How My AOL Email Got Hacked
If hacking is mysterious to you and something only the most elite hackers can do, this blog post might disappoint you.
Yesterday, my AOL email was hacked into. I realized almost right away when it happened, so I changed my password before too much damage could be done. How could my AOL get hacked into, especially me, who has enough technical knowedge to have a GitHub blog, work as a software engineer, and am going to school for my master’s in computer science? It involved a bit of social engineering. Here’s how it happened:
I recevied the following email from a colleague:
Can not show full mail body.
You will see it when pressing here
Aol error number: 466427 (Wed Jul 27 8:07:01 2016)
Seemed innocent enough, but I was a little suspicous. I didn’t even click on the link at first. I don’t think the person who sent it to me is too technically literate, so I figured they somehow messed up sending an email, and thus the error message.
Once I clicked on the link, it took me to the following webpage (also, note that I was on mobile):
Looks completely legit, right? If I was paying more attention, I would’ve noticed the URL was wrong. It should at least have “aol.com” in it somewhere. This URL is just a bunch of numbers. I didn’t notice this, so I typed my email and password in. Once I clicked “Sign In” it took to some news article. I closed the page. I was a bit confused for a second before I realized what I had just done.
I immediately changed my AOL password. Thankfully, my AOL password was different than any other password I use. A couple emails identical to the one I received were sent from my AOL to other AOL email addressed in my address book, but other than that, little damage was done.
Oh, and yes, I still use AOL. That email address is old enough not only to vote, but also to drink. I don’t pay for it, though.