email hijack

For system help, all hardware / software topics NOTE: use Coders Corner for all coders topics.

Moderators: Krom, Grendel

Post Reply
User avatar
Pandora
DBB Admiral
DBB Admiral
Posts: 1715
Joined: Thu Feb 10, 2000 3:01 am
Location: Bangor, Wales, UK.

email hijack

Post by Pandora »

embarrassingly, my yahoo email account appears to have been hijacked. spam emails have been sent to all my contacts. Not sure how this could have happened. I did not download any programs, but I was at an airport internet cafe yesterday and accessed my email (not sure whether I also checked this acccount, though). Also I remember that 2 weeks ago or so I could not log in to yahoo, because my password was broken. It took several attempts plus changing/re-changing my password to get in.

I am running Mac OS X Snow Leopard.

I would be very grateful for any advice/recommendations.
User avatar
Krom
DBB Database Master
DBB Database Master
Posts: 16138
Joined: Sun Nov 29, 1998 3:01 am
Location: Camping the energy center. BTW, did you know you can have up to 100 characters in this location box?
Contact:

Post by Krom »

Change the \"lost password\" email address and questions you use and change your password. You probably got hit by a phishing attack. Check over your account for any other changes.
User avatar
Pandora
DBB Admiral
DBB Admiral
Posts: 1715
Joined: Thu Feb 10, 2000 3:01 am
Location: Bangor, Wales, UK.

Post by Pandora »

thanks, Krom. Do I need to worry about my other accounts as well?
User avatar
Krom
DBB Database Master
DBB Database Master
Posts: 16138
Joined: Sun Nov 29, 1998 3:01 am
Location: Camping the energy center. BTW, did you know you can have up to 100 characters in this location box?
Contact:

Post by Krom »

I would check everything that uses the same password or that you registered using that account.
User avatar
Isaac
DBB Artist
DBB Artist
Posts: 7737
Joined: Mon Aug 01, 2005 8:47 am
Location: 🍕

Post by Isaac »

Gmail has \"filters\" which are commands that can do jobs like forward/cc all email to another address. Check if yahoo has something similar. edit: There could be a problem. edit edit: Someone has a blog about losing their high traffic website because the domain address code was forwarded to a bad guy.

Also run a search in your inbox for the word \"password\". For each hit, adjust what ever account it's associated with.

Now that tax information is on my google accounts, I don't check my email on any computer running windows.
User avatar
Xamindar
DBB Admiral
DBB Admiral
Posts: 1498
Joined: Sun Jun 06, 2004 2:44 am
Location: California
Contact:

Post by Xamindar »

Yes, check that mail forwarding is not turned on and that there are no filters set up. They usually will take over email accounts and use them to spam from but also have all email forwarded to another account. So if you aren't receiving any new email - check the forwarding option.
Why doesn't it work?
User avatar
Pandora
DBB Admiral
DBB Admiral
Posts: 1715
Joined: Thu Feb 10, 2000 3:01 am
Location: Bangor, Wales, UK.

Post by Pandora »

thanks guys. Nothing of the sort seems to have happened. changed my password etc. and deleted all my contacts (was 6 years out of date anyways), fingers crossed it won't happen again. If it does, I'll just delete the account, it's 70% spam anyways.

It just irks we to not know how it happened. I read somewhere that it might be related to yahoo messenger (that i subscribed to when I was in a clan) being linked to the address book. It can then be hijacked when I click on a stupid link without my account being actually compromised. Does anyone now about this?
User avatar
Isaac
DBB Artist
DBB Artist
Posts: 7737
Joined: Mon Aug 01, 2005 8:47 am
Location: 🍕

Post by Isaac »

I think a keystroke logger is what you're a victim of. Anyone with any computer skill level can install one. And many of them are free.
User avatar
Krom
DBB Database Master
DBB Database Master
Posts: 16138
Joined: Sun Nov 29, 1998 3:01 am
Location: Camping the energy center. BTW, did you know you can have up to 100 characters in this location box?
Contact:

Post by Krom »

Remember to change your account security questions, the ones that you would use if you ever lost your password. It is standard for someone who has compromised an account to change those so if the real user resets the password they can still get back in.
User avatar
Pandora
DBB Admiral
DBB Admiral
Posts: 1715
Joined: Thu Feb 10, 2000 3:01 am
Location: Bangor, Wales, UK.

