Seems strange - do you have any anti-virus software or anti-spam facility within your existing email services. Most spam is trapped by any half-decent service. Gmail is very good, Outlook is OK in my experience.I spend upwards of 4-5 billable hours a day clearing/archiving/reporting mailbox of phishing/scam emails so that I can receive client emails,
I don't see the connection between the new business name and the data breach. You might like to clarify why the data breach requires a new business name.Currently redesigning and brainstorming for a new business name which means changing in business identity, branding and design, doing all of this so I can register afresh with the CRO...
Hi Rainyday
Alternate viewpoints welcomed. But to answer your queries, the email that has been affected by the Adobe Breach, is my business email which is attached to a copyrighted and owned by my business domain, that is hosted on a dedicated server, does in deed have a very good anti spam service and I have always used it, however this is not the problem.
As a cloud subscription user, as I have to use their software for my business, Adobe retained private data, financial and personal info which was leaked during the Oct 2013 Security breach.
Following on from that, my business email is now full of scam/phishing emails, which I had never had to deal with in the past. My business email address is being used by, what I can only surmise, is some 3rd party direct mailing marketing company. This I know because my email is 'issuing' mailing lists which I have not set up or authorised as I do not use direct marketing in my business, thus which is now opening me, as the owner, up to liability under the European Communities (Electronic Communications Network and Services)(Privacy and Electronic Communications) Regulations 2011.
As for the connection between a new business name and the data breach. The connection is:
My business email address runs through my business domain, that is used by the Adobe Cloud Subscription as it is my business that is the subscriber.
When a domain is 'hacked' in this way, you basically have 2 options, you can get some very expensive software to run and filter the domain, employee some high tech people to clear your hacked domain of any malware or viruses and such, all of which is way too expensive for my business to afford or in order to register a new .ie domain, I need to create a new business, hence a new business name, obtain a new RBN and apply for a new .ie domain. Thus 'dumping' the previously hacked domain by letting it expire.
Apologies for the lengthy post, but does this clarify?
Hi Rainyday
Alternate viewpoints welcomed. But to answer your queries, the email that has been affected by the Adobe Breach, is my business email which is attached to a copyrighted and owned by my business domain, that is hosted on a dedicated server, does in deed have a very good anti spam service and I have always used it, however this is not the problem.
As a cloud subscription user, as I have to use their software for my business, Adobe retained private data, financial and personal info which was leaked during the Oct 2013 Security breach.
Following on from that, my business email is now full of scam/phishing emails, which I had never had to deal with in the past. My business email address is being used by, what I can only surmise, is some 3rd party direct mailing marketing company. This I know because my email is 'issuing' mailing lists which I have not set up or authorised as I do not use direct marketing in my business, thus which is now opening me, as the owner, up to liability under the European Communities (Electronic Communications Network and Services)(Privacy and Electronic Communications) Regulations 2011.
As for the connection between a new business name and the data breach. The connection is:
My business email address runs through my business domain, that is used by the Adobe Cloud Subscription as it is my business that is the subscriber.
When a domain is 'hacked' in this way, you basically have 2 options, you can get some very expensive software to run and filter the domain, employee some high tech people to clear your hacked domain of any malware or viruses and such, all of which is way too expensive for my business to afford or in order to register a new .ie domain, I need to create a new business, hence a new business name, obtain a new RBN and apply for a new .ie domain. Thus 'dumping' the previously hacked domain by letting it expire.
Apologies for the lengthy post, but does this clarify?
Thanks for the update. Maybe it's just me, but I'm still not getting it...
You are not the only one! I doubt the Adobe lawyers will have much trouble dispatching this one and leaving the OP with a large bill...
It sounds to me like you have been poorly advised. As you are finding out, this is a very impractical solution. No end user can go through this kind of blacklisting process for large numbers of emails on an ongoing basis.Let me first state here, I am in no way an IT professional, so some of the issues being discussed here are little above my head, so I have been consulting with some IT profs... so I will do my best to explain.
What I have been told, is that in order to combat what has happened, I have to enter in header full email header info onto a blacklist, which is very timely as I get somewhere between 200- 300 of these emails every 1-2 days. Also once you 'block' the emails ip and addresses, the scammers reroute through new proxy's and forged IPs so I have start entering them in again, an incredibly laborious process, which is why it takes me so much time, I simply can't afford to employee someone to do this for me.
