homeGeek CultureWebstoreeCards!Forums!Joy of Tech!AY2K!webcam

Forum Home Post A Reply

my profile | directory login | | search | faq | forum home


» The Geek Culture Forums! » Other Geeky Stuff » Ask a Geek! » My Gmail account was compromised » Post A Reply


Post A Reply
Login Name:
Password (max 13 characters):
Message Icon: Icon 1     Icon 2     Icon 3     Icon 4     Icon 5     Icon 6     Icon 7    
Icon 8     Icon 9     Icon 10     Icon 11     Icon 12     Icon 13     Icon 14    
Message:

HTML is not enabled.
UBB Code™ is enabled.

 

Instant Graemlins Instant UBB Code™
Smile   Frown   Embarrassed   Big Grin   Wink   Razz  
Cool   Roll Eyes   Mad   Eek!   Confused   Happytears  
blush   Beard of Peter Gabriel!   crazy   tired   ohwell   evil  
shake head   cry baby   hearts   weep   devil wand   thumbsup  
thumbsdown   Geek   Applause   Angel   Envy    
Insert URL Hyperlink - UBB Code™   Insert Email Address - UBB Code™
Bold - UBB Code™   Italics - UBB Code™
Quote - UBB Code™   Code Tag - UBB Code™
List Start - UBB Code™   List Item - UBB Code™
List End - UBB Code™   Image - UBB Code™

What is UBB Code™?
Options


Disable Graemlins in this post.


 


T O P I C     R E V I E W
Callipygous
Member # 2071
 - posted September 14, 2010 01:26
Last night some IP address in China got into my Gmail account and sent some (very poorly formatted) html spam to all my contacts. I have changed my password and security question, as advised by the Gmail help section. Should I take any further precautions, and is there anything else I should do, or anyone at Google I should inform?
 
Ashitaka
Member # 4924
 - posted September 14, 2010 02:55
change all your other accounts that use this password ( that is only if you are within the majority of people who use the same password for multiple services.)
 
littlefish
Member # 966
 - posted September 14, 2010 04:20
As the most recent XKCD suggests:

 -
 
Ashitaka
Member # 4924
 - posted September 14, 2010 06:16
I knew I had read about that recently somewhere.
 
Callipygous
Member # 2071
 - posted September 14, 2010 10:14
I use 1Password together with DropBox, so luckily now most of my passwords are different.
 
Stereo
Member # 748
 - posted September 14, 2010 10:41
I try to find different passwords with a mnemonic that goes with the site, but if I don't use it regularly, I forget it. Good thing is, more often than not, my computer remembers it for me... [crazy]

Perhaps I should make a list, but that's trouble if someone breaks in...

Oh well. At least I do remember the passwords for my banking accounts, and I do not reuse them. Perhaps have a list for the other, free accounts here and there?

And good luck with your problem, Calli. For all I know, 1) changing your password; and 2) signaling out the IM address is all you can do, save for closing the account and creating a new one entirely. With stronger password...
 
The Famous Druid
Member # 1769
 - posted September 14, 2010 17:06
One password for sites where I don't care about security (eg, newspaper sites)

One password for sites where I do care about security (eg, gmail)

And for sites where I _really_ care about security (eg online banking) I use a unique password for each site.

All recorded in an encrypted file, in case I forget, or get hit by a truck and Mrs Druid needs to get at them. The password for the encrypted file is long and basically impossible to guess. One password to rule them all, and in the darkness bind them.
 
garlicguy
Member # 3166
 - posted September 14, 2010 17:09
quote:
Originally posted by The Famous Druid:
One password for sites where I don't care about security (eg, newspaper sites)

One password for sites where I do care about security (eg, gmail)

And for sites where I _really_ care about security (eg online banking) I use a unique password for each site.

Amazing proof once again that great minds think alike. [Big Grin]
 
The Famous Druid
Member # 1769
 - posted September 14, 2010 17:16
Calli, I've heard several similar stories in recent weeks. I suspect the problem may be at gmail's end, and not carelessness on your part.
 
quantumfluff
Member # 450
 - posted September 14, 2010 20:06
quote:
Originally posted by Callipygous:
Last night some IP address in China got into my Gmail account and sent some (very poorly formatted) html spam to all my contacts. I have changed my password and security question, as advised by the Gmail help section. Should I take any further precautions, and is there anything else I should do, or anyone at Google I should inform?