Post by Pandora »

thanks for reminding me, Krom. I actually forgot to do this.
User avatar
Pandora
DBB Admiral
DBB Admiral
Posts: 1715
Joined: Thu Feb 10, 2000 3:01 am
Location: Bangor, Wales, UK.

Post by Pandora »

Isaac, so you think it happened at the internet cafe? They seemed to relatively secure, it was one of these interfaces where you cannot get down onto the OS level. But of course, anyone could just click on a link and download it, I guess.

I *think* I am relatively secure with my mac. But I did a complete scan for malware just to be sure and nothing turned up.
User avatar
Glowhyena
DBB Captain
DBB Captain
Posts: 621
Joined: Mon Feb 27, 2006 10:14 pm
Location: Chernobyl NPP
Contact:

Re:

Post by Glowhyena »

Isaac wrote:Gmail has "filters" which are commands that can do jobs like forward/cc all email to another address.

*EDIT*
Yup, I've heard that. I have a Y! Mail account that has 1441 spams. I already blocked them but didn't work. =/

I prefer Gmail. It's pretty good and fast.
User avatar
Pandora
DBB Admiral
DBB Admiral
Posts: 1715
Joined: Thu Feb 10, 2000 3:01 am
Location: Bangor, Wales, UK.

Post by Pandora »

yeah its funny. This address was the first I signed up to when I tried out the internets 15 years ago or so. Amazing how far behind yahoo has fallen since then...
User avatar
Tunnelcat
DBB Grand Master
DBB Grand Master
Posts: 13742
Joined: Sat Mar 24, 2007 12:32 pm
Location: Pacific Northwest, U.S.A.

Post by Tunnelcat »

A hacker got my Gmail account name (and a truckload of other users) when they hacked into a forum website (not here) I was registered on. At least they didn't get access to it or the password, but now I get Viagra spam 4 times a day! $#^&%(*$@!
User avatar
Isaac
DBB Artist
DBB Artist
Posts: 7737
Joined: Mon Aug 01, 2005 8:47 am
Location: 🍕

Post by Isaac »

I like how gmail runs like a desktop application, in a browser. And you don't have to reload the whole page when navigating. It's why I left hotmail.
Pandora wrote:Isaac, so you think it happened at the internet cafe? They seemed to relatively secure, it was one of these interfaces where you cannot get down onto the OS level. But of course, anyone could just click on a link and download it, I guess.
If it seems secure it probably is. If it looks like a new instance of windows every time you log on, I would say it's pretty safe.
But please know that there are usb keyloggers that you plug the keyboard into. Always check. http://www.keyghost.com/USB-Keylogger.htm
And the cafe owner and employees could install anything if they're dishonest. But they're already getting your money so I wouldn't worry too much about them.

You just gave me an idea. :) I have 2 gmail accounts. One of which I never use. I could forward my email to this second account so I could check it on strange computers. I could also choose what gets sent. And if it gets highjacked, I won't care.
Pandora wrote:I *think* I am relatively secure with my mac. But I did a complete scan for malware just to be sure and nothing turned up.
Your mac is pretty safe. But some wifi hot spots can be a security risk. Chrome gives warnings when you connect to something like this.
User avatar
Glowhyena
DBB Captain
DBB Captain
Posts: 621
Joined: Mon Feb 27, 2006 10:14 pm
Location: Chernobyl NPP
Contact:

Re:

Post by Glowhyena »

Isaac wrote:I like how gmail runs like a desktop application, in a browser. And you don't have to reload the whole page when navigating. It's why I left hotmail.
I did the same exactly. Gmail is very good as changing themes. Less spams.

I have a plan to quit M$'s mail because it annoys with their stupid advertisements that shrink my freaking email display. I hate it so much.

I feel Microsoft wants my money with their ads of Office, Xbox, and etc.
User avatar
Sirius
DBB Master
DBB Master
Posts: 5616
Joined: Fri May 28, 1999 2:01 am
Location: Bellevue, WA
Contact:

Post by Sirius »

I tried Hotmail recently, but quickly ditched it; I thought with all the push around Bing, maybe Windows Live would bring the other services up to scratch as well. Apparently not.
Post Reply