1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

AOL & Heartbleed?

Discussion in 'Web & Email' started by RipnDip, Apr 30, 2014.

Thread Status:
Not open for further replies.
Advertisement
  1. RipnDip

    RipnDip Thread Starter

    Joined:
    Mar 14, 2009
    Messages:
    67
    I've received tons of emails from Hacked AOL users.

    Now this:


    Dear AOL User,

    At AOL, we care deeply about the safety and security of your online experience. We are writing to notify you that AOL is investigating a security incident that involved unauthorized access to AOL's network and systems. Recently, our systems alerted us to an increased incidence of email users receiving spam emails from "spoofed" AOL email addresses. AOL's security team immediately began investigating the cause of the spoofed emails. Spoofing is a tactic used by spammers to make it appear that the message is from you in order to trick the recipient into opening it. These emails do not originate from the AOL Mail system – the addresses are just edited to make them appear that way. AOL is working with other email providers like Gmail, Yahoo! Mail and Outlook·com to stamp out spoofing across the industry, and we have implemented measures that will significantly limit its future occurrence.

    Although our investigation is still underway, we have determined that there was unauthorized access to AOL users' email addresses, postal addresses, contact information (as stored in the AOL Mail "Address Book"), encrypted account passwords, and encrypted answers to security questions that we ask when a user resets his or her password. We believe spammers have used this contact information to send spoofed emails that appeared to come from roughly 2% of our email accounts.

    Importantly, at this point, we have no indication that the encryption on the passwords or the answers to security questions was broken. Likewise, there is no indication that this incident resulted in disclosure of users' financial information, including debit and credit cards, which is also fully encrypted.

    Nevertheless, as a precautionary measure, we strongly encourage you to reset your password used for any AOL service and, when you do so, you should take the time to change your account security question and answer. You may reset your password and account security question at account.aol.com.

    In addition, there are steps you can take to protect yourself from cyber risks. They include:
    • If you receive a suspicious email, do not respond or click on any links or attachments in the email.
    • When in doubt about the authenticity of an email you have received, contact the sender to confirm that he or she actually sent it.
    • Never provide personal or financial information in an email to someone you do not know. AOL will never ask you for your password or any other sensitive personal information over email.
    • If you believe you are a victim of spoofing, consider letting your friends know that your emails may have been spoofed and to avoid clicking the links in suspicious emails.
     
  2. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    110,629
    It is a fact that AOL was hacked and some information was stolen. Are you asking if this is legitimate?
     
  3. Couriant

    Couriant Trusted Advisor

    Joined:
    Mar 26, 2002
    Messages:
    31,890
    First Name:
    James
    Any links in emails like that I ignore and go to the website directly....

    Note that 2% of 1 million is 20,000.... not sure how many subs they have but that's a lot of compromised accounts.
     
  4. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    110,629
    Yeah, I was going to say that too. Although the situation is legitimate, it's always best to get to the site to change your password the way you normally would and not through the link in the email. You can bet some bad people may take advantage of the situation and send fake emails that look the same in phishing attempts. :)
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1125133

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice