Results 1 to 17 of 17
Like Tree3Likes
  • 1 Post By MrJack
  • 1 Post By Javaphile
  • 1 Post By Journeyman

Thread: Adobe accounts compromised.

  1. #1
    Senior Member Yelta's Avatar
    Join Date
    Jun 2009
    Location
    Moonta SA.
    Posts
    6,718

    Adobe accounts compromised.

    Gene Cafe Coffee Roaster $850 - Free Beans Free Freight
    Adobe accounts compromised.
    I received an email today from another forum I belong to advising me that Adobe have experienced a serious breach in security, have posted a copy below with the forum name removed.
    I have always felt uneasy with Adobe, they are constantly at you wanting to install updates etc.
    My main use was their reader to open .pdf files and Flash player.


    Online safety and your Account

    Adobe has recently announced they experienced a serious breach in the security of their site.

    Our security team has since checked a list of millions of compromised Adobe accounts and cross referenced it with our records and we noticed that the email address you have used to register a ********account was on that list of exposed Adobe accounts.

    As it is common for people to re-use the same password on many different websites, we thought that many users might be using the same details on.

    While ********itself has not been compromised, we are recommending some precautionary tips:

    Change your password, as well as any other accounts elsewhere that might use the same password.

    You can change your password here: https://www*******.com/account/settings/password.

    If you have forgotten your password, you can also reset it here: https://www.*******com/account_recovery.

    If you have not already done so, reset your Adobe password: https://www.com/go/passwordreset.

    Setting unique and hard-to-guess passwords is critical to online safety. You should avoid using the same password twice and the longer and more uncommon the combination of letters, numbers, and symbols, the harder it will be for your account and security to be compromised.

    As always, if you have questions about your account, we are at the ready to help. You can contact us at http://******support.com/

  2. #2
    Senior Member
    Join Date
    Oct 2011
    Posts
    1,376
    Never follow an email link to change your password. Else you might find yourself having a serious security breach.

    My second crack.
    TampIt likes this.

  3. #3
    Senior Member Yelta's Avatar
    Join Date
    Jun 2009
    Location
    Moonta SA.
    Posts
    6,718
    Quote Originally Posted by MrJack View Post
    Never follow an email link to change your password. Else you might find yourself having a serious security breach.

    My second crack.
    Thanks for the tip.

  4. #4
    Senior Member Dragunov21's Avatar
    Join Date
    Mar 2013
    Posts
    1,281
    Quote Originally Posted by Yelta View Post
    I have always felt uneasy with Adobe, they are constantly at you wanting to install updates etc.
    This should make you feel more at ease. One of the biggest security risks for a machine or network is users who refuse to update software.

    Those updates, more often than not, patch out security vulnerabilities as they are discovered. By refusing to update you're leaving yourself wide open to well-known exploits.

    Keep your sheet updated.

    Also, that reeks of a phishing attempt; if you're concerned about your account security, go to the website on which the account is held and change it manually. As MrJack said, don't trust anything that comes through like that if it includes a link to change your password.

  5. #5
    Senior Member
    Join Date
    Jun 2012
    Location
    Brisvegas
    Posts
    157
    Absolutely, this REEKS of "Scam"...
    I get these from ATO, Centrelink, ANZ Bank, NAB, PayPal, etc, etc, etc....

    Not that I use it myself much, apart from keeping an eye on the kids, but also Facebook. Just recently I received a PM from some nice sounding female who wrote me a very nice personal letter of how her husband had just divorced her and how she was from a very rich family, blah, blah, blah and how she had read my profile and what a nice sounding fellow I was and if I was to only send her $4,000 she would share her share of $400,000,000 with me.... Crikey!

    I predict within six months 'A Current Affair' will parade another few gullible schmucks that have lost their life savings through scams like this....

    Don't feel too bad Yelta, you're not the first or the last to get sucked in.........

    BTW... If you did happen to follow their scammy 'link'... Make sure you immediately take all steps to correctly and permanently change and forever disregard the information you provided.....

  6. #6
    Coffee Newbie okitoki's Avatar
    Join Date
    May 2013
    Location
    Perth. WA
    Posts
    454
    I also generally check the link address they email from. Even though its coming up with "blah blah customer support" but the email address comes from some weird email addresses.

  7. #7
    Senior Member
    Join Date
    Jun 2012
    Location
    Brisvegas
    Posts
    157
    Yeah, like it's Fred.Nork.NAB@gmail(dot)com
    As if the NAB is gonna be using @gmail or @hotmail as their email client......

  8. #8
    Senior Member Dragunov21's Avatar
    Join Date
    Mar 2013
    Posts
    1,281
    Less of an issue than it used to be, but it's possible to spoof the source address, so that's no guarantee.

