Google Mail Account Hacked

aceface57 · 20 Nov 2010 at 18:37

Just thinking about this, does you girlfriend have a mobile running android? Could be a dodgy app she has got on her phone and it's doing it that way?

Sinny · 20 Nov 2010 at 19:35

I had something similar ages ago, yet my password was a mixture of lower case, uppercase, letters and symbols.

Upon logging in I had a message at the top saying "Your account was last accessed from china.

was a while ago now, but I was absolutely amazed at how my password could've been cracked.

tntcoder · 20 Nov 2010 at 20:01

Sinny said:
was a while ago now, but I was absolutely amazed at how my password could've been cracked.

Obtained or intercepted are more appropriate words than cracked.

Redrum · 21 Nov 2010 at 02:07

asim18 said:
A spammer is just using her address as the "From" address. So any bounced emails end up in her inbox.

No one has actually gained access to her account unless it's in the recent activity list.

This can be the case sometimes as, like the op mentioned, you can send email from any address if you know what you are doing and a lot of receiving mail servers won't notice that it's fake. But in this instance, the op stated that the emails appeared in her sent folder, so that means they were actually sent out from google's mail servers, and therefore the account has been hacked.

1kiwi · 21 Nov 2010 at 13:22

aceface57 said:
Just thinking about this, does you girlfriend have a mobile running android? Could be a dodgy app she has got on her phone and it's doing it that way?

Nope she has an iPhone. Also, not sure if the access type would still be browser if someone was to access the account via an API.

Redrum said:
This can be the case sometimes as, like the op mentioned, you can send email from any address if you know what you are doing and a lot of receiving mail servers won't notice that it's fake. But in this instance, the op stated that the emails appeared in her sent folder, so that means they were actually sent out from google's mail servers, and therefore the account has been hacked.

Yep. Well, I'll try and do some more investigation today and let you guys know regarding the outcome.

Many thanks for the help so far!

KatanaDV20 · 21 Nov 2010 at 13:34

Wow thats scary that it can be done so easily.

Do you guys think that its because many of us use auto-logins in our browsers? - like the Wand in Opera (whose .dat file can be easily read) etc.?

I had something similar ages ago, yet my password was a mixture of lower case, uppercase, letters and symbols.
Upon logging in I had a message at the top saying "Your account was last accessed from china.

Thats crazy!

To the OP: I agree that your gf should not pick an easy dictionary-password.

She should pick a tough one - but one thats easy for her to remember. Ive used this method for ages and it works great. Just ask her to pick a sentence she wont forget about something she likes. Example:

I love the guitars & female vocals in goth metal

Now she picks the first letters from every word

Iltg&fvigm

Chuck two symbols front and end

*Iltg&fvigm^

A strong password she wont forget. It looks clunky but after some time she will be typing it in fast. Just remember the sentence.

Dj_Jestar · 21 Nov 2010 at 16:27

Lets try posting this again to dismiss any tinfoil-ery.

http://xkcd.com/792/

neodude · 21 Nov 2010 at 16:40

http://keepass.info/

/thread