I have get hacked

Similar Messages

• My password keeps getting hacked, how can i disable my account and start a new one and not lose all the stuff I already have?

  Hi All,
  I need help, my password keeps getting hacked, and I keep changing the password, and changing all my security questions. I have changed everything I can. How can I disable my account, but not lose everything that I already have in there? Is this possible or do I have to start all over again?

  You might have some better luck if you call your country number from http://support.apple.com/kb/HE57 and ask to speak with the Account Security Team.

• I have had 3 days worth of unauthorised purchases. How can I get my money back?  I have changed my password again and I have disabled my credit card.  My account is constantly getting hacked

  I am sick of getting hacked..... This is the 3rd time my account has been hacked.  This time it has only been for $30-40 but it is very alarming that it is getting hacked at all.  I have changed my password agian to a random thing.   Lets see how long I can stay hacked free this time.  If this continues I may have to put a formal complaint in to Apple.  And maybe only buy non-apple products....
  Ellen

  It's most likely not you, no matter what they say. I have noticed a LOT of fraud with itunes, even with my own account. One time I caught them doing a database restore. I know this because my password automagically reverted back to an old one! I'm an IT guy who helped design DOD classified networks in the mid-pacific. I know security. The best protection for this is to NOT have a credit card listed in iTunes. Use iTunes cards ONLY. It's a pain, but until they step up, it's all you got.

• Do I have to worry about my macpro getting hacked?

  Do I have to worry about my macpro getting hacked?

  The SSL problem has been handled by Apple through security updates to the Mavericks and Mountain Lion and Lion operating systems.  If your operating systems are up-to-date you have little to worry about.
  The Mac OS X Mavericks update, 10.9.2, is quick and easy to install.
  The concerns with the SSL flaw are with using an unsecure public wireless network.  If you are using your MBP on a wired network or your own network there is very little likelihood of a problem.  The flaw did not allow access to the computer, just third-party eavesdropping on the communication.
  But, one should always be aware of the risks involved in transmitting sensitive information such as credit card numbers, bank account information, over any public wireless network.  Always use proper secure and encrypted communications when doing that.

• I have an iMac protected by Intego. If I buy an iPhone 6 and it gets hacked, will by iMac be vulnerable?

  I have an iMac protected by Intego. If I buy an iPhone 6 and it gets hacked, will by iMac be vulnerable?

