Fighting Hackers to Reclaim My Name


Over the course of the life of this blog I can’t even begin to count the number of stickers I’ve handed out, and put on various music venue bathroom walls. I don’t think it would be a stretch to say if you’ve ever needed to pee at a concert in the LES, or in Southwestern CT, you’ve probably seen my sticker. Heck, there’s even been an awesome artistic alteration to one of my stickers at The Acoustic, in Bridgeport, CT, with someone having added googly eyes to it.


Last month I was at a private, outdoor event, and I handed a few stickers out to folks. Little did I know that although I’m not a car dealer, I was about to present those people with some unexpected sticker shock.

When they went to the address on the sticker (which automatically redirects people to the blog) they did not see articles about indie music, interviews with artists, or my smiling face. Rather, they saw a masque of red death.


In this case, neither Edgar Allan Poe nor Vincent Price were involved, but Google sure as heck was. A red screen warning people that the site was “deceptive” and could be part of a phishing scam came up.

My first thought was – I almost never write about Phish!


Most people access my blog through direct links to articles, so while the issue with the adamsworldblog address was frustrating, it wasn’t the end of the world, so it was pretty easy to keep my cool as I started the process of trying to figure out what they heck was going on.

I alerted Google to the error, but upon further investigation I realized something was amiss. I noticed I was getting page views from my own web address, but with an extra country code at the end of it, followed by what looked to be a phishing scam.

I called up GoDaddy, which is where my domain is registered. This would be the first of around half a dozen times I’d contact them over the course of a few weeks, and each time we chipped away at another layer of the hack.


The thing with my GoDaddy account – and I’m sure this is true for many folks out there who own a web address – is that I renew my domain for X number of years, and then don’t log back into GoDaddy again until it’s time for another renewal. What I found out was, in that downtime, a bunch of not so nice folks hacked into my account. This discovery came about essentially by accident.

When someone at GoDaddy suggested I change my password – in addition to that I added two-factor authentication, which I’m not even sure they had the last time I renewed – I saw a link to where I could view my previous log-ins. Just for the hell of it I clicked on it, and BOOM, there it was, a list of half a dozen foreign IPs that had logged into my account.

Ironically, it started on my birthday in 2019, and then continued through to July 20th of this year. There was Canada, Algeria, Vietnam on two different occasions, China, and it culminated with the most recent illicit log-in, which came from France. Damned Coneheads hacking into my account!


I figured after I changed my log-in info everything would be fine, but Google was still giving me the red screen. Exasperated, last Friday I called GoDaddy one more time, basically just to ask if my web address had become a lost cause. They refused to accept that idea, and nearly an hour later we’d finally chipped away at the final piece of the hack. Again, it happened almost by accident.

While trying to figure things out, the guy at GoDaddy casually noted, “You have other products with us,” and I said, “No, just the website, and added security so no one can view my personal information.” He replied, “What about all these email addresses I see associated with the account?”

He directed me to where I could see them, and I had no idea where they had come from. Above everything there was a note about when the settings were last updated – July 20th. Suddenly it all made sense. We’d found the final piece of the puzzle, and were ready to destroy it.


After we deleted all the email accounts, the guy at GoDaddy directed me to where I could ask Google to “recrawl” my website, and have it be put it back in good standing. I filled out the form that asked me what I had done to address the situation, clicked send, and hoped for the best. I was told it could take three to five days to go into effect. The next morning, just for the heck of it, I typed in adamsworldblog.com to see if it worked. It did. I was hyped.

Still on that high, I checked both the Google page where I submitted the request for the recrawl, and my Gmail, and on each I received the following message


In the immortal words of George Costanza after he had the good mango – I’m back, baby! I’m back!

In fact, not only am I back, I’m stronger, and more protected, than ever.


As an aside, I was really proud of the patience I displayed during this entire process. I never raised my voice, and even though I was frustrated, I was always happy that we were continually chipping away at the many layers of the hack.

Patience + Teamwork = Success!

Now, to find more places to put stickers!

Comments

Popular Posts