Apple ID Reset Snafu
Apple ID Reset Snafu: a reader asks…
Good morning Chris, I made a mistake and inadvertently sent a reply to a dummy apple account fraud notice that said someone made a purchase of music and wanted to verify I made the purchase. When I got to the website, I’d forgotten my Apple ID password, so I did the password reset thing. That sent me an email with a different Apple ID so I stopped there, deleted all the messages and ran a Norton full scan. I’m not confident I’m safe, so is there anything I can do (other than get a new OS😞. ) to make sure there are no other bad guys into my email, etc?
Don’t beat yourself up about this, hackers are pretty slick at fooling us, and fake emails have gotten so good it’s very difficult to tell them from real, especially if you’re in a hurry. So the tough news is that it’s possible that by clicking on a link and going to that fake website, you infected your computer. No protection is 100% effective, and Norton isn’t the best protection program available. At this point, I think you need to take a beat, and dedicate a little time to remediation. Here’s what I’d recommend you do:
As laid out in this article, you’ll want to download, install and run Malwarebytes Anti-Malware. This is a great program that comes in two flavors: Free (with on-demand scanning), and Premium (with full-time scanning and protection). For now you can go with Free, but you may want to give serious consideration to upgrading to Premium – and this program plays nicely with other computer security programs (unlike other brands of malware protection).
Tip: before you start your first scan, go to Settings > Detection and Prevention, and check the checkbox to ‘check for rootkits’. Also make sure that both “PUP” and “PUM” are set to ‘treat detections as malware’. And finally, on the ‘Dashboard’ screen, click the Update Now link on the right to make sure you have the latest updates to the program.
After you click the big Scan Now button, the program will go through a process of detecting malware. Don’t try to do anything else with the computer while this is going on, and it will take awhile to run – maybe an hour or two. As the program detects malware, you’ll see a counter go up, but wait till the scan is complete before proceeding. When the scan is done, you’ll see a results screen with all the malware it found. Make sure everything is checked, and then click the button to remove or quarantine it.
Now here’s the step most folks miss: restart your computer and re-run the scan. If a 2nd scan finds something, remove or quarantine it, restart and run the scan again. Keep doing this until you get a scan that doesn’t find any malware. Malware is pretty insidious, squirreling itself all over your hard drive – so it may take multiple passes to find it all.
Once you’ve gotten a clean scan, you’ll want to uninstall Norton, as it’s quite possible that malware had surreptitiously defanged its protection. This is a prudent step to take, so visit your Control Panel’s Programs and Features, find Norton and uninstall it. Once that’s done, you should restart your computer and immediately re-install it fresh (from the installation CD or here). Better yet, take my advice (from this article) and replace Norton with Bitdefender Internet Security 2015 (get it here), in my opinion the best internet security protection program. Please note that installing Bitdefender will require you to temporarily uninstall the Malwarebytes program, which you should re-install after Bitdefender is up and running.
Since your Apple ID is involved, I think it’s prudent to reset your Apple ID password at https://appleid.apple.com/. And if there’s any other place online that you use that same password, you should change that other place as well. My standing recommendation is to use unique passwords for each online place, so I advised previously (article here) to use LastPass for password management, which helps not only with making passwords unique, but also making them long and impossible to guess.
And just to be safe, I think you should reset your email account/service password as well, especially if you used that same password elsewhere (like your Apple ID?). LastPass helps make changing passwords a lot easier, and is well worth the minimal investment ($12/year for Premium). What’s really great is that you only have to memorize one complicated password (for LastPass), and that program remembers all your other passwords for you.
This website runs on a patronage model. If you find my answers of value, please consider supporting me by sending any dollar amount via:
or by mailing a check/cash to PosiTek.net LLC 1934 Old Gallows Road, Suite 350, Tysons Corner VA 22182. I am not a non-profit, but your support helps me to continue delivering advice and consumer technology support to the public. Thanks!