Compromised email address

Mumut · Feb 20, 2011

I suppose this has happened to a few AW'ers over the years. A few days ago I started to receive phone calls telling me friends had received emails, apparently from me. asking for money. The content of the email is that I've been mugged and robbed at gunpoint in Wales but I've managed to make it to the embassy (an Australian embassy in Wales?). I need cash for immediate accommodation etc.

Actually I was in Wales a few weeks ago (but survived the experience unscathed). And it could be considered a somewhat funny story. But it's not. Over the past months I've sent emails to 8,000 libraries and 5,000 high schools in the USA to introduce my book 'The Guardian of the Gate'. If they have all received this email it will make me look very unprofessional. I'm not all that happy to have to send each one a second email explaining the mess.

The reason I'm telling this here, is that things became very 'interesting' this morning. My email account was with Gmail. They don't ask for personal information so you have to fill in a form (using some other email address) which is matched by a computer and a reply email sent out. Because I don't use any of the bells and whistles in Gmail I was told there was not enough information to let me in so I could change my password and take control again. Luckily I realised I'd have given my wife's email address as backup so when I tried again I was let in.

In the list of emails were all my failed attempts to change the password - and in the data were other email addresses and information concerning a film website which had been emailing me. I don't know if this is a clue to the thief. I handed over the information to the police and to see the details made me feel uneasy. But what happened next had me really worried. An entry had been added to the list of emails received. It was from a few minutes back, while I was logged in, and it was someone trying to have the password changed again. The fraud was trying to get back in again. That was really scary.

I cancelled my account with Gmail immediately. I don't mind writing suspense but I can't hack it when it happens to me. So in future I'll be changing all my passwords on a frequent basis and I'll be using randon sets of mixed numbers and letters, lower and upper case. And I hope to heaven it doesn't happen again.

MaryMumsy · Feb 20, 2011

My Dad received an email 'from' an old friend of his a few days ago. According to the email he had been mugged or robbed or something in England. And needed Dad to send 6,800 British pounds so he could get home. There was some kind of link in the email for where to send the funds. The gentleman in question is almost 86 years old, and hasn't left the US in at least 20 years. Dad may be old, but he isn't senile. Deleted the email and left a phone message for his friend.

MM

Karen Junker · Feb 20, 2011

I'm so glad you are all right and got your account closed.

I had a friend from the US who *did* lose all her money and so on while travelling in Ireland a few years ago -- fortunately, she was able to use someone's phone to call me and ask for the money to come home, or I would have thought the email from her to be a scam.

BradCarsten · Feb 20, 2011

you may have a key logger on your system, so now they will have your wife's password also.

This is what I would do:

You are able to run linux off a cd without installing it.
so download a linux distribution- (puppy linux is quite small. ubuntu user friendly.)
pop the cd into the drive, restart your pc and the live cd will start up rather than windows. this way you can be sure that no malware is running in the background.
(note: running a live is a little slow.)

I would then go in and change all my passwords- email, paypal etc

(you don't need to cancel her gmail account, only log out, log back in and change the password.)

If you are worried that you may have something on your pc then I would just backup all my stuff, format my machine and reinstall my os.

In future use firefox for browsing rather than internet explorer, and install the no script plugin. this stops java scripts form running in the background, so unless you give the website permission, it cannot hijack your browser.
if you really worried about future attacks- switch to or dual boot with ubuntu and do all your secure transactions through that

cryaegm · Feb 21, 2011

ave said:
you may have a key logger on your system, so now they will have your wife's password also.

This is what I would do:

You are able to run linux off a cd without installing it.
so download a linux distribution- (puppy linux is quite small. ubuntu user friendly.)
pop the cd into the drive, restart your pc and the live cd will start up rather than windows. this way you can be sure that no malware is running in the background.
(note: running a live is a little slow.)

I would then go in and change all my passwords- email, paypal etc

(you don't need to cancel her gmail account, only log out, log back in and change the password.)

