Results 1 to 15 of 15

Thread: Gmail hacked

  1. #1
    Star Lounger
    Join Date
    Aug 2009
    Posts
    99
    Thanks
    1
    Thanked 0 Times in 0 Posts
    Has anyone's gmail account been hacked recently?

    Sometime Monday night (5/3/10) someone hacked into my gmail account and sent an email with no subject to everyone in my gmail address book. The only text in the message was "greenjug91.chat.ru". I have taken all the precautions and have a strong password, but was unable to login to gmail Tuesday morning without going through gmail's re-activation scenario and creating a new password.

    I am using IE8 with Vista.

  2. #2
    3 Star Lounger
    Join Date
    Feb 2003
    Location
    Runcorn, Cheshire, United Kingdom
    Posts
    372
    Thanks
    0
    Thanked 2 Times in 2 Posts
    Check your Gmail settings for any filters and redirects that may have been set up too. There was a report in a UK newspaper about someone whose Gmail account was hacked and a filter added that redirected any emails from his bank. The hacker was then able to use the person's online account to remove money from his account without his knowledge.

  3. #3
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,199
    Thanks
    48
    Thanked 987 Times in 917 Posts
    Maybe your strong password was not strong enough?
    I use KeePass to generate and store my passwords.

    cheers, Paul

  4. #4
    Star Lounger
    Join Date
    Aug 2009
    Posts
    99
    Thanks
    1
    Thanked 0 Times in 0 Posts
    I checked my Gmail settings and all seemed to be OK.

    I'm using LastPass which will also generate strong passwords, but the ones it generates are really hard to remember.

    The odd thing about all this is that I've been using Gmail as my primary email for several years. This is the first time this kind of thing has ever happened. I wish I could figure out where the email came from and how to report it to the folks at Gmail. I waded through all their help pages and never found a way to email them.

  5. #5
    Super Moderator
    Join Date
    Dec 2000
    Location
    Renton, Washington, USA
    Posts
    12,560
    Thanks
    0
    Thanked 4 Times in 4 Posts
    Are you sure that you account just was not spoofed and it just appears that the email came from you?

    Now running HP Pavilion a6528p, with Win7 64 Bit OS.

  6. #6
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,199
    Thanks
    48
    Thanked 987 Times in 917 Posts
    You don't want passwords that you can remember, it means they are less secure. Here is an example of a nice secure password, although it's probably not long enough: kIz7(;0CJz^A\k:&

    cheers, Paul

  7. #7
    Star Lounger
    Join Date
    Aug 2009
    Posts
    99
    Thanks
    1
    Thanked 0 Times in 0 Posts
    DaveA: Maybe it was spoofed. All I know is what I put in my original post.

    Paul: I am using the "pass phrase" technique to create my passwords. Your password is great (as well as the ones LastPass generates) as long as the only place I use gmail is on my home computer where I don't have to worry about remembering the password. Alas, I need to access gmail at work too.

  8. #8
    New Lounger
    Join Date
    Dec 2009
    Location
    SW Michigan
    Posts
    3
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I couldn't sign into my Gmail (also used as primary email for several years now) earlier this week -- had to do the verification via phone thing.

    Once I could get into it, I immediately changed my password and my security question/answer, and looked around for any sent messages... will go look for redirects/filters now -- good suggestion!

    I then scrolled down to the bottom and clicked on "details" next to "last account activity" and what I found was pretty scary. My account had been access via "mobile" in three different countries!

    I had the following mobile accesses listed:

    Germany (87.166.85.188) on 5/2/10
    Germany (94.220.88.204) on 5/2/10
    Serbia (77.46.194.64) on 5/3/10
    <me from my home puter an hour lafter Serbia>
    Switzerland (213.196.134.89) on 5/3/10

    It was about an hour after the Switzerland access that I tried my email and got the message that it had been temporarily disabled.

    I'm thinking/hoping that nothing actually got sent from my account because Google recognized the pattern of European accesses and shut it down in time. I don't know, however, if anything in my account was actually read at that time.

    You can try to see if you have odd IP access as well, but Gmail only shows the last ten access attempts, so if you've logged in more than that, they'll have cycled off the page.



    I think it's really odd that a whole bunch of accounts got hacked at the same time... does Google have a security issue?

  9. #9
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,199
    Thanks
    48
    Thanked 987 Times in 917 Posts
    KeePass allows me to take my passwords anywhere and use them when I want.

    cheers, Paul

  10. #10
    Plutonium Lounger Medico's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    12,631
    Thanks
    161
    Thanked 936 Times in 856 Posts
    Quote Originally Posted by P T View Post
    KeePass allows me to take my passwords anywhere and use them when I want.

    cheers, Paul
    Last Pass does the same thing and stored passwords are encrypted. I have had great success with Last Pass and use it at home and at work.
    BACKUP...BACKUP...BACKUP
    Have a Great Day! Ted


    Sony Vaio Laptop, 2.53 GHz Duo Core Intel CPU, 8 GB RAM, 320 GB HD
    Win 8 Pro (64 Bit), IE 10 (64 Bit)


    Complete PC Specs: By Speccy

  11. #11
    New Lounger
    Join Date
    Dec 2009
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by SamStamport View Post
    Paul: I am using the "pass phrase" technique to create my passwords. Your password is great (as well as the ones LastPass generates) as long as the only place I use gmail is on my home computer where I don't have to worry about remembering the password. Alas, I need to access gmail at work too.
    Sam, you're missing the whole point of LastPass - you can access your stored passwords from anywhere... including work. If you can't download the LastPass app to your work computer, from your work computer just browse to LastPass.com and log in. You now have access to your LastPass vault and all stored passwords. You can do this from any computer anywhere without having to be concerned about typing in a password on a public or work computer.

  12. #12
    5 Star Lounger ibe98765's Avatar
    Join Date
    Aug 2001
    Location
    Bay Area, California, USA
    Posts
    968
    Thanks
    19
    Thanked 4 Times in 4 Posts
    Do you always log out of your Gmail account? That is a good practice to follow.

    Here are a couple of articles that might be useful:

    Hacking Horror Story...
    http://www.ghacks.net/2008/11/06/hac...ory/#more-8099

    Google Mail Account Security Tips
    http://www.ghacks.net/2009/10/29/goo...security-tips/

  13. #13
    Star Lounger
    Join Date
    Aug 2009
    Posts
    99
    Thanks
    1
    Thanked 0 Times in 0 Posts
    I always log out of my gmail account when I use it away from home. I do not log out when at home since I live alone.

  14. #14
    5 Star Lounger ibe98765's Avatar
    Join Date
    Aug 2001
    Location
    Bay Area, California, USA
    Posts
    968
    Thanks
    19
    Thanked 4 Times in 4 Posts
    Quote Originally Posted by SamStamport View Post
    I always log out of my gmail account when I use it away from home. I do not log out when at home since I live alone.
    Whether you are home or not doesn't matter. If you leave accounts open, sometimes, hackers can find their way into them.

  15. #15
    New Lounger
    Join Date
    Dec 2009
    Location
    Melbourne Australia
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts
    It happened to me last year. It is a case of someone guessing your password. They also alter your signature file to send the advertising message. Make your password harder to guess!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •