Author |
Message |
Nanny Ogg
Baiting Guru
Joined: 19 Mar 2007
Posts: 2628
|
Posted:
Mon Feb 28, 2011 6:16 pm |
|
One of my daughters accounts seems to have been hacked today.
She was alerted when a friend phoned her to say they'd recieved an email with a dodgy link.
No idea how its happened.
She's reset her password, checked there's no forwarding on the account.
any other advice?
Ta |
|
|
|
|
Mortal
Baiting Guru
Joined: 02 Jul 2009
Posts: 3473
Location: Smarter than your smartphoneâ„¢
|
Posted:
Mon Feb 28, 2011 6:20 pm |
|
I'd check her computer for virus, malicious software. She might have some keylogger or some other crap on her computer.
Also, is she aware of some netiquette or something in similar fashion? ie. does she know how to spot insecure sites and such? |
_________________ x87 x5
Ugly Duckling with Mountain Goat and Osazee : Cameroon -> Nigeria
Paul with Just Cold: Benin -> Lagos -> Abuja
George: Accra -> Togo I really want to do business with you, because i know you are an Angel send to rescue me by God.
x6
GOD PUNISH YOU, GOD PUNISH YOU, GOD PUNISH YOU. Mr. Olisa
Every night a phonecall from you, you talk rubbish. Mr. Olisa
Juan's hidden fries! |
|
|
|
Nanny Ogg
Baiting Guru
Joined: 19 Mar 2007
Posts: 2628
|
Posted:
Mon Feb 28, 2011 6:31 pm |
|
Ran checks, nothing showing on her antivaral
She wasn't online this morning when the emails were sent
I was wondering about keyloggers
Its not an email address she uses very often, mostly for work to she what shifts she's getting offered.
It a new laptop she has, provided by her university, with dyslexic help soft ware. Not sure what anti virals it has.
I've said she should also install spybot and malwarebytes
She's fairly aware of dodgy sites - maternal nagging |
|
|
|
|
Badgerbait
Baiting Guru
Joined: 07 Jan 2009
Posts: 4507
Location: Winter spites...
|
Posted:
Mon Feb 28, 2011 6:40 pm |
|
Noted in the national news in the U.S. was a a Google burp which deleted several thousand accounts. Maybe we Gmail users should be watchful for bogus emails. Could be bigger? |
_________________ I have arrived in Moscow. Has gone to bank and to me have told that there is no such transfer for me!!!!
What does it mean? You played with me? If it so that you very much the cruel man and I am assured of that that the god will see your cruelty.
Explain to me!!!!!!!!!!!!!!!! - Alena Byk0va
-----------
x13 x3 x4
We are Karma's soldiers.
<a href="/forum/donate.php">Mugu Gold</a>
I must be cruel, only to be kind:
Thus bad begins and worse remains behind. -Hamlet, scene iv
|
|
|
|
DoraTheExplorer
Baiting Guru
Joined: 18 Nov 2008
Posts: 9263
Location: Magnolia, Mississippi
|
Posted:
Mon Feb 28, 2011 7:04 pm |
|
Nanny, if someone has been in her gmail account recently, there should be a record of the IP(s). Have her go to the very bottom and look for:
Quote: |
Last account activity: 3 hours ago on this computer. Details |
And click on the details. It should show something like this:
Quote: |
Activity on this account
This feature provides information about the last activity on this mail account and any concurrent activity. Learn more
This account does not seem to be open in any other location. However, there may be sessions that have not been signed out.
Recent activity:
Access Type [ ? ]
(Browser, mobile, POP3, etc.) Location (IP address) [ ? ] Date/Time
(Displayed in your time zone)
Browser * United States (MS) (XX.XX.XX.XXX) 1:01 pm (0 minutes ago)
Browser * United States (MS) (XX.XX.XX.XXX) 9:36 am (3 hours ago)
Browser * United States (MS) (XX.XX.XX.XXX) 12:48 am (12 hours ago)
Browser * United States (MS) (XX.XX.XX.XXX) Feb 27 (13 hours ago)
Browser United States (MS) (XX.XX.XX.XXX) Feb 27 (15 hours ago)
Browser United States (MS) (XX.XX.XX.XXX) Feb 27 (19 hours ago)
Browser United States (MS) (XX.XX.XX.XXX) Feb 27 (20 hours ago)
Browser United States (MS) (XX.XX.XX.XXX) Feb 27 (1 day ago)
Browser United States (MS) (XX.XX.XX.XXX) Feb 27 (1 day ago)
Browser United States (MS) (XX.XX.XX.XXX) Feb 27 (1 day ago) |
|
_________________
x 2714
Paga John Paga Willie Paga Kingsley James
The Dynamic Duo Travels! |
|
|
|
windypops
Baiting Guru
Joined: 25 Jan 2005
Posts: 6059
Location: Planet X
|
Posted:
Mon Feb 28, 2011 7:32 pm |
|
Is the offending email in her sent folder? Could it be someone with mischief in mind spoofing her addy?