  Mac users often ask whether they should install "anti-virus" (AV) software. The usual answer is "no." That answer is right, but it may give the wrong impression that there is no threat from what are loosely called "viruses." There is a threat, and you need to educate yourself about it.
  1. This is a comment on what you should—and should not—do to protect yourself from malicious software ("malware") that circulates on the Internet and gets onto a computer as an unintended consequence of the user's actions.
  It does not apply to software, such as keystroke loggers, that may be installed deliberately by an intruder who has hands-on access to the computer, or who has been able to take control of it remotely. That threat is in a different category, and there's no easy way to defend against it. AV software is not intended to, and does not, defend against such attacks.
  The comment is long because the issue is complex. The key points are in sections 5, 6, and 10.
  OS X now implements three layers of built-in protection specifically against malware, not counting runtime protections such as execute disable, sandboxing, system library randomization, and address space layout randomization that may also guard against other kinds of exploits.
  2. All versions of OS X since 10.6.7 have been able to detect known Mac malware in downloaded files, and to block insecure web plugins. This feature is transparent to the user. Internally Apple calls it "XProtect."
  The malware recognition database used by XProtect is automatically updated; however, you shouldn't rely on it, because the attackers are always at least a day ahead of the defenders.
  The following caveats apply to XProtect:
  ☞ It can be bypassed by some third-party networking software, such as BitTorrent clients and Java applets.
  ☞ It only applies to software downloaded from the network. Software installed from a CD or other media is not checked.
  As new versions of OS X are released, it's not clear whether Apple will indefinitely continue to maintain the XProtect database of older versions such as 10.6. The security of obsolete system versions may eventually be degraded. Security updates to the code of obsolete systems will stop being released at some point, and that may leave them open to other kinds of attack besides malware.
  3. Starting with OS X 10.7.5, there has been a second layer of built-in malware protection, designated "Gatekeeper" by Apple. By default, applications and Installer packages downloaded from the network will only run if they're digitally signed by a developer with a certificate issued by Apple. Software certified in this way hasn't been checked for security by Apple unless it comes from the App Store, but you can be reasonably sure that it hasn't been modified by anyone other than the developer. His identity is known to Apple, so he could be held legally responsible if he distributed malware. That may not mean much if the developer lives in a country with a weak legal system (see below.)
  Gatekeeper doesn't depend on a database of known malware. It has, however, the same limitations as XProtect, and in addition the following:
  ☞ It can easily be disabled or overridden by the user.
  ☞ A malware attacker could get control of a code-signing certificate under false pretenses, or could simply ignore the consequences of distributing codesigned malware.
  ☞ An App Store developer could find a way to bypass Apple's oversight, or the oversight could fail due to human error.
  Apple has taken far too long to revoke the codesigning certificates of some known abusers, thereby diluting the value of Gatekeeper and the Developer ID program. Those lapses don't involve App Store products, however.
  For the reasons given, App Store products, and—to a lesser extent—other applications recognized by Gatekeeper as signed, are safer than others, but they can't be considered absolutely safe. "Sandboxed" applications may prompt for access to private data, such as your contacts, or for access to the network. Think before granting that access. Sandbox security is based on user input. Never click through any request for authorization without thinking.
  4. Starting with OS X 10.8.3, a third layer of protection has been added: a "Malware Removal Tool" (MRT). MRT runs automatically in the background when you update the OS. It checks for, and removes, malware that may have evaded the other protections via a Java exploit (see below.) MRT also runs when you install or update the Apple-supplied Java runtime (but not the Oracle runtime.) Like XProtect, MRT is effective against known threats, but not against unknown ones. It notifies you if it finds malware, but otherwise there's no user interface to MRT.
  5. The built-in security features of OS X reduce the risk of malware attack, but they are not, and never will be, complete protection. Malware is a problem of human behavior, not machine behavior, and no technological fix alone is going to solve it. Trusting software to protect you will only make you more vulnerable.
  The best defense is always going to be your own intelligence. With the possible exception of Java exploits, all known malware circulating on the Internet that affects a fully-updated installation of OS X 10.6 or later takes the form of so-called "Trojan horses," which can only have an effect if the victim is duped into running them. The threat therefore amounts to a battle of wits between you and Internet criminals. If you're better informed than they think you are, you'll win. That means, in practice, that you always stay within a safe harbor of computing practices. How do you know when you're leaving the safe harbor? Below are some warning signs of danger.
  Software from an untrustworthy source
  ☞ Software with a corporate brand, such as Adobe Flash Player, doesn't come directly from the developer’s website. Do not trust an alert from any website to update Flash, or your browser, or any other software. A genuine alert that Flash is outdated and blocked is shown on this support page. Follow the instructions on the support page in that case. Otherwise, assume that the alert is fake and someone is trying to scam you into installing malware. If you see such alerts on more than one website, ask for instructions.
  ☞ Software of any kind is distributed via BitTorrent, or Usenet, or on a website that also distributes pirated music or movies.
  ☞ Rogue websites such as Softonic, Soft32, and CNET Download distribute free applications that have been packaged in a superfluous "installer."
  ☞ The software is advertised by means of spam or intrusive web ads. Any ad, on any site, that includes a direct link to a download should be ignored.
  Software that is plainly illegal or does something illegal
  ☞ High-priced commercial software such as Photoshop is "cracked" or "free."
  ☞ An application helps you to infringe copyright, for instance by circumventing the copy protection on commercial software, or saving streamed media for reuse without permission. All "YouTube downloaders" are in this category, though not all are necessarily malicious.
  Conditional or unsolicited offers from strangers
  ☞ A telephone caller or a web page tells you that you have a “virus” and offers to help you remove it. (Some reputable websites did legitimately warn visitors who were infected with the "DNSChanger" malware. That exception to this rule no longer applies.)
  ☞ A web site offers free content such as video or music, but to use it you must install a “codec,” “plug-in,” "player," "downloader," "extractor," or “certificate” that comes from that same site, or an unknown one.
  ☞ You win a prize in a contest you never entered.
  ☞ Someone on a message board such as this one is eager to help you, but only if you download an application of his choosing.
  ☞ A "FREE WI-FI !!!" network advertises itself in a public place such as an airport, but is not provided by the management.
  ☞ Anything online that you would expect to pay for is "free."
  Unexpected events
  ☞ A file is downloaded automatically when you visit a web page, with no other action on your part. Delete any such file without opening it.
  ☞ You open what you think is a document and get an alert that it's "an application downloaded from the Internet." Click Cancel and delete the file. Even if you don't get the alert, you should still delete any file that isn't what you expected it to be.
  ☞ An application does something you don't expect, such as asking for permission to access your contacts, your location, or the Internet for no obvious reason.
  ☞ Software is attached to email that you didn't request, even if it comes (or seems to come) from someone you trust.
  I don't say that leaving the safe harbor just once will necessarily result in disaster, but making a habit of it will weaken your defenses against malware attack. Any of the above scenarios should, at the very least, make you uncomfortable.
  6. Java on the Web (not to be confused with JavaScript, to which it's not related, despite the similarity of the names) is a weak point in the security of any system. Java is, among other things, a platform for running complex applications in a web page, on the client. That was always a bad idea, and Java's developers have proven themselves incapable of implementing it without also creating a portal for malware to enter. Past Java exploits are the closest thing there has ever been to a Windows-style virus affecting OS X. Merely loading a page with malicious Java content could be harmful.
  Fortunately, client-side Java on the Web is obsolete and mostly extinct. Only a few outmoded sites still use it. Try to hasten the process of extinction by avoiding those sites, if you have a choice. Forget about playing games or other non-essential uses of Java.
  Java is not included in OS X 10.7 and later. Discrete Java installers are distributed by Apple and by Oracle (the developer of Java.) Don't use either one unless you need it. Most people don't. If Java is installed, disable it—not JavaScript—in your browsers.
  Regardless of version, experience has shown that Java on the Web can't be trusted. If you must use a Java applet for a task on a specific site, enable Java only for that site in Safari. Never enable Java for a public website that carries third-party advertising. Use it only on well-known, login-protected, secure websites without ads. In Safari 6 or later, you'll see a padlock icon in the address bar when visiting a secure site.
  Stay within the safe harbor, and you’ll be as safe from malware as you can practically be. The rest of this comment concerns what you should not do to protect yourself.
  7. Never install any commercial AV or "Internet security" products for the Mac, as they are all worse than useless. If you need to be able to detect Windows malware in your files, use one of the free security apps in the Mac App Store—nothing else.
  Why shouldn't you use commercial AV products?
  ☞ To recognize malware, the software depends on a database of known threats, which is always at least a day out of date. This technique is a proven failure, as a major AV software vendor has admitted. Most attacks are "zero-day"—that is, previously unknown. Recognition-based AV does not defend against such attacks, and the enterprise IT industry is coming to the realization that traditional AV software is worthless.
  ☞ Its design is predicated on the nonexistent threat that malware may be injected at any time, anywhere in the file system. Malware is downloaded from the network; it doesn't materialize from nowhere. In order to meet that nonexistent threat, commercial AV software modifies or duplicates low-level functions of the operating system, which is a waste of resources and a common cause of instability, bugs, and poor performance.
  ☞ By modifying the operating system, the software may also create weaknesses that could be exploited by malware attackers.
  ☞ Most importantly, a false sense of security is dangerous.
  8. An AV product from the App Store, such as "ClamXav," has the same drawback as the commercial suites of being always out of date, but it does not inject low-level code into the operating system. That doesn't mean it's entirely harmless. It may report email messages that have "phishing" links in the body, or Windows malware in attachments, as infected files, and offer to delete or move them. Doing so will corrupt the Mail database. The messages should be deleted from within the Mail application.
  An AV app is not needed, and cannot be relied upon, for protection against OS X malware. It's useful, if at all, only for detecting Windows malware, and even for that use it's not really effective, because new Windows malware is emerging much faster than OS X malware.
  Windows malware can't harm you directly (unless, of course, you use Windows.) Just don't pass it on to anyone else. A malicious attachment in email is usually easy to recognize by the name alone. An actual example:
  London Terror Moovie.avi [124 spaces] Checked By Norton Antivirus.exe
  You don't need software to tell you that's a Windows trojan. Software may be able to tell you which trojan it is, but who cares? In practice, there's no reason to use recognition software unless an organizational policy requires it. Windows malware is so widespread that you should assume it's in every email attachment until proven otherwise. Nevertheless, ClamXav or a similar product from the App Store may serve a purpose if it satisfies an ill-informed network administrator who says you must run some kind of AV application. It's free and it won't handicap the system.
  The ClamXav developer won't try to "upsell" you to a paid version of the product. Other developers may do that. Don't be upsold. For one thing, you should not pay to protect Windows users from the consequences of their choice of computing platform. For another, a paid upgrade from a free app will probably have all the disadvantages mentioned in section 7.
  9. It seems to be a common belief that the built-in Application Firewall acts as a barrier to infection, or prevents malware from functioning. It does neither. It blocks inbound connections to certain network services you're running, such as file sharing. It's disabled by default and you should leave it that way if you're behind a router on a private home or office network. Activate it only when you're on an untrusted network, for instance a public Wi-Fi hotspot, where you don't want to provide services. Disable any services you don't use in the Sharing preference pane. All are disabled by default.
  10. As a Mac user, you don't have to live in fear that your computer may be infected every time you install software, read email, or visit a web page. But neither can you assume that you will always be safe from exploitation, no matter what you do. Navigating the Internet is like walking the streets of a big city. It can be as safe or as dangerous as you choose to make it. The greatest harm done by security software is precisely its selling point: it makes people feel safe. They may then feel safe enough to take risks from which the software doesn't protect them. Nothing can lessen the need for safe computing practices.

• Hi Apple support, my name is Derek Turner and I have been hacked through a friend's email account and I wish to know if 1. I can clean my email list of names and account with software and 2. How is it possible to delete emails that are still coming back

  Hi! My name is Derek Turner and I have been hacked through a friend's email message to me which I opened unsuspecting any danger.  Initially, he sent me an 'attention' or warning email with a link which I tried to open but it could not be opened, so I left it not knowing what it was all about at the time.  Later, I received another email from him (probably the hacker) and opened a 'not very pleasant' web site.  It did not twig with me at the time as I am a bit new to this type of thing but when I mentioned it to my wife she immediately said that I had been 'hacked'.  By this time it was too late, and it infected all my email addresses!  I would be grateful if you may know if there is software that I can use to clean up my email account and if there is anything for iPad minis that can prevent this happening in future? (Malware, Firewall?).  I am also getting emails back that relate to the hacker and I cannot 'delete' them from my iPad, only on my PC!  Any suggestions?
  Thank you for your time regarding this matter,
  Derek Turner,( a very new iPad mini user!)

  Hi,
  I don't think that can be solved by any advice the regular posters could post here.
  I would go back to Apple and explain the situation (again).
  I would also consider closing the account (Apple rarely seem to do this as accounts are never deleted but just closed).
  I understand this may cause issues for things purchased in iTunes and the App Store which my include Restoring the OS at some point.
  8:20 pm      Tuesday; September 16, 2014
  ​  iMac 2.5Ghz i5 2011 (Mavericks 10.9)
   G4/1GhzDual MDD (Leopard 10.5.8)
   MacBookPro 2Gb (Snow Leopard 10.6.8)
   Mac OS X (10.6.8),
   Couple of iPhones and an iPad

• Did you know that Verizonwireless is saving your checking account information when you pay your bill by check and then making it part of your "MyVerizon"? This means of course if they get hacked that information could be compromised. What do you think of

  Did you know that Verizonwireless is saving your checking account information when you pay your bill by check and then making it part of your "MyVerizon"  without you adding it? This means of course if they get hacked that information could be compromised. What do you think of this?

  Credit card and debit card and checking and savings information is encrypted so it is possible to be hacked, but the odds are greater to get hit by the Love Boat then to have a wide scale hack.
  Oh yes they do happen, Bank of America, Chase, Citibank, Target and quite a few others. But in all the years I have paid my invoice with saved card information I never been hacked.
  You use good passwords and the risk is minimal.
  Good Luck

• Is My apache http file okay? Could have been hacked?????Why would 12.34.56.78:80 be the listening address I don't have any AT&T Services12

  I believe my apache server could have been hacked.  Is there a member of the community that could take a look at the paste of my http.conf file.  Thanks so much
  # Mac OS X / Mac OS X Server
  # The <IfDefine> blocks segregate server-specific directives
  # and also directives that only apply when Web Sharing or
  # server Web Service (as opposed to other services that need Apache) is on.
  # The launchd plist sets appropriate Define parameters.
  # Generally, desktop has no vhosts and server does; server has added modules,
  # custom virtual hosts are only activated when Web Service is on, and
  # default document root and personal web sites at ~username are only
  # activated when Web Sharing is on.
  # This is the main Apache HTTP server configuration file.  It contains the
  # configuration directives that give the server its instructions.
  # See <URL:http://httpd.apache.org/docs/2.2> for detailed information.
  # In particular, see
  # <URL:http://httpd.apache.org/docs/2.2/mod/directives.html>
  # for a discussion of each configuration directive.
  # Do NOT simply read the instructions in here without understanding
  # what they do.  They're here only as hints or reminders.  If you are unsure
  # consult the online docs. You have been warned. 
  # Configuration and logfile names: If the filenames you specify for many
  # of the server's control files begin with "/" (or "drive:/" for Win32), the
  # server will use that explicit path.  If the filenames do *not* begin
  # with "/", the value of ServerRoot is prepended -- so "log/foo_log"
  # with ServerRoot set to "/usr" will be interpreted by the
  # server as "/usr/log/foo_log".
  # ServerRoot: The top of the directory tree under which the server's
  # configuration, error, and log files are kept.
  # Do not add a slash at the end of the directory path.  If you point
  # ServerRoot at a non-local disk, be sure to point the LockFile directive
  # at a local disk.  If you wish to share the same ServerRoot for multiple
  # httpd daemons, you will need to change at least LockFile and PidFile.
  ServerRoot "/usr"
  # Listen: Allows you to bind Apache to specific IP addresses and/or
  # ports, instead of the default. See also the <VirtualHost>
  # directive.
  # Change this to Listen on specific IP addresses as shown below to
  # prevent Apache from glomming onto all bound IP addresses.
  #Listen 12.34.56.78:80
  <IfDefine !MACOSXSERVER>
  Listen 80
  </IfDefine>
  # Dynamic Shared Object (DSO) Support
  # To be able to use the functionality of a module which was built as a DSO you
  # have to place corresponding `LoadModule' lines at this location so the
  # directives contained in it are actually available _before_ they are used.
  # Statically compiled modules (those listed by `httpd -l') do not need
  # to be loaded here.
  # Example:
  # LoadModule foo_module modules/mod_foo.so
  LoadModule authn_file_module libexec/apache2/mod_authn_file.so
  LoadModule authz_host_module libexec/apache2/mod_authz_host.so
  LoadModule cache_module libexec/apache2/mod_cache.so
  LoadModule disk_cache_module libexec/apache2/mod_disk_cache.so
  LoadModule dumpio_module libexec/apache2/mod_dumpio.so
  LoadModule reqtimeout_module libexec/apache2/mod_reqtimeout.so
  LoadModule ext_filter_module libexec/apache2/mod_ext_filter.so
  LoadModule include_module libexec/apache2/mod_include.so
  LoadModule filter_module libexec/apache2/mod_filter.so
  LoadModule substitute_module libexec/apache2/mod_substitute.so
  LoadModule deflate_module libexec/apache2/mod_deflate.so
  LoadModule log_config_module libexec/apache2/mod_log_config.so
  LoadModule log_forensic_module libexec/apache2/mod_log_forensic.so
  LoadModule logio_module libexec/apache2/mod_logio.so
  LoadModule env_module libexec/apache2/mod_env.so
  LoadModule mime_magic_module libexec/apache2/mod_mime_magic.so
  LoadModule cern_meta_module libexec/apache2/mod_cern_meta.so
  LoadModule expires_module libexec/apache2/mod_expires.so
  LoadModule headers_module libexec/apache2/mod_headers.so
  LoadModule ident_module libexec/apache2/mod_ident.so
  LoadModule usertrack_module libexec/apache2/mod_usertrack.so
  #LoadModule unique_id_module libexec/apache2/mod_unique_id.so
  LoadModule setenvif_module libexec/apache2/mod_setenvif.so
  LoadModule version_module libexec/apache2/mod_version.so
  LoadModule proxy_module libexec/apache2/mod_proxy.so
  LoadModule proxy_http_module libexec/apache2/mod_proxy_http.so
  LoadModule proxy_scgi_module libexec/apache2/mod_proxy_scgi.so
  LoadModule proxy_balancer_module libexec/apache2/mod_proxy_balancer.so
  LoadModule ssl_module libexec/apache2/mod_ssl.so
  LoadModule mime_module libexec/apache2/mod_mime.so
  LoadModule dav_module libexec/apache2/mod_dav.so
  LoadModule autoindex_module libexec/apache2/mod_autoindex.so
  LoadModule asis_module libexec/apache2/mod_asis.so
  LoadModule info_module libexec/apache2/mod_info.so
  LoadModule cgi_module libexec/apache2/mod_cgi.so
  LoadModule dav_fs_module libexec/apache2/mod_dav_fs.so
  LoadModule vhost_alias_module libexec/apache2/mod_vhost_alias.so
  LoadModule negotiation_module libexec/apache2/mod_negotiation.so
  LoadModule dir_module libexec/apache2/mod_dir.so
  LoadModule imagemap_module libexec/apache2/mod_imagemap.so
  LoadModule actions_module libexec/apache2/mod_actions.so
  LoadModule speling_module libexec/apache2/mod_speling.so
  LoadModule alias_module libexec/apache2/mod_alias.so
  LoadModule rewrite_module libexec/apache2/mod_rewrite.so
  LoadModule php5_module libexec/apache2/libphp5.so
  #Apple specific modules
  LoadModule apple_userdir_module libexec/apache2/mod_userdir_apple.so
  LoadModule bonjour_module libexec/apache2/mod_bonjour.so
  <IfDefine !MACOSXSERVER>
  LoadModule authn_dbm_module libexec/apache2/mod_authn_dbm.so
  LoadModule authn_anon_module libexec/apache2/mod_authn_anon.so
  LoadModule authn_dbd_module libexec/apache2/mod_authn_dbd.so
  LoadModule authn_default_module libexec/apache2/mod_authn_default.so
  LoadModule auth_basic_module libexec/apache2/mod_auth_basic.so
  LoadModule auth_digest_module libexec/apache2/mod_auth_digest.so
  LoadModule authz_groupfile_module libexec/apache2/mod_authz_groupfile.so
  LoadModule authz_user_module libexec/apache2/mod_authz_user.so
  LoadModule authz_dbm_module libexec/apache2/mod_authz_dbm.so
  LoadModule authz_owner_module libexec/apache2/mod_authz_owner.so
  LoadModule authz_default_module libexec/apache2/mod_authz_default.so
  LoadModule mem_cache_module libexec/apache2/mod_mem_cache.so
  LoadModule dbd_module libexec/apache2/mod_dbd.so
  LoadModule proxy_connect_module libexec/apache2/mod_proxy_connect.so
  LoadModule proxy_ftp_module libexec/apache2/mod_proxy_ftp.so
  LoadModule proxy_ajp_module libexec/apache2/mod_proxy_ajp.so
  LoadModule status_module libexec/apache2/mod_status.so
  </IfDefine>
  <IfDefine MACOSXSERVER>
  LoadModule hfs_apple_module libexec/apache2/mod_hfs_apple.so
  #LoadModule auth_digest_apple_module libexec/apache2/mod_auth_digest_apple.so
  #LoadModule encoding_module libexec/apache2/mod_encoding.so
  #LoadModule jk_module libexec/apache2/mod_jk.so
  LoadModule apple_auth_module libexec/apache2/mod_auth_apple.so
  LoadModule spnego_auth_module libexec/apache2/mod_spnego_apple.so
  LoadModule apple_digest_module libexec/apache2/mod_digest_apple.so
  #LoadModule python_module libexec/apache2/mod_python.so
  LoadModule xsendfile_module libexec/apache2/mod_xsendfile.so
  LoadModule apple_status_module libexec/apache2/mod_status_apple.so
  </IfDefine>
  # If you wish httpd to run as a different user or group, you must run
  # httpd as root initially and it will switch. 
  # User/Group: The name (or #number) of the user/group to run httpd as.
  # It is usually good practice to create a dedicated user and group for
  # running httpd, as with most system services.
  User _www
  Group _www
  # 'Main' server configuration
  # The directives in this section set up the values used by the 'main'
  # server, which responds to any requests that aren't handled by a
  # <VirtualHost> definition.  These values also provide defaults for
  # any <VirtualHost> containers you may define later in the file.
  # All of these directives may appear inside <VirtualHost> containers,
  # in which case these default settings will be overridden for the
  # virtual host being defined.
  # ServerAdmin: Your address, where problems with the server should be
  # e-mailed.  This address appears on some server-generated pages, such
  # as error documents.  e.g. [email protected]
  ServerAdmin [email protected]
  # ServerName gives the name and port that the server uses to identify itself.
  # This can often be determined automatically, but we recommend you specify
  # it explicitly to prevent problems during startup.
  # If your host doesn't have a registered DNS name, enter its IP address here.
  #ServerName www.example.com:80
  <IfDefine MACOSXSERVER>
  DocumentRoot /var/empty
  <IfModule mod_auth_digest_apple.c>
          BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On
  </IfModule>
  <IfModule mod_headers.c>
          Header add MS-Author-Via "DAV"
          RequestHeader set X_FORWARDED_PROTO 'https' env=https
          RequestHeader set X_FORWARDED_PROTO 'http' env=!https
  </IfModule>
  <IfModule mod_encoding.c>
          EncodingEngine on
          NormalizeUsername on
          DefaultClientEncoding UTF-8
  # Windows XP?
          AddClientEncoding "Microsoft-WebDAV-MiniRedir/" MSUTF-8
  # Windows 2K SP2 with .NET
          AddClientEncoding "(Microsoft .* DAV\$)" MSUTF-8
  # Windows 2K SP2/Windows XP
          AddClientEncoding "(Microsoft .* DAV 1.1)" CP932
  # Windows XP?
          AddClientEncoding "Microsoft-WebDAV*" CP932
  # RealPlayer
          AddClientEncoding "RMA/*" CP932
  # MacOS X webdavfs
          AddClientEncoding "WebDAVFS" UTF-8
  # cadaver
          AddClientEncoding "cadaver/" EUC-JP
  </IfModule>
  <Directory /usr/share/web>
      AllowOverride None
      Options MultiViews FollowSymlinks
      Order allow,deny
      Allow from all
      Header Set Cache-Control no-cache
  </Directory>
  Alias /webmail /usr/share/web/webmail.html
  Alias /changepassword /usr/share/web/changepassword.html
  Alias /profilemanager /usr/share/web/profilemanager.html
  Alias /webcal /usr/share/web/webcal.html
  </IfDefine>
  <IfDefine !MACOSXSERVER>
  <IfDefine WEBSHARING_ON>
  # DocumentRoot: The directory out of which you will serve your
  # documents. By default, all requests are taken from this directory, but
  # symbolic links and aliases may be used to point to other locations.
  DocumentRoot "/Library/WebServer/Documents"
  # Each directory to which Apache has access can be configured with respect
  # to which services and features are allowed and/or disabled in that
  # directory (and its subdirectories).
  # First, we configure the "default" to be a very restrictive set of
  # features. 
  <Directory />
      Options FollowSymLinks
      AllowOverride None
      Order deny,allow
      Deny from all
  </Directory>
  # Note that from this point forward you must specifically allow
  # particular features to be enabled - so if something's not working as
  # you might expect, make sure that you have specifically enabled it
  # below.
  # This should be changed to whatever you set DocumentRoot to.
  <Directory "/Library/WebServer/Documents">
      # Possible values for the Options directive are "None", "All",
      # or any combination of:
      #   Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
      # Note that "MultiViews" must be named *explicitly* --- "Options All"
      # doesn't give it to you.
      # The Options directive is both complicated and important.  Please see
      # http://httpd.apache.org/docs/2.2/mod/core.html#options
      # for more information.
      Options Indexes FollowSymLinks MultiViews
      # AllowOverride controls what directives may be placed in .htaccess files.
      # It can be "All", "None", or any combination of the keywords:
      #   Options FileInfo AuthConfig Limit
      AllowOverride None
      # Controls who can get stuff from this server.
      Order allow,deny
      Allow from all
  </Directory>
  # DirectoryIndex: sets the file that Apache will serve if a directory
  # is requested.
  <IfModule dir_module>
      DirectoryIndex index.html
  </IfModule>
  </IfDefine>
  </IfDefine>
  # The following lines prevent .htaccess and .htpasswd files from being
  # viewed by Web clients.
  <FilesMatch "^\.([Hh][Tt]|[Dd][Ss]_[Ss])">
      Order allow,deny
      Deny from all
      Satisfy All
  </FilesMatch>
  # Apple specific filesystem protection.
  <Files "rsrc">
      Order allow,deny
      Deny from all
      Satisfy All
  </Files>
  <DirectoryMatch ".*\.\.namedfork">
      Order allow,deny
      Deny from all
      Satisfy All
  </DirectoryMatch>
  # ErrorLog: The location of the error log file.
  # If you do not specify an ErrorLog directive within a <VirtualHost>
  # container, error messages relating to that virtual host will be
  # logged here.  If you *do* define an error logfile for a <VirtualHost>
  # container, that host's errors will be logged there and not here.
  ErrorLog "/private/var/log/apache2/error_log"
  # LogLevel: Control the number of messages logged to the error_log.
  # Possible values include: debug, info, notice, warn, error, crit,
  # alert, emerg.
  LogLevel warn
  <IfModule log_config_module>
      # The following directives define some format nicknames for use with
      # a CustomLog directive (see below).
      LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
      LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combinedvhost
      LogFormat "%h %l %u %t \"%r\" %>s %b" common
      LogFormat "%v %h %l %u %t \"%r\" %>s %b" commonvhost
      <IfModule logio_module>
        # You need to enable mod_logio.c to use %I and %O
        LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
        LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinediovhost
      </IfModule>
      # The location and format of the access logfile (Common Logfile Format).
      # If you do not define any access logfiles within a <VirtualHost>
      # container, they will be logged here.  Contrariwise, if you *do*
      # define per-<VirtualHost> access logfiles, transactions will be
      # logged therein and *not* in this file.
      CustomLog "/private/var/log/apache2/access_log" common
      # If you prefer a logfile with access, agent, and referer information
      # (Combined Logfile Format) you can use the following directive.
      #CustomLog "/private/var/log/apache2/access_log" combined
  </IfModule>
  <IfModule alias_module>
      # Redirect: Allows you to tell clients about documents that used to
      # exist in your server's namespace, but do not anymore. The client
      # will make a new request for the document at its new location.
      # Example:
      # Redirect permanent /foo http://www.example.com/bar
      # Alias: Maps web paths into filesystem paths and is used to
      # access content that does not live under the DocumentRoot.
      # Example:
      # Alias /webpath /full/filesystem/path
      # If you include a trailing / on /webpath then the server will
      # require it to be present in the URL.  You will also likely
      # need to provide a <Directory> section to allow access to
      # the filesystem path.
      # ScriptAlias: This controls which directories contain server scripts.
      # ScriptAliases are essentially the same as Aliases, except that
      # documents in the target directory are treated as applications and
      # run by the server when requested rather than as documents sent to the
      # client.  The same rules about trailing "/" apply to ScriptAlias
      # directives as to Alias.
      ScriptAliasMatch ^/cgi-bin/((?!(?i:webobjects)).*$) "/Library/WebServer/CGI-Executables/$1"
  </IfModule>
  <IfModule cgid_module>
      # ScriptSock: On threaded servers, designate the path to the UNIX
      # socket used to communicate with the CGI daemon of mod_cgid.
      #Scriptsock /private/var/run/cgisock
  </IfModule>
  # "/Library/WebServer/CGI-Executables" should be changed to whatever your ScriptAliased
  # CGI directory exists, if you have that configured.
  <Directory "/Library/WebServer/CGI-Executables">
      AllowOverride None
      Options None
      Order allow,deny
      Allow from all
  </Directory>
  # DefaultType: the default MIME type the server will use for a document
  # if it cannot otherwise determine one, such as from filename extensions.
  # If your server contains mostly text or HTML documents, "text/plain" is
  # a good value.  If most of your content is binary, such as applications
  # or images, you may want to use "application/octet-stream" instead to
  # keep browsers from trying to display binary files as though they are
  # text.
  DefaultType text/plain
  <IfModule mime_module>
      # TypesConfig points to the file containing the list of mappings from
      # filename extension to MIME-type.
      TypesConfig /private/etc/apache2/mime.types
      # AddType allows you to add to or override the MIME configuration
      # file specified in TypesConfig for specific file types.
      #AddType application/x-gzip .tgz
      # AddEncoding allows you to have certain browsers uncompress
      # information on the fly. Note: Not all browsers support this.
      #AddEncoding x-compress .Z
      #AddEncoding x-gzip .gz .tgz
      # If the AddEncoding directives above are commented-out, then you
      # probably should define those extensions to indicate media types:
      AddType application/x-compress .Z
      AddType application/x-gzip .gz .tgz
      # AddHandler allows you to map certain file extensions to "handlers":
      # actions unrelated to filetype. These can be either built into the server
      # or added with the Action directive (see below)
      # To use CGI scripts outside of ScriptAliased directories:
      # (You will also need to add "ExecCGI" to the "Options" directive.)
      #AddHandler cgi-script .cgi
      # For type maps (negotiated resources):
      #AddHandler type-map var
      # Filters allow you to process content before it is sent to the client.
      # To parse .shtml files for server-side includes (SSI):
      # (You will also need to add "Includes" to the "Options" directive.)
      #AddType text/html .shtml
      #AddOutputFilter INCLUDES .shtml
  </IfModule>
  # The mod_mime_magic module allows the server to use various hints from the
  # contents of the file itself to determine its type.  The MIMEMagicFile
  # directive tells the module where the hint definitions are located.
  #MIMEMagicFile /private/etc/apache2/magic
  # Customizable error responses come in three flavors:
  # 1) plain text 2) local redirects 3) external redirects
  # Some examples:
  #ErrorDocument 500 "The server made a boo boo."
  #ErrorDocument 404 /missing.html
  #ErrorDocument 404 "/cgi-bin/missing_handler.pl"
  #ErrorDocument 402 http://www.example.com/subscription_info.html
  # EnableMMAP and EnableSendfile: On systems that support it,
  # memory-mapping or the sendfile syscall is used to deliver
  # files.  This usually improves server performance, but must
  # be turned off when serving from networked-mounted
  # filesystems or if support for these functions is otherwise
  # broken on your system.
  #EnableMMAP off
  #EnableSendfile off
  TraceEnable off
  # Supplemental configuration
  # The configuration files in the /private/etc/apache2/extra/ directory can be
  # included to add extra features or to modify the default configuration of
  # the server, or you may simply copy their contents here and change as
  # necessary.
  # Server-pool management (MPM prefork specific)
  StartServers 1
  MinSpareServers 1
  MaxSpareServers 1
  # ServerLimit and MaxClients support n% syntax which sets them to a
  # fraction of the current RLIMIT_NPROC limit.
  ServerLimit 50%
  MaxClients 50%
  ListenBackLog 512
  MaxRequestsPerChild 100000
  # Timeout: The number of seconds before receives and sends time out.
  Timeout 300
  # KeepAlive: Whether or not to allow persistent connections (more than
  # one request per connection). Set to "Off" to deactivate.
  KeepAlive On
  # KeepAliveTimeout: Number of seconds to wait for the next request from the
  # same client on the same connection.
  KeepAliveTimeout 15
  # MaxKeepAliveRequests: The maximum number of requests to allow
  # during a persistent connection. Set to 0 to allow an unlimited amount.
  # We recommend you leave this number high, for maximum performance.
  MaxKeepAliveRequests 100
  # UseCanonicalName: Determines how Apache constructs self-referencing
  # URLs and the SERVER_NAME and SERVER_PORT variables.
  # When set "Off", Apache will use the Hostname and Port supplied
  # by the client.  When set "On", Apache will use the value of the
  # ServerName directive.
  UseCanonicalName Off
  # AccessFileName: The name of the file to look for in each directory
  # for additional configuration directives.  See also the AllowOverride
  # directive.
  AccessFileName .htaccess
  # ServerTokens
  # This directive configures what you return as the Server HTTP response
  # Header. The default is 'Full' which sends information about the OS-Type
  # and compiled in modules.
  # Set to one of:  Full | OS | Minor | Minimal | Major | Prod
  # where Full conveys the most information, and Prod the least.
  ServerTokens Full
  # Optionally add a line containing the server version and virtual host
  # name to server-generated pages (internal error documents, FTP directory
  # listings, mod_status and mod_info output etc., but not CGI generated
  # documents or custom error documents).
  # Set to "EMail" to also include a mailto: link to the ServerAdmin.
  # Set to one of:  On | Off | EMail
  ServerSignature On
  # HostnameLookups: Log the names of clients or just their IP addresses
  # e.g., www.apache.org (on) or 204.62.129.132 (off).
  # The default is off because it'd be overall better for the net if people
  # had to knowingly turn this feature on, since enabling it means that
  # each client request will result in AT LEAST one lookup request to the
  # nameserver.
  HostnameLookups Off
  # PidFile: The file in which the server should record its process
  # identification number when it starts.
  PidFile /var/run/httpd.pid
  # The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
  LockFile "/private/var/log/apache2/accept.lock"
  <IfModule mod_rewrite.c>
      RewriteLock /var/log/apache2/rewrite.lock
  </IfModule>
  # Language settings
  Include /private/etc/apache2/extra/httpd-languages.conf
  <IfDefine WEBSHARING_ON>
  # Multi    -language error messages
  #Include /private/etc/apache2/extra/httpd-multilang-errordoc.conf
  # Fancy directory listings
  Include /private/etc/apache2/extra/httpd-autoindex.conf
  # User home directories
  Include /private/etc/apache2/extra/httpd-userdir.conf
  # Real-time info on requests and configuration
  #Include /private/etc/apache2/extra/httpd-info.conf
  # Virtual hosts
  #Include /private/etc/apache2/extra/httpd-vhosts.conf
  # Local access to the Apache HTTP Server Manual
  Include /private/etc/apache2/extra/httpd-manual.conf
  # Distributed authoring and versioning (WebDAV)
  #Include /private/etc/apache2/extra/httpd-dav.conf
  </IfDefine>
  # Secure (SSL/TLS) connections
  <IfDefine !MACOSXSERVER>
  #Include /private/etc/apache2/extra/httpd-ssl.conf
  </IfDefine>
  <IfDefine MACOSXSERVER>
  <IfModule mod_ssl.c>
          SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
          SSLPassPhraseDialog exec:/etc/apache2/getsslpassphrase
          SSLSessionCache shmcb:/var/run/ssl_scache(512000)
          SSLSessionCacheTimeout 300
          SSLMutex file:/var/run/ssl_mutex
          SSLRandomSeed startup builtin
          SSLRandomSeed connect builtin
          AddType application/x-x509-ca-cert crt
          AddType application/x-pkcs7-crl crl
  </IfModule>
  </IfDefine>
  <IfModule mod_jk.c>
          JKWorkersFile /etc/apache2/workers.properties
          JKLogFile /var/log/apache2/mod_jk.log
          JkShmFile /var/log/apache2/jk-runtime-status
  </IfModule>
  <IfModule php5_module>
      AddType application/x-httpd-php .php
      AddType application/x-httpd-php-source .phps
      <IfModule dir_module>
          DirectoryIndex index.html index.php
      </IfModule>
  </IfModule>
  <IfDefine !MACOSXSERVER>
      Include /etc/apache2/other/*.conf
  </IfDefine>
  <IfDefine MACOSXSERVER>
      <IfDefine WEBSERVICE_ON>
          Include /etc/apache2/sites/*.conf
      </IfDefine>
      <IfDefine !WEBSERVICE_ON>
          Include /etc/apache2/sites/virtual_host_global.conf
          Include /etc/apache2/sites/*_.conf
          Include /etc/apache2/sites/*__shadow.conf
      </IfDefine>
  </IfDefine>

  That's a comment in the file. It has no effect at all.

• My imessages have been hacked and recovery email changed and I can't delete it! (with pic)

  My iMessages have been hacked and the hacker entered his email as the recovery email with security questions I can't answer. I contacted Apple support and went through the 24 hour process of changing my info so that I could get into the account, but his email address is still the recovery address and it does not give me the option to delete it. I've added alternate emails that can be deleted, but it will not let me change or delete the recovery email. I can change phones and passwords a million times, but if he can just recover my password what am I supposed to do? I have turned iMessage off on my phone (as well as the gps) but I would really like help in deleting that recovery email if anyone has any bright ideas! The pic below shows the only place in all of the settings that his email address shows up anywhere! Any help is very very very appreciated.

  Hi,
  I don't think that can be solved by any advice the regular posters could post here.
  I would go back to Apple and explain the situation (again).
  I would also consider closing the account (Apple rarely seem to do this as accounts are never deleted but just closed).
  I understand this may cause issues for things purchased in iTunes and the App Store which my include Restoring the OS at some point.
  8:20 pm      Tuesday; September 16, 2014
  ​  iMac 2.5Ghz i5 2011 (Mavericks 10.9)
   G4/1GhzDual MDD (Leopard 10.5.8)
   MacBookPro 2Gb (Snow Leopard 10.6.8)
   Mac OS X (10.6.8),
   Couple of iPhones and an iPad

• My iPhone 5c appears to have been hacked - what should I do?

  My iphone 5c appears to have been hacked and has been doing some weird things recently. I have iOS 7 installed.
  It deleted all my notes.
  It deletes text message streams from various random contacts. I have resorted to taking screenshots of my messages to prove this as it is still happening.
  It deleted a few of my contacts so that only their numbers showed on the top of text message conversations.
  The weridest thing though is that for the remaining contacts it seemed to add an additional random mobile number to each one so that each contact had two numbers.
  Furthermore, for one of my contacts, when I opened the contact there was some French profile wording and a picture of an African man I have no idea who he his (the contact is an asian lady from anerica). I took a screenshot of the contact page and emailed it to her to see if this was something she'd setup by accident but she simply replied that she had no idea why I had that contact stored under her name on my phone.
  I live in the UK and do not know any French people!
  I'm really worried as it feels like my phone has been hacked/tampered with remotely as this is extremely weird.
  How do I find out if my phone has been hacked/tampered with and is there anything Apple or the police can do?
  Will restoring the phone clear the issues? I'm reluctant to do this though as I have no faith that important info added to my phone since these happenings (such as my text message screenshots) will not be simply lost forever.
  If I can show the issues at the Apple store will they replace the handset? Does it seem like a hardware/software issue or is it obvious that the phone is being tampered with?
  Please help!

  First, try to reset the phone by holding the sleep and home button for about 10sec, until the Apple logo comes back again. You will not lose data by resetting.
  If this does not help, set it up as new device, explained here:
  How to erase your iOS device and then set it up as a new device or restore it from backups
  If still no luck, get it checked by visiting an Authorized Apple Service Provider or contact Apple Support to get it serviced:
  iPhone - Contact Support - Apple Support

• HACKED! I am 90% sure I have a hacker on my machine (keylogging, keylogger)

  HACKED! I am 90% sure I have a hacker on my machine (keylogging, keylogger)
  There is no way they could have known I had certain accounts, and accessed them, without being on my machine.
  What can I do to TRACK THEM?
  In the last year or so:
  • My PayPal was hacked. The person at PayPal said they logged in with ONE ATTEMPT. Someone tried to get funds from my account, to transfer them to someplace in California.
  • My Credit card was hacked. The person got into my settings, and changed the email address. Someone also tried to buy something, again, in California.
  I believe it's someone who has my IP address (probably from an email I sent). I know someone who was taking computer forensics -- and worked as an IT person at a hospital -- who has major reasons to get onto my machine to see what I am doing. She also has my SSN (Social Security Number), bank account numbers, and most credit card account numbers. She has special ties to California. In the last couple of years, she bought a tower Mac.
  But, I think that there was no way she could know I had a certain account on a certain Web site, where someone got into it, and printed out 1 certificate (out of about 20-30), and used it. I believe she was "sending a message" that she can mess with my accounts, and do whatever she pleases. This place of business was the closest to where she is staying, walking distance.
  Someone also rented videos out in my name -- about 20 miles from where she lives but near where her kids and ex- live, and nearby where I am staying -- and then returned the rented videos late (sending me a message), but keeping one of them without paying (a dance video--she's hugely into dancing).
  This person is my sister, I believe; and I believe she is trying to get more via a Probate process than I believe she should (read: taking it from me).
  I also got an ad sent in the name of my housemate to a PO Box that almost no one knows about, and at which I get very little mail. The ad was from a company I've never heard of. The PO Box would be listed in my credit file.
  Maybe related: I also got a flyer at the house where I am staying that looked like it had added my housemate's middle name to it. I had called them to order a pizza, but I never gave them my housemate's middle name. (I don't think I've given it to anyone.)
  I have Norton Internet Security, but that doesn't seem to have stopped it. And it's goofy. It won't let me lock it by clicking its lock. The lock keeps magically coming unlocked.
  Also, my computer crashes more than once a week on average.
  While I don't have the old Disinfectant installed, I might have accidentally double-clicked it. When I try to Trash it, and empty the Trash, it says it's busy or whatever. (I don't see it running as a regular Application; so if it's busy, it's one of those things I don't recognize.)
  I am pretty sure my Passwords have been used; yet the only way someone could know -- and get into an account of mine with ONE attempt would be if they had my Password already. I don't keep these on my computer, or email them, or even write them down. So the only way I can see someone having them is to be on my computer, and very possibly keylogging what I type.
  How can I track this activity, and locate where this information may be going.
  No one I know seems to take these sorts of things seriously; though I don't really know anyone who knows Macs.
  HELP!

  I have Norton Internet Security, but that doesn't seem to have stopped it. And it's goofy. It won't let me lock it by clicking its lock. The lock keeps magically coming unlocked.
  Also, my computer crashes more than once a week on average.
  Those two facts are related.
  Norton Antivirus has a very long and illustrious reputation for mangling Mac OS X systems, sometimes to the point where a complete reinstall is necessary. Among other things, it installs kernel extensions which are known to cause kernel panics and system freezes; it contains known and documented bugs which can silently corrupt Adobe Photoshop and Adobe InDesign files, destroy a user's ability to authenticate as an administrator, and (on PPC systems) can cause Classic to stop functioning; and Symantec has on at least two occasions now released flawed .dat file updates which erroneously report certain critical Mac OS X files as "viruses." (Deleting these "viruses" causes damage to the system that in some cases renders it unbootable.)
  You may find my User Tip on Viruses, Trojan Detection and Removal, as well as general Internet Privacy, useful:
  http://discussions.apple.com/thread.jspa?threadID=1764179&tstart=0
  Regarding MacScan, First update the MacScan malware definitions before scanning. You can also contact their support team for any additional support - [email protected]
  Security of OS X generally:
  http://www.apple.com/macosx/security/
  http://www.nsa.gov/ia/_files/os/applemac/I731-007R-2007.pdf
  Security Configuration for Version 10.5 Leopard:
  http://images.apple.com/server/macosx/docs/LeopardSecurity_Config_2ndEd.pdf

• Why did my Events get hacked up?

  After "upgrading" to iPhoto '11, I see that Events that span several days all got hacked into daily events. Now I have to go back and reconstruct all those Events.
  This is the worst upgrade I've ever experienced from Apple.
  Please send feedback to: http://www.apple.com/feedback/iphoto.html

  I upgraded. Events that cover multiple dates got separated into separate dates, based on dates. So a week's vacation in Santa Barbara no longer is one event, but seven.
  Some Events did not get hacked up, but many did. It appears that older photo Events got hacked up, newer ones did not.

• My hotmail gets hacked is it a virus?

  My hotmail account has been hacked 3 times now, I keep changing the password, so is it malware or a virus?  How do I find out?

  This is not likely to be any kind of malware. See my Mac Malware Guide.
  As to how your account is getting hacked, it could be that you're not using good passwords, as sig has suggested. It's also possible that Hotmail has some way of allowing the hackers to leave themselves a back door. I'm not familiar with Hotmail, but on GMail, there's a setting tucked away out of sight that allows you to give complete access to your account to someone else, and hackers have been known to use that to give themselves continuing access, even after the account password has been changed. It's also possible that there's some Hotmail vulnerability that allows hackers to get access without needing a password.
  If your password is being reset, it could be that whatever password reset system Hotmail is using is being abused by a hacker. And, of course, we can't eliminate the human element... it's often possible for hackers to get access to an account by calling customer support and convincing a tech to reset the password to give them access.

• Keep getting hacked. Anti-virus/Keylogger?

  I am an active Twitter user and my account is constantly getting hacked despite "very strong" passwords.
  I am concerned that I may have a virus or a keylogger. I have tried iAntiVirus but is there something better? I found iAntiVirus through CNET where it came the best reviewed anti-virus for a Mac.
  I'm not really sure what to do as it has been about 3x in a week of getting hacked on Twitter. All my software is up-to-date (just checked) and am running Mac OS X 10.6.8 (there is a conflict between my Adobe programs and Lion which is why I haven't upgraded to that).
  Any suggestions?

  SubconsciousMe wrote:
  Above poster, that is noted.
  I am new to this -- being a Mac user. No need to scare me off!
  I love my Mac and just want it to run smoothly. I'm doing the best I can with what I know, which may not be much... but is increasing daily. Hopefully, someday I can help others. But, until than, I depend on the help of others.
  There are no viruses for os x. 
  User Tip:  Mac Viruses
  Macintosh Viruses
  It doesn’t get PC viruses.

• 9330 - Yahoo! Email getting hacked via phone

  So, I've had my new phone for the past month, no issues with it until about 2 days ago. People are hacking into my yahoo email through my Blackberry. When I logged into my mail on my laptop browser, there were logins from Thailand, Mexico, Argentina and last night after I went to bed, Canada.The ones from the other night sent spam email to all my contacts. After sending apology emails, I changed my pw one more time.
  Here's the latest login from last night:
  3:14 AM
  Yahoo! Mail for RIM/BlackBerry
  Logged In
  Canada
  So, is there a way to avoid this? My pw are complex with the special characters and everything. I am NOT on a corporate email system and I'm extremely careful as to what websites I go to.
  Any suggestions so my account will stop getting compromised?
  I've never had this issue with any of my previous Blackberries. As of right now, I changed my pw on my laptop broswer this morning and I have NOT re-sync'd it with my Blackberry yet.

  Your BlackBerry device is not getting "hacked", it sounds like your Yahoo email account is, though.
  You need to call Yahoo.
  1. If any post helps you please click the below the post(s) that helped you.
  2. Please resolve your thread by marking the post "Solution?" which solved it for you!
  3. Install free BlackBerry Protect today for backups of contacts and data.
  4. Guide to Unlocking your BlackBerry & Unlock Codes
  Join our BBM Channels (Beta)
  BlackBerry Support Forums Channel
  PIN: C0001B7B4   Display/Scan Bar Code
  Knowledge Base Updates
  PIN: C0005A9AA   Display/Scan Bar Code