Results 1 to 13 of 13

Thread: Gmail hacked?

  1. #1
    3 Star Lounger
    Join Date
    Jan 2001
    Location
    Marietta, Georgia, USA
    Posts
    232
    Thanks
    4
    Thanked 2 Times in 2 Posts

    Exclamation Gmail hacked?

    I got a notification last night:
    Your Gmail address, XXXXXX@gmail.com, has been created

    It included a link to disallow the new email address, which I used. This sounds like someone hacked my gmail user name / password - is that correct?
    Rick Groszkiewicz
    Life is too short to drink bad wine (or bad coffee!)

  2. Subscribe to our Windows Secrets Newsletter - It's Free!

    Get our unique weekly Newsletter with tips and techniques, how to's and critical updates on Windows 7, Windows 8, Windows XP, Firefox, Internet Explorer, Google, etc. Join our 480,000 subscribers!

    Excel 2013: The Missing Manual

    + Get this BONUS — free!

    Get the most of Excel! Learn about new features, basics of creating a new spreadsheet and using the infamous Ribbon in the first chapter of Excel 2013: The Missing Manual - Subscribe and download Chapter 1 for free!

  3. #2
    Super Moderator RetiredGeek's Avatar
    Join Date
    Mar 2004
    Location
    Manning, South Carolina
    Posts
    5,816
    Thanks
    185
    Thanked 703 Times in 641 Posts
    Rick,

    IMHO it was a very bad idea to click on that link! What I would have done is to log in to my Google account and see what was going on there. If I were you I would now scan my computer with every Anti-malware product at my disposal to make sure I haven't picked up something nasty. I'm just sayin'... HTH
    May the Forces of good computing be with you!

    RG

    VBA Rules!

    My Systems: Desktop Specs
    Laptop Specs


  4. #3
    Silver Lounger
    Join Date
    Oct 2012
    Posts
    2,061
    Thanks
    12
    Thanked 234 Times in 227 Posts
    How do you mean got a notification? By email? If so, are you sure gmail sent it? Is XXXXXX@gmail.com your current address? If so then "been created" makes no sense. If not then it could have come from anyone without any other information about your account than knowing your email address, and there's plenty of crawlers on the web harvesting "loose" email addresses all the time.

    So, if it did come directly from Google, yes, its something that you should attend to but otherwise, that email was/is the actual attempt to spam you or attempt to get malware downloaded to your system.

  5. #4
    3 Star Lounger
    Join Date
    Jan 2001
    Location
    Marietta, Georgia, USA
    Posts
    232
    Thanks
    4
    Thanked 2 Times in 2 Posts
    Quote Originally Posted by F.U.N. downtown View Post
    How do you mean got a notification? By email? If so, are you sure gmail sent it?
    Yes, I am sure it was from gmail - I verify the validity of any links before I click on them.

    Quote Originally Posted by F.U.N. downtown View Post
    Is XXXXXX@gmail.com your current address? If so then "been created" makes no sense.
    No, it was a minor variation of my actual gmail. I'm still not sure how "someone else" could create another email address for my email account.
    Rick Groszkiewicz
    Life is too short to drink bad wine (or bad coffee!)

  6. #5
    3 Star Lounger
    Join Date
    Jan 2001
    Location
    Marietta, Georgia, USA
    Posts
    232
    Thanks
    4
    Thanked 2 Times in 2 Posts
    I've attached a screen capture of the original email. I checked it very carefully - it was sent from Google / gmail.

    I have now changed my gmail password and enabled two step authentication.
    Attached Images Attached Images
    Last edited by rgrosz; 2014-01-08 at 10:16.
    Rick Groszkiewicz
    Life is too short to drink bad wine (or bad coffee!)

  7. #6
    Silver Lounger
    Join Date
    Oct 2012
    Posts
    2,061
    Thanks
    12
    Thanked 234 Times in 227 Posts
    That's interesting, so someone used your address as the secondary verification email address it seems to me. That might have simply been an honest mistake or some kind of attempt at a backdoor hack to get linked into your Google+ account, hoping you'd miss the message maybe. I don't know what one could accomplish by that though unless there is some social engineering involved as well.