If so, it'll show up in the header if her friend still has it. |
_________________ "No amount of semen donation will save this situation" Sanny Sanny
"We must disagree to agree" Raji Musa
If it's LADS you want. GoTo: http://www.yopmail.com/
and sign in with either ladmail or kentbrockman
|
|
|
|
Nanny Ogg
Baiting Guru
Joined: 19 Mar 2007
Posts: 2628
|
Posted:
Mon Feb 28, 2011 8:39 pm |
|
Thanks, Dora, I'll get her to check the details of the account
I also got one of the emails, to my own gmail.
Checked the header, it did seem to be from that email acount, I've deleted it already though
She'd never sent me anything from that account before.
If someone had spoofed the account I dont see how they'd know to send to my personal gmail
She seemed to think they were in her sent folder and was deleting everything
This all happened just before she was about to head out so she was a bit fraught |
|
|
|
|
The Man
Baiting Guru
Joined: 11 Apr 2007
Posts: 2885
Location: La La Land
|
Posted:
Mon Feb 28, 2011 9:00 pm |
|
Nanny:
Odds are the e-mail is still in your deleted folder if you need it. |
_________________ ---
The Man
YOU ARE A CHILD OF SATAN WITH YOUR HUNGRY DIRTY BODY ,TUNDER FIRE YOU BIG HEAD IDIOT !!! HA HA HA HA HA
IS THIS HOW YOU DECIDED TO TREAT US AFTER ALL WE WENT THROUGH?YOU MADE US TRAVELLED TO ABUJA AND INDEBTED US.
"Cursed is your mother that gave birth to a family-disgrace like you. Cursed is your father he could not control his lust for anything under skate"
"hey u crakhead motherf*cking nitwit, from the way u express the cockamamy sh*t that ur dumb brain is made up of it's so obvious that u never really made it past elementary school but anywayz dogs don't have to go to school afterall."
(Lagos to Abuja)
x2
<---in lieu of a brownie. TS
x8 |
|
|
|
Nanny Ogg
Baiting Guru
Joined: 19 Mar 2007
Posts: 2628
|
Posted:
Mon Feb 28, 2011 9:36 pm |
|
Nah I cleared out the trash
being over cautious on my part as it was sent to my personal account not baiting, though why I think that makes any diffrence considering some stuff spammers send my catcher accounts
I think she's more embarassed than anything
Sending porn links to your boss is probably not the best way to impress him
The horrible thought is that its been somebody she knows who guessed her password, maybe as a joke, but still unsettling |
|
|
|
|
ParaNoid
** REMEMBERED **
Joined: 12 Sep 2006
Posts: 5123
Location: Looking for Steward.
|
Posted:
Mon Feb 28, 2011 10:56 pm |
|
Nanny, sorry to hear this. It does sound like someone got into the account and got all of the contacts in the box. Changing the PW is good and maybe it should be done more often. (Note to self - change passwords this week).
Hmmm, pron to the boss, interesting idea... |
_________________ Gold Coins here
x 4 <b>Looking for a Mentor? Click here</b>
"If I get mad at you, please just understand me. I am just being ParaNoid because I love you so much." - unknown
Visit www.scamwarners.com |
|
|
|
dwatina
Baiting Guru
Joined: 13 Feb 2010
Posts: 7164
Location: Home of the Orangemen! Friends call me Doc
|
Posted:
Tue Mar 01, 2011 12:21 am |
|
I've received emails to MYSELF and my verizon account (and a catcher account) before and it was spoofed. I'm on a Mac so am not too worried about key-logging software being installed on my machine.
I'm thinking in the OP's case it's just a fluke. It was just some email with a dodgy link, and I'd guess the daughter's addy was spoofed. I've had my own accounts receive emails from my one account, and it's never been hacked. I figure it's because spammers send out tens of thousands of emails and they just happened to send to one of mine. And if the password wasn't changed by a hacker, then I think it's fine.
I'd definitely check access like Dora explained. |
_________________ Support bacteria. It's the only culture some people have. (my quote--not a lad's)
*****
x97 [I lost count years ago and don't keep track anymore]
x3
<a href="/forum/donate.php">[Click here to donate to 419Eater.com]</a>
x3 : Femmy Bait w/Team Femmy |
|
|
|
ParaNoid
** REMEMBERED **
Joined: 12 Sep 2006
Posts: 5123
Location: Looking for Steward.
|
Posted:
Tue Mar 01, 2011 2:49 am |
|
^^I only said what I said because of what Nanny posted about the incident. The spam was sent to a friend, to her daughter's employer and to Nanny herself. That doesn't sound like random to me. As Nanny said, maybe someone playing a prank on her daughter, but not random, unless the boss' email and her friend's email are similar.
I am not trying to add fear, Nanny has already expressed her concern and asked for help.
Quote: |
She was alerted when a friend phoned her to say they'd recieved an email with a dodgy link. |
Quote: |
Its not an email address she uses very often, mostly for work to she what shifts she's getting offered.
