending it.

Re:"From" is like the upper left of an envelope. (1)

Anonymous Coward | about a year and a half ago | (#42305667)

Another interesting feature is that it works like a return address too. If the recipient address is no good, then the white house will get that letter. Similarly, just about everyone I know who uses one ISP in this area (which has a webmail system that gives different errors for "email doesn't exist" and "email exists but bad password") has received a bounce back for an email they didn't send.

Your uncle's right (1)

Anonymous Coward | about a year and a half ago | (#42305377)

You were more likely the one who was hacked. After all, if you were a hacker, and you had compromised someone's email, which would you do: send one email to the account you hacked, or send a bunch of emails to everyone in that account's contact list? Of course, neither of you have necessarily been hacked, but there has to be some way the hacker knew to claim it was from you. So the hacked account could belong to someone you both know. That would be a sneakier way of avoiding detection for a bit.

Re:Your uncle's right (1)

Opportunist (166417) | about a year and a half ago | (#42305459)

(...) there has to be some way the hacker knew to claim it was from you.

His uncle's address book, maybe? Sending emails from one address in the address book to another address doesn't make sense, though. How should the hacker decide which people actually have any kind of business with each other?

But here's a good scenario, and a quite valid one: His uncle used some sort of stupid "online holiday greetings card" service, one of those that need your email address and the one belonging to the recipient. Judging from the described level of knowledge his uncle has I wouldn't deem it too far fetched that he actually uses some kind of service of that kind.

And, bluntly, people who use such a "service" are prime candidates for malware mails. Because they surely are not the most educated when it comes to online security. Else they wouldn't touch such "services".

Re:Your uncle's right (0)

Anonymous Coward | about a year and a half ago | (#42305669)

Sending emails from one address in the address book to another address doesn't make sense, though. How should the hacker decide which people actually have any kind of business with each other?

Why would the hacker care? It's the shotgun approach, so nothing that misses matters, only the ones that happen to hit.

Re:Your uncle's right (4, Informative)

theedgeofoblivious (2474916) | about a year and a half ago | (#42305677)

Have you ever heard of backscatter spam?

Spammers use bots to browse the internet and scoop up email addresses. Then they send messages with one of those addresses in the "From" header and one in the "To" header. If the messages go through, one person receives spam. If they don't go through, the other person receives spam. Either way, someone gets spam.

None of this requires much technical knowledge. I can make backscatter spam by filling in a registration form on any website. I just put your address in the "email address" field, and the site sends you a confirmation email, typically from a no-reply@whatever.com email address. So it's basically impossible to stop.

Backscatter spam works because it looks like it came from someone it didn't. It's why web sites shouldn't provide alerts for messages that weren't delivered and why "out of office" messages or messages to confirm addresses are bad. Because any bot (or any person, too) can fill in a form and turn your website into a backscatter machine.

Keep it simple. (5, Insightful)

jonadab (583620) | about a year and a half ago | (#42305391)

Just tell him email is very easy to forge. That's it.

You don't have to explain the technical details of exactly how it is forged, what headers are, how SMTP works, how malware mines personal data, or any of that. If he cared about the technical details, he'd read up on them, and then he wouldn't need you.

Keep it simple: "email is very easy to forge."

Re:Keep it simple. (0)

Anonymous Coward | about a year and a half ago | (#42305695)

Just tell him email is very easy to forge. That's it.

You don't have to explain the technical details of exactly how it is forged, what headers are, how SMTP works, how malware mines personal data, or any of that. If he cared about the technical details, he'd read up on them, and then he wouldn't need you.

Keep it simple: "email is very easy to forge."

Translation: "You are too stupid to use email if you fell for that shit."

(to some extent, this is true)

You're done. (4, Insightful)

Blinkin1200 (917437) | about a year and a half ago | (#42305421)

You did what you needed to do, you let them know they had a problem.

You are done.

It is not just non-tech savvy people that have this problem. My brother is, or so I thought, knowledgeable in the area of malware. One day I get a spam message sent from him, actually from his previous email address. I recognized that the message was also sent to quite a few people in his address book. After receiving a few more, I did a reply all to one of the messages, copied to his current email address and included a message that I hope you are not doing any banking or on-line shopping with that computer. His response was to send out a message to his entire address book asking people to set up their spam filters to ignore any messages from his old address.

I tried, I'm done.

The good news is that I now know of some juicy stocks that are going to really run up in price and three or four places where I can order some V1agra. Also, I was able to do all of my holiday shopping an a really great Russian sex toy shop. They even gift wrap! Everyone is going to be so surprised this year!

Again, you are done, move on.

Forget it (3, Insightful)

Opportunist (166417) | about a year and a half ago | (#42305433)

You can tell a kid a hundred times that the stove is hot, he won't believe you until he burned his hand.

Tell him, if he chooses to ignore you, don't press on. You offered help, he declined, everything's fine. Sorry, but if ignorant people choose to reject the information they get from people who know more than them about the matter, you have to let the kid burn his hand.

AOLOL (1)

epp_b (944299) | about a year and a half ago | (#42305439)

Really, you could have just said, "my uncle uses AOL," and that would have explained everything.

Joking aside, why did you use the telephone analogy? It's email, a postal mail analogy would have been perfect: it's as if someone sent him a nasty letter and printed your address in the top-left corner of the envelope.

As for what to do with his PC ... well, if he's just the typical "Facebook and email" user, install Debian or something and rename the desktop icons ("Internet", "Email", etc.). I put Ubuntu on my mom's netbook and she pesters me no more often than she does about her Windows PC.

Now imagine the software swears at you, too. (2)

Impy the Impiuos Imp (442658) | about a year and a half ago | (#42305449)

"What's malware?"

