Somebody tried to hack my google account

J

Jaroslav Kourakin

Newcomer
What do I do? Obviously a crime has been committed. I have no idea how the person got my password. Possibly my phone has a virus since my google account is connected to it.

Here is the letter from google. I live in Sweden so this is entirely out of place.

Hi Jaroslav,

Someone recently used your password to try to sign in to your Google Account jaroslav.kourakin@gmail.com. This person was using an application such as an email client or mobile device.

We prevented the sign-in attempt in case this was a hijacker trying to access your account. Please review the details of the sign-in attempt:

Friday, March 14, 2014 3:29:20 AM UTC
IP Address: 24.147.212.66 (c-24-147-212-66.hsd1.ma.comcast.net)
Location: Andover, MA, USA

If you do not recognize this sign-in attempt, someone else might be trying to access your account. You should sign in to your account and reset your password immediately.
Click to expand...
 
If you think your phone has been somehow compromised, perhaps the best way to go is backup your important data, then run a factory reset of the phone. Then be selective as to which applications you install thereafter. You don't say, but I'm assuming that you're running an Android device? Hacks tend to come from corrupted apps from what I've heard. There are some free and paid security apps available as well. Can't recommend any myself as I don't use any of them!

An alternative is if you have perhaps recently accessed your Google account from a public computer such as an internet cafe. If there was a keylogger installed on a PC, the details could have been taken from there.

Obviously, the first thing to do is change your password on a computer which you know is secure.
 
Be aware of/beware 'spearphishing' emails that are sent out with fake warnings of people trying to access your this-or-that account (google, facebook, world of warcraft and so on), with 'helpful' links for you to click to 'reset' your password and so on. Make sure you don't click random links in emails to log in to any online services.

Usually - although I can't swear this is universal - emails from service providers such as google or blizzard address you inside the email by the name you have entered in your account information to show the email is genuine. Look for things like that. Also look for grammatical or spelling errors - not always a sign, but often the people who send out phishing emails don't have a firm grasp of the english language.

As for the 'obvious crime that has been committed' bit, forget about that. There's zero chance the police will be able to catch the people involved. Nor will they even try. Just be cautious. Protect yourself.
 
I was semi-locked out of my yahoo account a few years ago. Source of the "hack" was trivial, I would often suscribe to various shit using my default go-to password. Random site wants you to create an account (not necessarily porn sites :), "downloading" sites, shady flash games sites, lotteries and random crap too). You create one.. Good chance you've just given your e-mail address and the password to it, perhaps 80% or over 50% people do.

With yahoo it took about a month or doing whatever, or just waiting, then I could eventually get back to my account (entering captcha to prove I'm not a bot etc.) and change the password, no problem since.

Of course using the mail's password for random things is stupid but I used to not care. Also it's not just porn and russian warez sites, a site may get compromised or looked legit but was ran by assholes.
 
Grall said:
As for the 'obvious crime that has been committed' bit, forget about that. There's zero chance the police will be able to catch the people involved. Nor will they even try. Just be cautious. Protect yourself.
Click to expand...

What do you mean they will not be able? That computer on the IP adress is the crime scene, how hard can it be to investigate it? But I understand they won't, since the police is not there to protect and serve the community, only the bureaucrats and their "sponsors"...
 
You can bet they have very few cops dealing with that stuff, but those that do are/can be competent, at least in my country.
For reasons of practicality they can't trigger a procedure, police or judiciary, for such a limited affair, stuff like that must happen many thousands times.. And especially the IP is unreliable, you can't just storm the home or place it comes from.
Maybe malware from an innocent person's computer did it, or it was someone outside using using the wifi (without permission or after trivially cracking WEP), or the IP address was even spoofed.
 
How hard...? Very! Potentially extremely, maybe completely impossible.

IPs are not like street addresses. Maybe you don't know too much about how the internet works (or been informed about it by watching TV shows like CSI and so on :p), but IP addresses are often temporarily assigned. They can also easily be forged in emails, basically you can have software insert whatever numbers you want there. There's little way of truly knowing where an email came from, unless you encrypt it using a digital certificate...which isn't completely foolproof either of course; someone could potentially have stolen the certificate and used it illegitimately. *shrug* Even if you do manage to trace an email back to its computer of origin, then what? You still don't know who exactly sent it.

The reason police typically won't investigate email scams is not because of the reasons in your paranoid rant, but because there's basically no chance of actually catching anyone. If you're a badguy you're probably sending your fraudulous email spam from a botnet or other location that can't be tied back to you. Very likely, these computers would reside in a different country. Police would have no leads to go on, and even if they did they would lack the jurisdiction to pursue them across international borders. So it's pointless and a waste of manpower and resources to even try. Sad, but true.