I also got one of the emails, to my own gmail. |
Quote: |
She'd never sent me anything from that account before.
If someone had spoofed the account I dont see how they'd know to send to my personal gmail |
Quote: |
Sending porn links to your boss is probably not the best way to impress him |
Short of the IP check, they may never know...
|
_________________ Gold Coins here
x 4 <b>Looking for a Mentor? Click here</b>
"If I get mad at you, please just understand me. I am just being ParaNoid because I love you so much." - unknown
Visit www.scamwarners.com |
|
|
|
Nanny Ogg
Baiting Guru
Joined: 19 Mar 2007
Posts: 2628
|
Posted:
Tue Mar 01, 2011 8:03 am |
|
Told my daughter how to check the IP, don't know when she'll do it though.
I think it low on her priorities just now as she's got assignments to hand in.
Even with the IP we wont really know who it was unless we can check it against all emails she gets
The more I think about it the more I assume its been someone guessing her password, not sure what she used but its changed now.
She got the call about the email within minutes of it being sent. I didn't realise it had been sent to me til later as I usually email her at another address.
Important thing is she's run malware checks and nothing has shown up.
AVG, Spybot and Malwarebytes been used
If anyone has any recommendations as to anti virals or anti malware that would pick up key loggers I'd be grateful
And none of her other email accounts seem to have been hacked
Passwords being changed on everything.
Thanks for the help |
|
|
|
|
Morgain Le Fay
Baiting Guru
Joined: 14 Oct 2010
Posts: 5800
Location: Taking my new .38 special to the range
|
Posted:
Tue Mar 01, 2011 3:33 pm |
|
Quote: |
The more I think about it the more I assume its been someone guessing her password, |
Nanny Ogg this can happen. Many years ago when I worked at a major university in the US, I forgot a password for a particular budget document. Failed to write it down. I panicked, but another friend who was in the same local neighborhood computer group also worked at the university and volunteered to come to my department and figure it out.
After 5 attempts, he figured out my password and got into my budget document whereupon I changed the password and wrote it down. The budget document had to be "locked" since it contained personnel salaries.
Sometimes people who know us can figure out our passwords. |
_________________ X42
Nash and 6 friends 488 Km within Ghana - bait with Agda (2012)
Safari Philip Ghana-Benin (bait w/Agda) 2013
x5
.edu's 260 reported
Click here to support 419Eater.com
US Dropbox
"You people are all Junks" - Miss E. Kabx
"Maybe you are insane as your so called sat..." Barrister Insane
The website below is available for Eater folks to use.
Film & Production Needs |
|
|
|
windypops
Baiting Guru
Joined: 25 Jan 2005
Posts: 6059
Location: Planet X
|
Posted:
Tue Mar 01, 2011 7:11 pm |
|
This can happen when someone sends a joke or some other viral link to everyone in their contacts (family, friends, associates etc) . Eventually there's a better than even chance the whole cc list will end up in the lap of someone who will exploit the contacts by spoofing in this way.
If there is no evidence the box has been hacked, that's probably it and nothing to worry about. Just another way of transmitting spam. |
_________________ "No amount of semen donation will save this situation" Sanny Sanny
"We must disagree to agree" Raji Musa
If it's LADS you want. GoTo: http://www.yopmail.com/
and sign in with either ladmail or kentbrockman
|
|
|
|
Boris_YELLsome
Master of Master Baiters
Joined: 03 Mar 2011
Posts: 872
Location: Nowhereville
|
Posted:
Sat Mar 05, 2011 11:16 am |
|
Nanny Ogg wrote: |
Told my daughter how to check the IP, don't know when she'll do it though.
I think it low on her priorities just now as she's got assignments to hand in.
Even with the IP we wont really know who it was unless we can check it against all emails she gets
The more I think about it the more I assume its been someone guessing her password, not sure what she used but its changed now.
She got the call about the email within minutes of it being sent. I didn't realise it had been sent to me til later as I usually email her at another address.
Important thing is she's run malware checks and nothing has shown up.
AVG, Spybot and Malwarebytes been used
If anyone has any recommendations as to anti virals or anti malware that would pick up key loggers I'd be grateful
And none of her other email accounts seem to have been hacked
Passwords being changed on everything.
Thanks for the help |
Most viruses these days evade the anti-virus software, anti-virus software is only really good for identifying very popular viruses and not the many many many 'mutations'. I would highly suggest http://www.ubcd4win.com/ they have a good FAQ there, and majorgeeks.com also have a lot of information. Basically it boots up into a very small virtual PC and you scan your main PC as if it was an external resource.
I doubt someone is guessing her email unless it is some one she knows, does she have facebook? Many apps on facebook ask for log in details and then steal the password, most if not all my friends that I get spam from have been in this way.
Be sure to check your gmail filters for any rules that may forward may forward mail.
Anyways hope this helps. |
|
|
|
|
|