If you are worried that you may have something on your pc then I would just backup all my stuff, format my machine and reinstall my os.

In future use firefox for browsing rather than internet explorer, and install the no script plugin. this stops java scripts form running in the background, so unless you give the website permission, it cannot hijack your browser.
if you really worried about future attacks- switch to or dual boot with ubuntu and do all your secure transactions through that

Or you can help them get rid of it instead of trying to convert them to Linux. Saying just to switch to Linux doesn't help them at all and if they want to get rid of it and continue to use Windows, then they're going to need to know how to get rid of it, especially for future reference.

I've never used Linux, but from what I've heard, it's not exactly user friendly.

BradCarsten · Feb 21, 2011

cryaegm said:
Or you can help them get rid of it instead of trying to convert them to Linux. Saying just to switch to Linux doesn't help them at all and if they want to get rid of it and continue to use Windows, then they're going to need to know how to get rid of it, especially for future reference.

lol am I reading the same reply as you?

Im suggesting that they run a single live session of linux straight off the CD, without installing it. That is the safest way to go online and change passwords if you think your machine has been compromised. if you just change your password when your machine is infected, you risk them getting hold of those new passwords as well.

this will deal with the biggest threat quickly- which helps when someone may potentially be using your paypal account

I then suggested that they backup, format and reinstall their os- they can run a virus scan, but those are not always 100% effective. (I was running 3 malware scanners and they only picked up a threat on one of my cds 2 years later)

I then suggested that in future they use firefox with no script enabled rather than internet explorer

those are all windows suggestions.

only at the end I mention dual booting- ie running linux and windows simultaneously on a computer if they are really worried about future attacks. unfortunately windows is vulnerable to attack, and im going to keep suggesting people do this.

cryaegm said:
I've never used Linux, but from what I've heard, it's not exactly user friendly.

hmmmm unfortunately that is the perception, and maybe 5 years ago I would have agreed, but now days ubuntu is more user friendly than windows- to install and to use.

- the last time I installed, I didnt have to install a single driver, where as on windows 7 I had to install about 4 or 5 to get everything working

- all software is installed under categories rather than just lumped together in a start menu -

- finding and installing new software uses an app centre like the iphone or android. safe and easy

- you have
1) tabs in your file browser
2) far more intuitive place to eject your usb storage devices
3) file previews
4) shortcuts

Deleted member 42 · Feb 21, 2011

You've got malware.

This is a known instance of malware.

You need to thoroughly scan your computer or the same thing will happen again.

If you Google with phrases from the email "you" sent about being stranded you'll find how to remove the malware.

Jamesaritchie · Feb 21, 2011

I'd still cancel the gmail account. I had the same basic thing happen, and Google traced it to the account, not to malware on my computer.

Whenever anyone e-mailed that account, they, and everyone in the Gmal address book, got hit with spam. My computer didn't play a part because it was packed away for a renovation we went through. No computer in my home was hooked up, and we didn't use laptops during that entire period. It all happened with no computers even plugged in at home.

Malware can certainly do this, but, apparently, so can a compromised Google Gmal account.

I have tried Ubuntu. It works well, but I simply had way too much software that wouldn't run on it. For me, this is a deal breaker. Others may feel differently.

And Windows 7 is pretty darned secure, if you just take a little time to learn how to secure it properly.

Deleted member 42 · Feb 21, 2011

Jamesaritchie said:
Malware can certainly do this, but, apparently, so can a compromised Google Gmal account.

The malware is deliberately designed to collect Google passwords. It's what it does.

It contains a key logger, a registry re-writer, and it creates two separate back doors--one of which attempts to install a root kit.

