Zero Response from HawkHost to email hacking

[eddiecantor]

My email was hacked into a couple of days ago. There are now nearly 500 messages in my inbox that were returned as undeliverable, appear to be sent by me. The first ticket I sent to hawkhost came back saying my email address was not an authorized user for the account. Meaning that the hijacker is even more pernicious than I thought. So I called Hawkhost. And called again. And again.  Each time, after being on hold, it would say to leave a message. Still zero response to an alarming critical situation. I don't know what to do at this point.

[tekiegreg]

Yeccch hate it when this happens. 

 

Tried submitting to their helpdesk?  https://support.hawkhost.com/index.php?/Tickets/Submit , it shouldn't matter what email you specify as a reply.

 

Other thought:  Is your Cpanel account ok?  Login to there, flatten your email and websites and start over (Use one  of the R1Soft backups taken nightly to bring your site to a pre-hack state, then change all passwords to something really hard to guess, like 20 characters).

[Brian]

Please PM me your accounts primary domain name and I'll help you with this from there.

 

I doubt that the email account being hacked has anything to do with you not being an authorized contact. If you send us an email/ticket from an address that is not listed in your client area (https://my.hawkhost.com/clientarea.php) we'd be unable to provide support for the account you're referring to.

[tekiegreg]

BTW: This reminded me it's time to change my passwords again, thanks guys!

[Tony]

BTW: This reminded me it's time to change my passwords again, thanks guys!

Always a good idea to rotate your password once in a while. We're seeing a lot of email account compromises and wordpress admin compromises.

[Fowler]

And also to not reuse passwords between sites.  If a site you are part of gets compromised and your Username, email and password is stolen, that information will no doubt be used to try and login to various other sites including email accounts.  If you reuse the password, they can access those accounts as they have all the information needed is most of those cases unless there is extra security measures in place when loggin in such as Google's 2 step login.

[tekiegreg]

Always a good idea to rotate your password once in a while. We're seeing a lot of email account compromises and wordpress admin compromises.

Eeep...a feature suggestion for Cpanel might be to try and find a way to "up the armor" on the login so to speak.  You break the Cpanel account and you've completely rooted them, all emails and websites are up for grabs at that point, regardless of further password knowledge.  I'd think about using one of those Random Number tokens, one time pads, etc.

[Cody R.]

Eeep...a feature suggestion for Cpanel might be to try and find a way to "up the armor" on the login so to speak.  You break the Cpanel account and you've completely rooted them, all emails and websites are up for grabs at that point, regardless of further password knowledge.  I'd think about using one of those Random Number tokens, one time pads, etc.

 

I think that's going to be the future (albeit 1-2 years down the road). You're noticing a lot of services popping up which offer this natively - Twitter, Google, Facebook, etc. Unfortunately the scope of making a custom solution for cPanel simply makes it not possible. cPanel is still grasping with bugs / issues from years ago.

 

Although on a related note our WHMCS will be supporting 2-factor shortly so you can look forward to that !

 

 

And also to not reuse passwords between sites.  If a site you are part of gets compromised and your Username, email and password is stolen, that information will no doubt be used to try and login to various other sites including email accounts.  If you reuse the password, they can access those accounts as they have all the information needed is most of those cases unless there is extra security measures in place when loggin in such as Google's 2 step login.

 

Excellent advice and one we adhere to at Hawk Host for all employees. We require the use of a password manager / unique logins for *everything* and *everyone*. This reduces the chance a single compromise will lead to a larger issue. I do recommend LastPass or KeePass for local password management.