    The only real indication of legitimacy is if the domain is correct on the link. It's important to realise that (for example) while nab.com.au/custserv is legit (domain is nab.com.au) and custserv.nab.com.au is also (domain is still nab.com.au), nab.custserv.com.au is not (domain is actually custserv.com.au).

    It's an easy mistake to make (which browsers like Chrome make better by highlighting the domain for https connections, IIRC).

  9. #9
    Senior Member
    Join Date
    Aug 2013
    Location
    Rockingham W.A.
    Posts
    1,346
    Quote Originally Posted by Yelta View Post
    Adobe accounts compromised.
    Reuters also reported the breach, however Mr Jack is 100% correct: go to their website directly yourself in cases like this, as black hatters are probably already phishing for those less careful.

    TampIt

  10. #10
    Senior Member Dragunov21's Avatar
    Join Date
    Mar 2013
    Posts
    1,281
    Just a note as far as passwords go, using the same passwords across services is a bad idea. If your memory isn't good enough to cope with unique passwords, a good alternative is simply taking your regular password and adding something to the end of it for each account.

    ie: password.123@CS or password.123@CSnobs
    password.123@gmail
    password123@onlinebanking

  11. #11
    Member
    Join Date
    Jul 2013
    Posts
    36
    I was advised recently to search my personal email account for plain text versions of some of my standard passwords that I use. You'll be surprised how many account creation emails confirm the password you've chosen as plain text. Should your personal email account ever get hacked, they are right there for the taking. Go in and delete them now!

  12. #12
    Senior Member Dragunov21's Avatar
    Join Date
    Mar 2013
    Posts
    1,281
    You kinda deserve it if you didn't change the temporary password you were initially given...

    And you would have to delete anything that mentioned the forum/account, as most of the time a simple password reset would be performed and the email picked up from the compromised account.

  13. #13
    Member
    Join Date
    Jul 2013
    Posts
    36
    No I'm talking about when the site allows you to choose a password, and they confirm your login details by sending them back. Anyway, I agree, best to keep your personal email account safe by choosing a strong password

  14. #14
    Super Moderator Javaphile's Avatar
    Join Date
    Dec 2004
    Location
    Earth!
    Posts
    15,368
    While we're talking computer/internet security don't ever log onto a password protected account/site while using a free Wi-Fi connection! It's all too easy for a kid with $50 or so of equipment to do a 'man-in-the-middle' type exploit.


    Java "Keep it safe!" phile
    MrJack likes this.
    Toys! I must have new toys!!!

  15. #15
    Senior Member
    Join Date
    Oct 2011
    Posts
    1,376
    Quote Originally Posted by Dragunov21 View Post

    The only real indication of legitimacy is if the domain is correct on the link. It's important to realise that (for example) while nab.com.au/custserv is legit (domain is nab.com.au) and custserv.nab.com.au is also (domain is still nab.com.au), nab.custserv.com.au is not (domain is actually custserv.com.au).

    It's an easy mistake to make (which browsers like Chrome make better by highlighting the domain for https connections, IIRC).
    Unless the nameserver has been compromised...

  16. #16
    Senior Member Journeyman's Avatar
    Join Date
    May 2009
    Location
    Bendigo
    Posts
    1,028
    One way to make passwords that are pretty much unguessable and so require a dedicated cracking attempt - not usually worth the effort for us little folk - is to make a phrase you will remember and use the 1st (or 2nd etc.) letters of the phrase. e.g. 'Now is the time for all good men' becomes nittfagm. You can increase the security of even that with caps. NiTtFaGm or nItTfAgM and so on. For sites needing other characters you could add a birthday figure, such as year - NiTtFaGm55 or NiTtFaGm_55 and so on.

    The idea is to prevent the search of your online details being a clue to passwords you have chosen because they are easy to remember. e.g. dog's name or mother's maiden name. Sophisticated cracking software first finds your online records and uses words from that to crack your identity.
    MrJack likes this.

  17. #17
    Senior Member Yelta's Avatar
    Join Date
    Jun 2009
    Location
    Moonta SA.
    Posts
    6,718
    Quote Originally Posted by Ol_Grumpy View Post
    Don't feel too bad Yelta, you're not the first or the last to get sucked in..........
    Not sucked in, posted this as a heads up that this particular email is out and about.
    Adobe did have a major security breach.
    The best thing to come from this is I have uninstalled Adobe Reader and associated files (gained over 1gb of drive space) and installed Foxit, smaller, faster and less intrusive.
    Sadly I'm stuck with Flash Player.



Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •