Hot Girl Hacked π How You Can Ctrl + Alt +Delete a Hacker
One minute I’m running my businesses, the next I’m staring at emails I never wrote. Turns out, a hacker waltzed right into my inbox…through Pinterest. Yes, Pinterest. And I wasn’t the only one. Apparently, several wedding industry professionals were hacked this month, wth!?
And, since our email logins are connected to so many other logins (at least mine are!), I had to take action seriously and move fast.
So what did I do?
I became motherf*ckin’ Sandra Bullock in The Net and went after those Praetorians π !! 🤘🤘🤘
Luckily, I’m super tech-savvy, my husband came in clutch as a Bioinformatician in his PhD program, and with a bit of help from ChatGPT, we kicked those f*kers out!
Here’s how we did it:
Found a weird draft email I didn’t write → DELETED it 🚩
Downloaded the “original” email" → combed through the code. Several emails were coming from different sources to redirect to my email, so I pulled those emails out (using Command F to search the page for @) and blocked them on my email server (which, for me, is GoDaddy).
Updated my GoDaddy DNS records. Here’s where you can definitely use ChatGPT to walk you through the codes to add. It looks something like: [v=sp1 include: spf.google.com ~all] telling your server to only send emails from you.
→ SPF (use code like the code above so only Google can send as me)
→ DKIM (use code so that emails get digitally signed)
→ DMARC (use code so it rejects fakes)
Cleared out Third-Party Logins & Permissions → Google Security Checkup.
→ Your devices: Logged out of anything/anyone that looked suspicious.
→ Recent security activity: Made sure nothing was shady. Thank goodness they didn’t get in in all the way, they were just forwarding the emails pushed through Pinterest.
→ Third-party connections: Removed access to ALL until I changed every password, then reintegrated.
Reset every password → I wasn’t messing around.
Turned on → two-step verification for everything. This was how I got hacked! I removed my two-step verifications in a few places so my assistants could work more efficiently, rather than being unable to reach me for codes while I was physically with clients for hours. BIG mistake!!
Kept an eye on login activity and drafts to make sure the hacker was gone.
It took about 7 hours of my time, so I hope this will save YOU time.
SAVE THIS POST, just in case!
What I learned:
Convenience is never worth the risk. Removing my two-step verifications so my team could move faster was not worth it. And, it cost me more time in the long run to fix this. Having systems isn’t enough; they need to be lock-tight, checked, and double-checked. And honestly, sometimes you can’t do it all alone and need backup to catch what you miss.