  8. #7
    Star Lounger
    Join Date
    Dec 2009
    Location
    near Boulder, Colorado, USA
    Posts
    73
    Thanks
    7
    Thanked 2 Times in 2 Posts
    Just because the "FROM" address looks legit does not mean it actually came from that place. It is not difficult to spoof the return address or FROM line on an email. Just sayin'....

  9. #8
    New Lounger
    Join Date
    Dec 2012
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts
    You might want to download PocketKnife Peek (http://www.xintercept.com/peek/pkpeek.htm) and use it to look at the real header for the initiating IP address for the email in question.
    You can also use that utility to look at the HTML source code to see if there are any 'creepy' links to place other than google. Look for of 'alphabet soup' in the domain names in any links ...
    Last edited by Wsho8AFY4vFugQ8g; 2014-01-09 at 21:26.

  10. #9
    New Lounger
    Join Date
    Dec 2009
    Location
    Kansas
    Posts
    6
    Thanks
    0
    Thanked 1 Time in 1 Post
    I frequently get those at one of my gmail addresses that apparently a lot of people wish they had or wish they could steal. I also periodically get notices from gmail about attempts to reset my password on that account. What usually happens is somebody sets up a new gmail account with a few digits added to my address, such as myaddress123@gmail.com and used myaddress@gmail.com in the registration process. Naturally, I prefer not to have my address linked to an account I didn't create so, after verifying the URL in the link I'll click it and in the resulting google window check the box that says "no, I didn't create that account" after which I get a verification that my address has been unlinked from the new account. So far I haven't encountered a bogus gmail notice about this, which is not to say they don't exist. But I think if you exercise appropriate caution it's better to let google know you didn't create the account, than to disregard it and leave your address linked to an account created by an idiot at best or a ne'er-do-well at worst.

  11. #10
    3 Star Lounger
    Join Date
    Jan 2001
    Location
    Marietta, Georgia, USA
    Posts
    232
    Thanks
    4
    Thanked 2 Times in 2 Posts
    Quote Originally Posted by cosmlou View Post
    Just because the "FROM" address looks legit does not mean it actually came from that place. It is not difficult to spoof the return address or FROM line on an email. Just sayin'....
    I always exercise EXTREME caution with links in emails. Should have clarified that I checked the mail content and headers VERY CAREFULLY before I did anything.
    Rick Groszkiewicz
    Life is too short to drink bad wine (or bad coffee!)

  12. #11
    2 Star Lounger
    Join Date
    Feb 2010
    Location
    Coon Rapids, Mn
    Posts
    124
    Thanks
    10
    Thanked 1 Time in 1 Post
    Quote Originally Posted by rgrosz View Post
    I always exercise EXTREME caution with links in emails. Should have clarified that I checked the mail content and headers VERY CAREFULLY before I did anything.
    I don't know about anyone else, but that email picture says to login in at http://gmail - my gmail email is https:// That alone would make suspicious - it is very rare my email provider ever contacts me, gmail is a backup and they NEVER contact me, especially if you already have an account - that would send alarm bells ringing in every part of me. I'd take the first advice and run every scanning program you can find 'cause that just doesn't ring true. Often, scammers will include some REAL links in their phishing mails, to lull you into clicking the one link they want you to which is going nowhere near the actual site they purport to be from...

  13. #12
    3 Star Lounger
    Join Date
    Mar 2010
    Location
    USA
    Posts
    240
    Thanks
    44
    Thanked 32 Times in 25 Posts
    Never click the link in the email. Best is use text view, not html view (web page view).
    You can see the REAL link in text view mode, rather than the 'good name' that hides the bad link behind it.
    To investigate, copy the link. Paste to the browser address bar. Delete the end text of the link to only displaying the web page. Then go to the web site.
    Those funny text at the end of the link is a trace. If you keep it in the address, it tells the bad guy his email finds a real person, traceable to your email address.

  14. #13
    New Lounger
    Join Date
    Dec 2009
    Location
    Kansas
    Posts
    6
    Thanks
    0
    Thanked 1 Time in 1 Post
    Quote Originally Posted by scaisson View Post
    Those funny text at the end of the link is a trace. If you keep it in the address, it tells the bad guy his email finds a real person, traceable to your email address.
    It can also tell the *good* guy (google) the same thing, so they know you're the bona fide owner of your email address and you want to be disassociated from a bogus account you didn't create.

  15. The Following User Says Thank You to harpshot For This Useful Post:

    BruceR (2014-01-11)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •