Getting Hacked Sucks – I Should Have Known Better

Getting Hacked Sucks

Getting hacked sucks! I knew something was wrong when I received an email notice from LinkedIn that “You’ve successfully changed your LinkedIn password.” I received the email at 3:33 pm while I was standing in line to get ice cream with my daughter and noticed the change was made using Firefox and Windows 10.

I knew right away something was wrong since I don’t own a PC running Windows 10. Then the nightmare began, I started to receive text messages, calls and emails asking if I sent an email that read “YOU HAVE A DOCUSIGN REQUEST. KINDLY CLICK HERE TO REVIEW DOCUMENT.”

Ransomware Think Before You Click It Or Open It

Getting Hacked Sucks – Thought I Was Safe

The email originated from my LARGO Consulting Services Office365 email account, but the signature was from my PalmCentrix email account. I immediately tried to log in to my Office365 account, but the password had been changed. I called GoDaddy and discovered that someone had logged into my account, signed up for hosting services, and spoofed my www.yoursecurityadviser.com website using one of my other domain names.

While GoDaddy worked on resolving the problem, I started changing passwords, which by the way I had recently changed to strengthen security on most of my accounts. Additionally, I started reaching out to people letting them know not to click on the link. I responded to the emails I received, text messages, calls and even sent out a mass email through MailChimp with the message “Do Not Open Any Docusign Links.”

Do We Need To Be Reminded About Password Security

Getting Hacked Sucks – Why Me?

I wanted to reach as many people as possible, so I also posted a message on Facebook and LinkedIn that read “Please Do Not Click On An Email Link To DocuSign!. Not only did the hacker spoof my email they also spoofed a website. Even if you replied to the email asking if I sent it, you received a return email saying yes, along with a custom reply.”

Once I stopped the bleeding, I started to wonder where I went wrong? I followed most of my advice published in recent blogs, post, and tweets, but still managed to become a victim. Had I taunted fate, by tweeting and posting about the dangers of poor passwords, the importance of Two Factor Authentication, and how not to become a victim of ransomware?

I may never find answers to all of my questions, but I know one thing for sure, Getting Hacked Sucks!

Copyright 2017

About The Author

Bernard D. Gollotti, CCP is an ASIS International Board Certified Security Professional with over 30 years of real-world experience across multiple market verticals and disciplines. Ben founded PalmCentrix, LLC to connect end users to mobile security and safety solutions that you can use in the palm of your hand. He is also President/CEO of LARGO Consulting Services, LLC providing physical security consulting services, security industry specific social media consulting services, and business development consulting services in the Greater Philadelphia area.