BradCarsten · Feb 21, 2011

Jamesaritchie said:
Whenever anyone e-mailed that account, they, and everyone in the Gmal address book, got hit with spam. My computer didn't play a part because it was packed away for a renovation we went through. No computer in my home was hooked up, and we didn't use laptops during that entire period. It all happened with no computers even plugged in at home.

thats the bugger with these key loggers, once they get hold of your password they no longer need your pc- they just set up their server to retrieve all your mail and forward contaminated links to all your contacts. you should be able to shut them out by changing passwords/ recovery email addresses and cancel all added forwarding options.

Jamesaritchie · Feb 21, 2011

ave said:
thats the bugger with these key loggers, once they get hold of your password they no longer need your pc- they just set up their server to retrieve all your mail and forward contaminated links to all your contacts. you should be able to shut them out by changing passwords/ recovery email addresses and cancel all added forwarding options.

But how does it work without my home computer even being hooked up? I hadn't used that e-mail account for several weeks, and so hadn't typed a password for several weeks, before the trouble started.

I do know from Google that the e-mail account itself was hacked, but I can't see how a keylogger would have mattered when I didn't type the password, and wasn't using the account when all of this happened.

I'm also pretty darned good at finding malware on my computer. I keep all the best paid software on my computer, and I used it to run every test imaginable. All came up negative.

cryaegm · Feb 21, 2011

ave said:
lol am I reading the same reply as you?

I misread it and I'm sorry. I was still livid about having to reformat my computer because of stupid Microsoft Office. Can suggest system reformat, but I already tried that and all it gave me was a black screen of death and a cursor.

Can't do anything, let alone see if the system restore worked, when you can't log in into your account, let alone GET the login screen.

It wasn't a virus or anything. It was AVG PC Tuner that deleted stuff as registry errors when it shouldn't have. Only way to fix things is to do a reformat, which I had to do.

So I was quite miffed. It took me all day (not because I suck at doing a reformats; it was my first one and I had to install everything, including all of my Steam games) and I was really tired.

Again, I'm sorry.

But anyway, from what I've been told by Linux users, is that Ubuntu is the friendliest one of Linux. Vista sucked and changed a lot of stuff so it wasn't quite user friendly, but Windows 7 is easy to learn from, along with finding things.

Not the point though (I just woke up, so I might seem like I'm rambling). Personally, I wouldn't go and change passwords until after getting the malware/key logger, or at least tell him how to get rid of it so he knows for future reference. I do agree with NoScript from Firefox, but also Adblock Plus and Web of Trust. The TC should scan with Malwarebytes and see what comes up.

Like I said, I was already irritated and when I read your response, to me, it sounded like you were trying to switch him to Linux and not deal with the key logger. I hate when people try to convert others like that without actually trying to help, you know? It's irritating, and it just set me off. Like I said, I'm sorry. You just caught me on a really bad night because that's after I finished up with the reformat (and finding out Trillian partnered up with an adware website).

kuwisdelu · Feb 21, 2011

ave said:
You are able to run linux off a cd without installing it.
so download a linux distribution- (puppy linux is quite small. ubuntu user friendly.)
pop the cd into the drive, restart your pc and the live cd will start up rather than windows. this way you can be sure that no malware is running in the background.

Burning a Live CD isn't the most trivial task for most users. A link like this would be helpful.

ave said:
hmmmm unfortunately that is the perception, and maybe 5 years ago I would have agreed, but now days ubuntu is more user friendly than windows- to install and to use.

- the last time I installed, I didnt have to install a single driver, where as on windows 7 I had to install about 4 or 5 to get everything working

It can be, but it really depends on your hardware set-up and what you want to do with it. I like Linux, but you still have to go into the command line a lot more than in OS X or Windows. Distros like Ubuntu are good about including drivers for most configurations, but lest you need one they don't have, I often have to resort to the terminal to install what I need.

If one has a techy friend they can run to for help, then I'd say it's as user friendly as Windows, though. It's the workarounds that tend to be more difficult for average users (even when they can be much easier if you're used to *nix).

ETA: The fact that most distros these days no longer preinstall proprietary codecs for stuff as common as mp3's is also annoying. General users don't care about ideology.

cryaegm · Feb 21, 2011

Jamesaritchie said:
But how does it work without my home computer even being hooked up? I hadn't used that e-mail account for several weeks, and so hadn't typed a password for several weeks, before the trouble started.

I do know from Google that the e-mail account itself was hacked, but I can't see how a keylogger would have mattered when I didn't type the password, and wasn't using the account when all of this happened.

I'm also pretty darned good at finding malware on my computer. I keep all the best paid software on my computer, and I used it to run every test imaginable. All came up negative.

Did you use Malwarebytes to look to see if you have had malware? Sometime regular virus scanners won't pick that up, even if they are the best (a lot swear by Norton, but I honestly think the anti-virus sucks and does more harm than good [not saying that that's one of the best anti-virus software out there; I was just giving an example, albeit a poor one]). You could have had a key logger on your computer before not being hooked up. Or your password wasn't strong enough and someone was able to get into your account that way. OR your secret question or whatever method you use to retrieve your passwords with was easy enough for the hacker to use and get into your account (that's if your password was changed when you found out about it and tried to get back in).

kuwisdelu · Feb 21, 2011

Am I the only one that gets confused when people say "reformat" without saying they also reinstalled the OS?

I keep thinking "okay...so you reformatted, but you still need to install an OS, right?"

cryaegm · Feb 21, 2011

kuwisdelu said:
Am I the only one that gets confused when people say "reformat" without saying they also reinstalled the OS?

I keep thinking "okay...so you reformatted, but you still need to install an OS, right?"

Well, you are reinstalling your OS when you reformat. I don't have a Windows disc myself, but I have a repair disc that lets me reformat the HDD and reinstall Windows.

Deleted member 42 · Feb 21, 2011

kuwisdelu said:
Am I the only one that gets confused when people say "reformat" without saying they also reinstalled the OS?

I keep thinking "okay...so you reformatted, but you still need to install an OS, right?"

No; it's a linguistic marker though when people do confuse the two.

And I'm ecstatic that I no longer do phone support.

kuwisdelu · Feb 21, 2011

cryaegm said:
Well, you are reinstalling your OS when you reformat. I don't have a Windows disc myself, but I have a repair disc that lets me reformat the HDD and reinstall Windows.

You don't have to reinstall your OS when you reformat. You do (generally) have to reformat when you reinstall an OS. There are plenty of times you may want to reformat a drive without installing anything on it, though, so that's why saying "reformat" alone tends to confuse me.

On a separate note, it baffles my mind that OEM's still don't always provide a full Windows install disc.

cryaegm · Feb 21, 2011

kuwisdelu said:
You don't have to reinstall your OS when you reformat. You do (generally) have to reformat when you reinstall an OS. There are plenty of times you may want to reformat a drive without installing anything on it, though, so that's why saying "reformat" alone tends to confuse me.

On a separate note, it baffles my mind that OEM's still don't always provide a full Windows install disc.

They don't even come with a repair or a recovery disc anymore.

Matera the Mad · Feb 21, 2011

They do provide the means to create one -- which one should always do before getting into trouble, because if the hidden restore partition on the hard drive becomes unusable, you are up fecal creek.

kuwisdelu · Feb 21, 2011

Matera the Mad said:
They do provide the means to create one -- which one should always do before getting into trouble, because if the hidden restore partition on the hard drive becomes unusable, you are up fecal creek.

It's still ridiculous, IMO.

If you sell an OS license with your hardware, you ought to provide the means to install it, whether it's preinstalled or not.

Matera the Mad · Feb 21, 2011

Totally ridiculous. Even more so when the damn restore crud doesn't work, as in my case...but that's another story and involves a bit of faulty hardware.

BradCarsten · Feb 21, 2011

Jamesaritchie said:
But how does it work without my home computer even being hooked up? I hadn't used that e-mail account for several weeks, and so hadn't typed a password for several weeks, before the trouble started.