"You know how government officials tell you sweet things they'll do for you, so you vote for them, and suddenly you see your walled draining rapidly and all kinds of shit clogging up everything you do, and even after installing their 'fix', things keep running slower and slower and slower? Same thing but just on your computer."

This isn't "Malware". This isn't "Hacking". (1)

BaldingByMicrosoft (585534) | about a year and a half ago | (#42305497)

This isn't "Malware". This isn't "Hacking". It's just Phishing.

Read this: http://www.securingthehuman.org/newsletters/ouch/issues/OUCH-201112_en.pdf [securingthehuman.org]

Explain that email was invented in the mid-70s and hasn't really changed that much. Security wasn't a factor back then, and its easy to write an email that appears to come from anyone.

Re:This isn't "Malware". This isn't "Hacking". (0)

Anonymous Coward | about a year and a half ago | (#42305549)

And then, go one better, and explain to him that by using PGP authentication, you CAN ensure that emails are from who they say they are, assuming you've verified the key. Show him how easy this is to do with Enigmail. And then join the ranks of us who've been frustrated by the glazed eye look that comes upon doing so.

Having to explain tech to the tech-clueless is definitely among the activities in some of the lower circles of Hell. Sorry, there's no magic solution here.

Re:This isn't "Malware". This isn't "Hacking". (1)

Anonymous Coward | about a year and a half ago | (#42305723)

...Having to explain tech to the tech-clueless is definitely among the activities in some of the lower circles of Hell. Sorry, there's no magic solution here.

Sure there is. Stop teaching.

Absolutely shocking to me that the one solution that is the most obvious (a user actually educating themselves about the tool they rely on) is the one that has somehow now been deemed "magical" due to mass ignorance.

I say fuck 'em. They'll learn one way or another, or they'll give up trying and stop using computers. Either way, it's a win for the educated and/or self-inclined.

And no, I don't feel I'm asking a user to program Java when learning the basic 101 rules of online communication. It is that simple. Learn it.

I don't get it (0)

Anonymous Coward | about a year and a half ago | (#42305515)

If your uncle had been hacked, why would the attacker send him a malicious link?

Letters (1)

Todd Knarr (15451) | about a year and a half ago | (#42305521)

My analogy is a letter with my name and address written in the return-address space. Does that guarantee that the letter's from me? Of course not, anybody could write that in if they knew my address, and all it takes to find my address is to look me up in the phone book.

You can't save em all Hasselhoff... (1)

SuperCharlie (1068072) | about a year and a half ago | (#42305525)

As plain and obvious it seems to us tech nerds.. some people will just never get some of the tricks the spammers use like forged from addresses and no, you're not infected, don't click that link to install superantispyware 2013. If possible, take the PC/Laptop for an evening to "speed things up" put good anti-malware and antivirus on it, maybe make a clean image and a non-admin account if you can and expect the calls for when he screws it up again if you are his dedicated tech nerd.

Check his login history (0)

Anonymous Coward | about a year and a half ago | (#42305597)

This happened to a guy I know recently. I was suprised to learn that Yahoo! and Google have a place you can check your login history at. I was able to show this guy evidence that my theory was correct, after which he became much more cooperative about changing his password. FYI on Gmail and other services with oauth you should also clear all those sessions I would think. I dunno if AOL has this history feature, but it's more common than I would have thought. If he's connecting from ARIN block IPs and you find some unexplained APNIC IP in the history it's a pretty good indicator of a problem..

Not your responsibility (0)

Anonymous Coward | about a year and a half ago | (#42305613)

Most of the non tech savvy will end up hacked. This will be the perpetual state of any Windows box which doesn't have full time support of a corporate IT department or a tech savvy user between the chair and keyboard 100% of the time.

AOL is a problem as well. You shouldn't be trying to support AOL users. Refer them to the AOL tech support number.

If your uncle isn't asking you for help it's none of your business. Why should people rally against infections which don't affect them?

My Windows partition contains a copy of Borderlands 2 and nothing else. Antivirus and Windows updates can't protect you from zero day exploits, which means they are useless and should be turned off. Boot to another OS to browse the Internet.

Advice (4, Insightful)

Frankie70 (803801) | about a year and a half ago | (#42305617)

I think the first thing to tell your uncle is that he should get his tech advice from a more tech savvy relative who doesn't automatically assume that a forged email is done by hacking someone's account.

What to tell your non-tech family about malware (2)

PopeRatzo (965947) | about a year and a half ago | (#42305661)

It's bad, m'kay.

Get Rid of Windows and Install Linux (4, Interesting)

RudyHartmann (1032120) | about a year and a half ago | (#42305703)

My dad got infected by some malware a while back. He had WinXP Pro. My brothers tried to help him to no avail. He doesn't do well with keeping his antivrus and malware stuff updated. The old guy also does stuff I've told him not to do too. So he got this malware infection that told him that the FBI had locked his computer and to send $200 to a site to unlock it. He freaked out. So I installed Linux Mint 13 KDE 32-bit on his computer. He hasn't had to worry since. He likes it because its also faster. My family thinks I'm free tech support and I was getting real tired of fixing their installations. Now my brothers and uncle have installed Mint also. Life is much simpler for me now. :-)

Porn (0)

asmkm22 (1902712) | about a year and a half ago | (#42305747)

I just tell them to stop watching porn, stop downloading movies, and stop clicking on links inside email. For most people, that probably equates to "don't use the internet" which is fine as far as I'm concerned.. If you want to use a tool without getting hurt, invest a little time and effort into learning how. If not, just accept the fact that you will magically have problems crop up here and there, sort of like a car that never gets its fluids checked.

The problem is, most people simply don't want to learn new things past the age of about 16, so trying to elaborate any more than that is pointless.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...