I want to raise your awareness about an issue that affects us all: the importance of never revealing your password.
Recently there have been a few incidents where computer hackers have tried to gain access to passwords by soliciting individuals online. These hackers have increased their level of sophistication so much that they have begun to correspond in a style that will makes you believe they are representing America Online. Here's an edited excerpt from a recent e-mail attempt:
"Dear AOL Community Member:
AOL is expeiencing major problems...Due to a virus that was recently loaded...onto our main user database, containing most of our member registration information, we are currently experiencing widespread system failure. The problem originated...when our system was illegally breached by a former AOL employee.
We believe the employee, who is currently being questioned by authorities, loaded a virus into our database. Because we identified the problem quickly, we were able to stop the problem before the entire database was deleted.
The files that were deleted, however, happened to be the database link files...that link a user's password and screen name to the rest of their account. We are currently...working with McAfee Associates (Anti-Virus), to replace the lost files...
...Some of the effects as a result of not having the database link files include: random log-off's, AOLnet runs slower, and Email may accidentally be deleted. These problems are MAJOR inconveniences to our users, so we need your help to fix the problem."
The letter continues, outlining the steps you must take to keep your account active, and awarding you free online hours for your troubles.
Sending e-mail is just one tactic. Another approach is by using IMs (Instant Messages), where a hacker will notice you are online and try to pass himself off as an employee. Hackers sometimes scan chat areas and the member directory for screen names.
Simply put, your passwords are like items in your safety deposit box. They're confidential. YOU are the only person who should know your password. Giving someone (even unintentionally) your and password -- especially online -- is like handing over your wallet, keys, and other valuables to complete strangers.
There is absolutely no reason why America Online would ever ask you for your password! Be aware: NO EMPLOYEE OR REPRESENTATIVE OF AMERICA ONLINE WILL EVER ASK YOU FOR YOUR PASSWORD, YOUR CREDIT CARD NUMBER, OR TO VERIFY YOUR BILLING INFORMATION ONLINE. IF THEY DO, BE SUSPICIOUS AND TAKE ACTION--REPORT IT IMMEDIATELY.
Here are some quick steps to keep your passwords secure:
1) Immediately change your passwords (at keyword PASSWORD) to at least 6 alphanumeric characters -- combination of letters and numbers -- for all of your sub-accounts. Delete unused sub-accounts.
2) NEVER use your screen name, first name, last name, town, address, etc. as a password. Do not use a common word. Add a few digits to a word. Hackers have created all kinds of programs that search for common words.
3) Inform spouses, children, and others who have access to your account to take the same safety measures, and to NEVER give out passwords.
4) Report suspicious behavior at keyword GUIDEPAGER immediately.
Computer hacking on America Online is not widespread. But it's an activity -- and an illegal act -- which hinders our ability to conduct business and to ensure a safe online community.
AOL will pursue all legal action and law enforcement protection within our right to protect the security of our service.
We also rely on our members, partners, remote community leaders, and others with overhead accounts much like a neighborhood watch program -- to help crush hacking, to maintain confidentiality of the simplest personal belonging (your password), and to report activity of this kind to AOL immediately.
If you have any questions, please discuss them with your contact at AOL.
