<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META content="text/html; charset=iso-8859-1" http-equiv=Content-Type> <META name=GENERATOR content="MSHTML 8.00.6001.18928"> <STYLE></STYLE> </HEAD> <BODY bgColor=#ffffff> <DIV>That make sense, I don't use free email accounts.  In this case maybe they were too free!  Or freely available.</DIV> <DIV> </DIV> <DIV>People get careless with their passwords and usernames, and who can blame them.  For genealogical purposes alone I have over 200 username/passwords.  But each one is unique, and composed of a mix of uppercase, lowercase and numerals.  I record the answer to my security questions on the same file card that has the password and username, never leaving it on the website in question.  And I make up my own unique security question (not just 'mother's maiden name').  I never leave my computer set to automatically log in to a site (which parks a cookie containing that information on your pc).  </DIV> <DIV> </DIV> <DIV>It's the responsibility of each person to make sure they're secure.  If you leave your door unlocked, you can't complain if someone opens the door and walks in.</DIV> <DIV> </DIV> <DIV>The good thing is that it's pointless to keep changing your passwords.  Absolutely not necessary unless you know for sure that you've been hacked.  No need to change your bank password every so many months. Hackers don't operate like that.  </DIV> <DIV> </DIV> <DIV>with dozens and dozens of these things, who could keep updating them anyway?</DIV> <DIV> </DIV> <DIV>play by the same rules you'd use in real life, and you won't be as vulnerable on the web.</DIV> <DIV> </DIV> <DIV>But again Terry, it's that old Urban Legend chant someone told me "a friend of hers did...."  Ye olde 'friend of a friend" again.</DIV> <DIV> </DIV> <DIV>Larry</DIV> <BLOCKQUOTE style="BORDER-LEFT: #000000 2px solid; PADDING-LEFT: 5px; PADDING-RIGHT: 0px; MARGIN-LEFT: 5px; MARGIN-RIGHT: 0px"> <DIV style="FONT: 10pt arial">----- Original Message ----- </DIV> <DIV style="FONT: 10pt arial; BACKGROUND: #e4e4e4; font-color: black"><B>From:</B> <A title=terry@reigelridge.com href="mailto:terry@reigelridge.com">Terry Reigel</A> </DIV> <DIV style="FONT: 10pt arial"><B>To:</B> <A title=apgpubliclist@apgen.org href="mailto:apgpubliclist@apgen.org">apgpubliclist</A> </DIV> <DIV style="FONT: 10pt arial"><B>Sent:</B> Friday, June 25, 2010 10:55 AM</DIV> <DIV style="FONT: 10pt arial"><B>Subject:</B> Re: [APG Public List] [APG Members] My Predicament!!!! (Need Help).</DIV> <DIV><BR></DIV>LBoswell wrote:<BR>> It's more likely from third party applications accessed<BR>> through FB.  Privacy settings that you have set for FB <BR>> may not apply when you use those other apps.  <BR><BR>While the same scam is being run on Facebook, best I can see in those cases it's actually done on the Facebook system, not via email. All the messages of this sort I've received were emails, and seem to have two things in common -- use of a "free" email account, and a computer user who seems to be relatively unaware of security issues. In each of those cases the email account was actually taken over by the intruder. And, few if any of them every figure out how their account was compromised. I suspect they have either fallen for a phishing message and voluntarily given up their passwords, or have used weak passwords or security questions that make it easier for the scammers to break into the accounts. One told me he used the security question "What was your first phone number?" and not remembering it, entered 1234567890, and believed that was the way the account was compromised.<BR><BR>> I just don't think people would actually<BR>> fall for this little con. <BR><BR>Oh but they do - that's why it's going on. A correspondent whose account was compromised for one of these told me one of her friends did indeed send the money.<BR><BR>Terry Reigel</BLOCKQUOTE></BODY></HTML>