ermingarden: medieval image of a bird with a tonsured human head and monastic hood (Default)
Ermingarden ([personal profile] ermingarden) wrote in [community profile] agonyaunt2022-01-28 12:56 pm
Entry tags:

Miss Manners: My email was hacked, and my friends were scammed. How can I pay them back?

Dear Miss Manners: My email was hacked. Some of my loving, trusting, generous — and also naive — friends were tricked into sending money to scammers, because they thought they were helping me.

I am grateful to have such friends, but naturally, I feel rotten about this. Everybody tells me I am not to blame — even the ones who were defrauded — but I still feel guilty and responsible.

My etiquette problem is that part of the scam was the promise of repayment. That will not happen.

My friends may not be able to afford losing the money they thought they were simply loaning to me on a short-term basis. As it happens, though technically not responsible, I can help, and I’m anxious to. How do I go about it in a delicate and sensitive way? They may have their pride.


Become exceedingly generous whenever you can, bestowing presents on these people.

That should quell any issues of pride. But if they question your generosity, Miss Manners suggests you tell them, “Let’s just say this is from me and the ‘prince’ who scammed you.”
jadelennox: Senora Sabasa Garcia, by Goya (Default)

[personal profile] jadelennox 2022-01-28 08:20 pm (UTC)(link)

nothing to say except, oh, LW, this sucks and I am so sorry.

jadelennox: Senora Sabasa Garcia, by Goya (Default)

[personal profile] jadelennox 2022-01-28 08:23 pm (UTC)(link)

wait I do have something to say. Use a password manager, switch to procedurally generated unique passwords, turn on 2fa everywhere you can, assume all your accounts and old passwords everywhere are vulnerable because once they're in you're email they can get almost everywhere else, let your bank and credit cards know that you'd like to add extra security for the same reason, and help your friends to do the same.

getting hacked is not even the tiniest bit your fault. but it is useful to know there are things you can do to become a less soft target. The local library might be able to help you do these things.

Edited (making it more clear this is not LW's fault) 2022-01-28 20:24 (UTC)
shirou: (cloud)

[personal profile] shirou 2022-01-28 11:42 pm (UTC)(link)
getting hacked is not even the tiniest bit your fault. but it is useful to know there are things you can do to become a less soft target.

I have given some thought about how to tell my kids, as they get older, "there are things you can do to protect yourself" without victim-blaming. It comes up multiple contexts. This is useful phrasing.
sleepyfairy: (Default)

[personal profile] sleepyfairy 2022-01-29 02:01 am (UTC)(link)
The only problem with password managers is, unless it's backed up on an external server (which is vulnerable to hacking in itself) computer malfunctions can be an absolute nightmare when it comes to regaining access to everything, especially if you don't have access to the old machine.
Edited 2022-01-29 02:01 (UTC)
xenacryst: Aragorn, Legolas, and Gimli tracking the hobbits in Rohan (LOTR: Aragorn/Legolas/Gimli in Rohan)

[personal profile] xenacryst 2022-01-29 05:05 am (UTC)(link)
There are some ways around that, perhaps not completely iron clad, but good enough. I use a password manager that writes its encrypted database to iCloud (but could easily be any other cloud system or even a local network server), and then I have the same program syncing that database on three devices. Likelihood of the database being compromised boils down to any of my devices being compromised or someone accessing the cloud system and decrypting it, and that leaves the problem of one of my devices making hash of the database and the others syncing that garbage.
cimorene: an abstract arrangement of primary-colored rectangles and black lines on beige (all caps)

[personal profile] cimorene 2022-01-29 01:37 pm (UTC)(link)
There's also the low-tech solution of keeping your own database of passwords in a text file, categorized or alphabetized, and backing it up regularly but manually (for example, to a phone or a second harddrive). That's what my wife and I both do. The password document is the weak point in both solutions of course. My personal computer, being Linux-run, is somewhat less vulnerable to attack than a password manager app with its data in the cloud, not least because it's a less desirable target. On the other hand, managing your own passwords manually is a little bit more work than letting a password manager do it; but if your lifestyle doesn't require creating passwords that often it's not a big deal.

And of course there's the fact that the standard computer-generated secure passwords are less secure than passphrases like those created with diceware.
beable: (Default)

[personal profile] beable 2022-01-30 04:40 am (UTC)(link)
Honestly while I don’t do it for office environment stuff, at home I’m a fan of just writing some things down.

I forget the exact phrasing but it’s basically the Bruce Schneier quote about how we’ve already solves the problem of how to keep little pieces of paper with information safe - it’s called a wallet.

minoanmiss: A detail of the Ladies in Blue fresco (Default)

[personal profile] minoanmiss 2022-01-29 05:27 am (UTC)(link)
I knew this letter would attract good advice on password management.