I do know from Google that the e-mail account itself was hacked, but I can't see how a keylogger would have mattered when I didn't type the password, and wasn't using the account when all of this happened.

there are a few other way they can get your password
- if you use the same password on multiple sites, a smaller site may be hacked, and then they will have the email address you used to register and your password.
- if you get your browser to auto save passwords, they can hack those quite easily.
- there are other ways as well- security questions are all the same - whats your mothers maiden name etc
- some people use their usernames on other sites as their passwords so for example my password may be ave. Others common ones include your birth date, social security, 12345 etc etc

cryaegm said:
I misread it and I'm sorry. I was still livid about having to reformat my computer because of stupid Microsoft Office. Can suggest system reformat, but I already tried that and all it gave me was a black screen of death and a cursor.

lol I completely understand that frustration- I have very nearly thrown my pc out the window on more than one occasion

kuwisdelu said:
If one has a techy friend they can run to for help, then I'd say it's as user friendly as Windows, though. It's the workarounds that tend to be more difficult for average users (even when they can be much easier if you're used to *nix).

Im a complete linux noob, and am fortunate that I didnt have to use the terminal at all, although my pc is quite up-to-date and I only use it to write, run photoshop and to watch videos, encode mp3's etc.

the biggest frustration I had was relearning where everything was, after being a windows user for so long. ubuntuforums was my friend

kuwisdelu said:
ETA: The fact that most distros these days no longer preinstall proprietary codecs for stuff as common as mp3's is also annoying. General users don't care about ideology.

ubuntu 10.10 now gives you the option to add restricted extras on install which is quite nice.

Jamesaritchie · Feb 22, 2011

ave said:
there are a few other way they can get your password
- if you use the same password on multiple sites, a smaller site may be hacked, and then they will have the email address you used to register and your password.
.

This is a possibility. I usually use a different password for each site or purpose, but I did use that particular password at a couple of other sites because they were related, and I was bouncing back and forth between sites and the Google e-mail.

I have a friend who got frustrated with the lack of security in Windows, , and the lack of software use in Ubuntu, so instead of adding Ubuntu to his main computer, he sat up two computers at his work station, one for Windows and one for Ubuntu. The same keyboard is connected to both, and he toggles back and forth as needed.

It's a bit crowded, but it works very well for him. I have a spare computer tucked away, and I've thought about doing the same thing.

Deleted member 42 · Feb 22, 2011

Jamesaritchie said:
I have a friend who got frustrated with the lack of security in Windows, , and the lack of software use in Ubuntu, so instead of adding Ubuntu to his main computer, he sat up two computers at his work station, one for Windows and one for Ubuntu. The same keyboard is connected to both, and he toggles back and forth as needed.

It's a bit crowded, but it works very well for him. I have a spare computer tucked away, and I've thought about doing the same thing.

This doesn't provide any more security, merely a backup.

You can be compromised in a ten minute session on a computer you don't own. Given the presence of multiple login authentication schemes, one log in packet often leads to others.

If an exploit gains access to an email account it often provides access to your old email, providing opportunities for social engineering, or even registration confirmations you forgot to delete. Access to your email account provides the criminal with a way to create new accounts in your name.

The only secure computer is one that isn't connected to the Internet. All platforms are vulnerable, it's just a matter of opportunity.

Compromised email address

Well begun is half done...

the original blond bombshell

Live a little. Write a lot.

practical experience, FTW

Snakecakes

practical experience, FTW

Deleted member 42

Deleted member 42

practical experience, FTW

Snakecakes

Revolutionize the World

Snakecakes

Revolutionize the World

Snakecakes

Deleted member 42

Revolutionize the World

Snakecakes

Bartender, gimme a Linux Mint

Revolutionize the World

Bartender, gimme a Linux Mint

practical experience, FTW

Deleted member 42