The question you have to answer first is how you think they got into your account? You have declared that you use different passwords for everything, so it was not the XKCD attack. It is unlikely to be a breach that lets people hijack gmail accounts specifically (if that existed in the wild, enough so that second rate spammers had it, the security community would know). Sadly that leaves a high probability of the thing you really don't want to hear - a keylogger on you machine.

I may be paranoid, but I go by the ultra-contagen rules. If I have a compromised account than any machine I type the password for that account is suspect, and should be scrubed to bare metal. Likewise, if I have a machine that was compromised, then any account I ever accessed from that machine is compromised and must have a password change.
 
dragonman97
Member # 780
 - posted September 14, 2010 21:43
Stereo: If you use Firefox, you should really use Master Password, so that your passwords can't be used without entering the...wait for it...master password. [Smile]

I can't speak for other browsers, though.

Personally, I stopped using such a feature some time ago, as I've tended to juggle 3 computers in common usage and I tend to use >= 2 browsers on each computer. I follow a moderately similar approach to TFD, though I don't keep much at all in common amongst sites.

IMHO, the 'best' passwords are the ones you barely know, save for how to type them. (Odds are, these _won't_ be in any 'dictionary.') Alas, I had some trouble sharing such a password with a colleague the other day, and had to 'air type' it to figure out what the heck it was. [Razz]
 
garlicguy
Member # 3166
 - posted September 15, 2010 11:30
quote:
Originally posted by dragonman97:
... Alas, I had some trouble sharing such a password with a colleague the other day, and had to 'air type' it to figure out what the heck it was. [Razz]

'Air type'? Ha ha ha ha ha. Dragon, this makes you the Joe Cocker of geekdom. (It would be funnier if I didn't find myself doing the same thing at times, and also with passwords, particularly with lengthy numerics.)

gg
[Roll Eyes]
 
TheMoMan
Member # 1659
 - posted September 16, 2010 07:06
____ Calli, it seems that I have been affected also. I just got a bounced E-Mail that I know I never sent, it was returned because of a "mail box full"

____ Some lady named Cynthia< "my [email protected] server company .com">
 
Stereo
Member # 748
 - posted September 16, 2010 11:05
Heh. Well, if it happens to me... Bad luck! I have no contact in my gmail account! [Big Grin] (I hardly use it anyway; I got it created so I could share my SL activities with the main group I am associated whit. Who wants to know when I have En Garde tournaments? [Big Grin] )
 
dragonman97
Member # 780
 - posted September 16, 2010 13:57
quote:
Originally posted by TheMoMan:
____ Calli, it seems that I have been affected also. I just got a bounced E-Mail that I know I never sent, it was returned because of a "mail box full"

____ Some lady named Cynthia< "my [email protected]l server company .com">

MoMan: That might actually be a 'Joe Job' - someone simply put your address as the "From" address, which causes you to receive the bouncebacks. That doesn't mean your account sent the bad stuff...just that someone pretended to be you when sending spam/phishing.

If you have any doubts, you might consider changing your password just to be on the safe side.
 
TheMoMan
Member # 1659
 - posted September 16, 2010 14:57
____ Dman, I only check that account to see if someone did not get the notification that I have a new account.

____ Me wonders if some one has wrote a script that would take a list of valid addys and stuff a mailbox on purpose.
 
dragon34
Member # 997
 - posted September 23, 2010 14:19
quote:
Originally posted by dragonman97:
Alas, I had some trouble sharing such a password with a colleague the other day, and had to 'air type' it to figure out what the heck it was. [Razz]

I have to do this ALL THE TIME.

Glad I'm not the only one. Muscle memory is neat huh?
 




Contact Us | Geek Culture Home Page

© 2018 Geek Culture

Powered by Infopop Corporation
UBB.classicTM 6.4.0



homeGeek CultureWebstoreeCards!Forums!Joy of Tech!AY2K!webcam