Sorry, I'm still a bit confused here too. If you want to explore this further, you might want to give some examples, without identifying your domain. Tell us what email addresses were used and what email addresses were effected. You could use @em_cat.ie as the domain, for the purposes of this discussion.Because the hackers obtained private data that Adobe has for me/my business they not only obtained my adobe ID, but also the contact email address which is the one that it is being affected as per the private data records Adobe had on me/my business. In addition to the same, the email address that is listed on my business website is the same domain, but not the same email address I use to communicate with clients and/or service suppliers.
Yes, the passwords were encrypted, but not hashed or salted, so it wasn't a very strong form of encryption. Most of the articles I checked suggested that decrypting them was a matter of time, but I couldn't find any actual suggestion that they had been decrypted.Adobe stated that the passwords where encrypted, although I had read somewhere that the passwords may not have encrypted correctly, something to do with 'salting', but again this is way above my level of IP Tech...
Up to yourself of course, but I don't see how you can attribute blame to Adobe. And if you can't explain it to me, don't expect a judge to get it.2) Also to clarify, the hacking happened to my domain, I do have proof of this. I can't even begin to explain how, I just have the reports. But also, no the login info for the cPanel is entirely different. Believe me, I have no idea how all of this happened, but I can, with proof, trace it back to the Adobe Breach.
I can understand why people are confused here, I am to, however Adobe has admitted liability and has actually apologised. So as far as leaving me with a large bill, I am a little skeptical about that. And as I originally stated, they have offered some level of pathetic compensation and to their credit, they have been trying to engage with me, I get a call every week from them, but as far as trying to explain exactly what the fallout has been, is pretty difficult for me.
You can assume that your password has been hacked - the complexity of your password just determines the size of the hash list needed to reverse it. Here's a sample : http://grahamcluley.com/2013/11/top-50-passwords-adobe-security-breach/ I don't have a copy of the database but can get one if you want it
With regard to the anti-spam - what type of mail service do you use ?
Being blacklisted is a fact of life - you might want to look into some tools that monitor your status.
Blacklisting spammers is normally better left to other companies to provide that service so if you're not already on a mail service that provides all of that type of functionality - you should move to one. Or even look at something like www.antispam.ie - you will just need to change your MX entries.
With regard to the domain hacking - what were the symptons and how were/are you still affected ?
What email client do you use - Outlook? or other?Previous to Oct 2013, this email address was never blacklisted as I do not send out mailing lists of any kind, its not really necessary for me to do so. I found out about being blacklisted from a client's it dept when I was sending an important email regarding a project I was working on for them, that was the first time ever and it happened in Dec 2013.
Prior to Oct 2013 I never needed to use a very specific anti spam as this email address, nor had any of the others, hosted by my domain showed any type of need for such measures. On the rare occasion I know I used the whitelist/blacklist functionality under my cPanel options and that was fine until Oct 2013. AS I have previously stated, I have every email from every mailbox archived on an external drive server, this is because I have and ISO filing and record keeping system in place because of my client base.
I have been looking into www.antispam.ie as blacknight are my domain hosting providers so it would make since, however the tech support in blacknight where pretty good at helping me with some of these issues and they too can confirm that prior to Oct 2013, having to use a system like www.antispam.ie was not necessary for me. Also, as I understand the antispam is €30ex VAT per annum, per mailbox which will be very costly for me as I have a lot of mailboxes and they say it is essential to use it on all the mailboxes associated with the domain to be effective.
Why do you link this hacking to the Adobe leak?As far as the domain hacking, an example I can give, with my domain, I host 3 Digital Asset Management Systems, individually tailored to 3 clients. A client informed that some non approved images where found online on a website, and to clarify, under the DAM there are approved images for use, say in a clients design guide, this enables them to use them in their company promotions and such, and this case it happen to relate to patenting design. Anyway, After the client doing an internal check and after informing me, I did a check via the logs from the DAM and was able to trace when the 'unapproved' image was downloaded and so on a so forth. Anyway this is a major problem as the DAM's have to be heavily secured so that only approved people can access them.
Another symptom, is one of my clients websites is hosted under my domain, and their website has started to do multiple redirections, not when someone lands on the homepage, but when they search for a product all of a sudden they are redirected to some site that was not what they intended to be on. I have gone thru the code for the entire site, which is mostly php and some html5. I was able to sort that out pretty quickly, however 2 weeks later it happened again to the same website and then 2 more.
And yes, I am still being affected, most noticeably, the DAM's are 'misbehaving' and also I seeing some source code that has been added to other websites under my domain as well as in my own...This is a constant battle. And as I previously stated, blacknight advised me that one option is to dump the domain, but thats all well and good, however that then requires a rebranding for me and reregistering with the CRO.
I can understand why people are confused here, I am to, however Adobe has admitted liability and has actually apologised.
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?