Therefore, best thing you can do to is to protect yourself. Be wary of emails that warn you of people trying to break into your online accounts, not just websites but also your bank. It is very very common that criminals try to gain access to bank accounts by pretending to be your bank, warning you of criminals trying to steal your money. Also, you should run some decent malware protection software on your computer, but I assume you do that already.
 
Doing all the critical OS updates is important too, as well as browser updates and their plugins. Even the annoying Adobe Reader updates that may annoy you (or you can use a smaller, simpler PDF reader software). Malicious PDF files even are common.
 
Here are some simple security tips even a lay-man can do and I think are quite useful:

- Use one web browser only for important business (e.g. banking) and another one for "casual" browsing. This helps against simple attacks such as cross site scripting.
- Whenever you connecting some pages asking for your passwords, type in the web address if possible. Avoid following links.
- Use a password manager. Avoid reusing passwords. If you must, keep a "throw away" password for those sites you don't plan to keep using but ask for a password.
- Use two-way authentication whenever possible.
 
pcchen said:
- Use two-way authentication whenever possible.
Click to expand...

I've always heard it called "Two Factor" authentication. Is that what you mean?

Oh and Grall stop it with your sensible argument supported by facts and superior understanding of the the interwebs. You know in your hearts it's just The Man trying to keep us down :D. And the banks and the IMF and the UN and Spanish trained monkey hackers who like to steal your sunglasses and wear them.
 
if you use tunnelled web browser or app, it also can raise the warning.

i have not got it from google, but i got similar warning a few years ago from facebook. They say that my account was accessed from Norway, very far from my current location.

then i remembered, a few days previously i just logged in from Opera Mini. It tunnel connections to Norway.
 
homerdog said:
I've always heard it called "Two Factor" authentication. Is that what you mean?
Click to expand...

Yeah, or two-step authentication as Google called it :)

In the past I was not a fan because many service providers try to shift the responsibility back to their users (there were cases where banks refuse to reverse fraudulent transactions because of it). However, these days, passwords are just way too easy to steal.

Personally I think it's nearly impossible to defend against a targeted attack, but for most people, not being an easy target is good enough. This is just like locks: no car is "theft-proof," but thieves are more likely to steal badly protected cars, so it's still better for you to have some nice locks.
 
What two-factor schemes are there out there?, one is "give us your phone number so we can send you a SMS". Yeah right, I don't want to give it to you.
 
Blazkowicz said:
What two-factor schemes are there out there?, one is "give us your phone number so we can send you a SMS". Yeah right, I don't want to give it to you.
Click to expand...

It can also be done with an IC card, though you'll have to use an IC card reader. Another way is to use a key token which generates a temporary verification code. It can also be done with a smartphone app.

Google recently bought a company which uses ultrasound to communicate between a computer and a smartphone. The idea is that you have a smartphone app installed for verification, and when you want to login a website, you launch the smartphone app, and the web site play an ultrasonic coded noise for the smartphone app to listen. The smartphone app then play back a "reply sound" for verification, or on computers without a good mic, connect the server directly with the necessary verification data.

Note that all these are not perfectly "safe" because if your computer is compromised, the attacker can monitor your keyboard and know what verification code you have entered. They can also try to access your IC card while it's still in the card reader. Some IC card readers have a small display and keyboard, allowing the user to enter the PIN number on the card reader instead of on the computer, which is more secure.
 
if your phone is compromised then do a factory reset and wipe any memory cards.

Maybe a keylogger on your computer

Maybe a forum or anoither website go compromised and they had their passwords unencrypted. Perhaps you used the same passwords.

I have set up a 2 step authentication. They send me an SMS with a code if I use a new device/browser.
 
Since your email is typically the nexus for all of your other accounts, it is worth having a very secure password.

Use 20+ characters, don't use this password anywhere else, and the odds of this happening go way, way down.
 
You should always be careful dude with the internal links inside the inbox of your email. If you don't trust the sender, just DON'T CLICK THE LINK!!! This is called as phishing email, which has intention to hack your account. I don't know how they do it, but they obviously are brilliant hackers for sure. You should also be careful when installing apps on your device, even from Google Play Store.

I think Google has been doing pretty good in the past few months, especially with their security system. If someone from different far distance from you try to log in to your account, Google will usually alert you through email or even text message before that person changes the password of your account.
 
You must log in or register to reply here.

Similar threads

J
Does being messed about by women or people in general, turn you bitter?
Replies
16
Views
1K
Jack Attack
J
M
Microsoft should use the Windows 365 offline launch to pivot their hardware model
Replies
1
Views
1K
eastmen
E
J
Should I leave another forum?
Replies
6
Views
2K
iroboto
iroboto
Rys
Reopening Architecture and Products + rules and guidelines changes
3 4 5
Replies
90
Views
16K
Shifty Geezer
Shifty Geezer
J
Resident Evil: is it time to stop posting about it?
Replies
14
Views
2K
Jack Attack
J
Back
Top