Archives For micahfoster.net

autumn moments

Yesterday I got a screen shot in the form of a text message from Chris Loach, a good friend and one of our volunteer staff at Two Cities Church. It was an email sent from… me. Only it wasn’t from me and I immediately thought, “OH NO! I’VE BEEN HACKED! WHO ELSE IS GETTING THESE?!!!” I’m sure you can relate to those kinds of panic moments. I haven’t had a hacking situation like this since MySpace was a real social media option. Here’s a screenshot of the email Chris received.

email1

After a few minutes of digging around, I realized I wasn’t hacked, I was Spoofed.

There’s different kinds of spoofing attacks, but mine was fairly simple and just about anyone can do it explains askleo.com. My spoofer simply sent an email from what looked like me, but when you press reply, it showed his real address. He or she was not using a very complicated method. However, sometimes they’re a bit more complicated as lifehacker.com explains. So what did I do about it? The following is how I seem to have spooked my spoofer from spoofing me again.

5 Steps to Spooking your Spoofer

Step 1: Know When it Hits
In order to go from spoofed to spooker, you’ve got to know when it happens and you need to know fast because the chances are, they’re not stopping with one email. That means you need your contacts not to just delete the email, but to actually inform you that it happened, like my buddy Chris did for me. (Thanks man!) Once you know, you need to take immediate action to avoid fall out from your contacts.

Step 2: Hit Reply
I asked Chris to click on the name and make sure it says my email. He did and it did. Then I said, “I wonder what would happen if you hit reply” and boom. There it was, the real email that the spoofer was spoofing from.

IMG_6790 email 3

Step 3: Research
Once I had the real email this person was sending from, I went on a hunt for information about that person and that email. First stop, google.com. Google had nothing to say about that email address. No social media accounts. No other usages in forums. No previous articles, websites or blog posts mentioning the email (ceomanagement9@gmail.com). So I decided to figure out what I could about the user via the gmail account recovery process. I went to gmail.com and plugged in the address, then I clicked on “forgot my password” and chose the text me option. In order to actually get the password you’d need a lot more information, but I wasn’t trying to hack them. I was trying to get information about them. It revealed that their phone number associated with their account is **********77. Here’s what that tells me, their number ends in 77 and it’s one digit too long to be a number from the USA. So they are international.

Step 4: Invite Them to a GoogleTalk Video Chat
I invited them to a video chat. Imagine, what if they had actually accepted my invitation and I could video chat with this person? Wouldn’t that be shockingly amazing?! But they didn’t. But I’m sure that’s when they started getting a little spooked.

Step 5: Email Them and Block Them
I sent two emails to the address and explained that their attempts to scam my contacts would not work. They’re much too smart. People doing these kinds of scams are looking for low-hanging fruit, people who are frazzled by emergencies and many of whom are elderly. As soon as they realize they aren’t going to profit from scamming you or your friends, they’ll move on. In the email I sent, the point was not to make them angry, it was to scare them…hopefully enough to abandon or close the email they used completely and or out of the business. I’m hoping by the end of the time that they realized someone tried to log in to their real email, the person they were spoofing tried to video chat them and they were found out that they were spooked.

Bonus Step: Don’t Get Spoofed Again
I am the administrator of our church domain, twocitieschurch.com, and so I have the ability to go into the admin console and block them from emailing anyone within the organization. I took great pleasure in that step.

Here’s the deal, you can’t stop people from being dumb and trying to scam you, but you can make it difficult for them and you can spook them. So let’s make it difficult for the spoofers who are trying to take money from your contacts. Have you ever been hacked, spoofed or scammed? What was your experience and how did you deal with it?

Hey North Fresno!
Are we too busy to stop and help someone in need?
too busy to help

Yesterday my wife was on her way home from visiting her grandma.
It was 10:45AM.
She was down the street and called me.
She said, “Get your shoes on, I need to take you around the corner. A lady just got into a card accident and I have Brynn, so I can’t approach her.”
So I hurried and met her outside. We drove around the corner and a van was sitting up on the curb.
I got out of the car and Erica called 911.
I approached her slowly and asked if she was ok.
She appeared to be ok, but was dazed.
She was concerned about a Dr. appointment she had in an hour.
She wanted someone to take her and I assured her that she needed to stay put with her car until the police came.
As I was standing next to the car, the home owner came outside with the woman’s driver’s license.
He said he had called the police and they said they weren’t coming because the woman wasn’t hurt.
Erica got off the phone and said, they’re on their way.
The man was unsure of how to handle the situation and said that she’d been sitting there for 45 minutes.

45 Minutes People

I love our community, but people… come on.
She was alone, on the side of the road and didn’t know what to do for 45 minutes before we stopped.
The man inside had basically given up on help because the “police weren’t coming.”
Neither of them were equipped to handle this on their own…

Meanwhile… there were 100 or more cars that had driven by.

This reminds me of a little story.

“A man was going down from Jerusalem to Jericho, when he was attacked by robbers. They stripped him of his clothes, beat him and went away, leaving him half dead. A priest happened to be going down the same road, and when he saw the man, he passed by on the other side. So too, a Levite, when he came to the place and saw him, passed by on the other side. But a Samaritan, as he traveled, came where the man was; and when he saw him, he took pity on him. He went to him and bandaged his wounds, pouring on oil and wine. Then he put the man on his own donkey, brought him to an inn and took care of him. The next day he took out two denarii and gave them to the innkeeper. ‘Look after him,’ he said, ‘and when I return, I will reimburse you for any extra expense you may have.’ “Which of these three do you think was a neighbor to the man who fell into the hands of robbers?”
Let’s not assume someone has already helped.
Let’s not assume it’s not our responsibility to help someone.
And let’s not leave our neighbors in wrecked cars on the side of the road because it doesn’t fit into our nicely organized plans or schedule for the day.