Hacked twice by the same person

Does the person have access to the machine that you use to login to your facebook/email? If so they could just look in your saved passwords on your browser. They are all stored in plain text and easy to find if you know where to look.
 
Relentless81 said:
Hi,

I could do with some advice on the following issue from those in the know please.

I cant go into too much detail as I know who is doing this and they potentialy could be on here and I need to keep my cool.

Basically about a month ago a Facebook and email account were hacked, we dont how it was done and at the time we didnt know who it was, we recovered the accounts easily enough and put it down as one of those things

Last night the same happened again, this time the person made us aware who they are by making certain changes to the facebook account however this time they went as far as they could to ensure that the accounts could not be retrieved

There is no possible way this person could know the passwords used for both accounts, both accounts had different passwords

A laptop could potentially have been comprimised by this person I've ran a few things on it and picked up nothing, also I've used this laptop and nothing as yet has happened to my accounts

Please list all the potential ways this person could have gotten hold of the passwords as we are certain it will happen again if its happened twice so we need to ensure this person cannot continue to do this

Thanks for any help, please ask any questions relevent that could help you help me but not personal questions please, thanks.
Click to expand...

Hack me once, shame on you.

Hack me twice, shame on me.

Sort yourself out! :p
 
If you know who it is then it implies that you've got some evidence, so report them under the Computer Misuse Act?

All sorts of possibilities occur - most of these have already been mentioned:
- use of open or unsecure wired or wifi network used to log in to email/fb accounts (e.g. packet sniffing on local network or wifi network, traffic sent via insecure proxy)
- logging in via phishing sites
- guessable passwords/secret questions
- access to place where passwords are noted (e.g. note book)
- physical or remote access to pc with passwords stored in browser
- shoulder surfing while entering passwords
- physical or remote access to smartphone with passwords stored
- trojan or keylogger on pc or smartphone
- telepathy
 
George Hincapie said:
Hack me once, shame on you.

Hack me twice, shame on me.

Sort yourself out! :p
Click to expand...


george-bush-stunned.jpg


Hack me once, shame on you

Hack me twice..er....you can't get hacked again.


Oh wait.
 
Showboat said:
Are you writing down passwords? Or are they easily guessable? (Relentless81, password.. etc)

If it's a password that only exists in your head and is complex like: [email protected]
Then you must have a key logger or trojan, i'd run malwarebytes on any computer you have accessed facebook from.
Click to expand...

Actually a password like I_went_down_to_the_shop's_today_4_times is more secure I believe, and much easier to remember :p But yeah I'd go for key logger as most likely. To prevent it, look into the stuff below.

robj20 said:
For facebook turn on mobile verification, when you sign in from a new device it sends a code to your mobile which you need to then enter.

Gmail has the same sort of feature with two-step verification.
Click to expand...

Both of these have these features, and should stop anyone getting into your account.

As others have said once your email is compromised every account you have that is linked to that email is compromised as people can recover to them.

But yeah, obvious answer is a keygen, or if you have a file somewhere with all your passwords on they've somehow got into that. Alternatively if you have it written down, they've got in through that way somehow.

Final option is you've turned schizophrenic and hacked into your own account :) This is quite unlikely though :)

But yeah, basically turn on two-step and it should stop it happening again.

kd
 
if you know who it is, name and shame them on something like 4chan, and sit back and wait till they get hacked themselves?
 
Hmm there should be better methods for protecting your accounts this far along tbh. It shouldnt be too hard for places like facebook to work with fingerprint scanners or something should it? Fork out a one time charge for a scanner, then swipe it to log you in to email facebook etc, job done. Cant get in without it, very secure?
 
oxygene said:
Hmm there should be better methods for protecting your accounts this far along tbh. It shouldnt be too hard for places like facebook to work with fingerprint scanners or something should it? Fork out a one time charge for a scanner, then swipe it to log you in to email facebook etc, job done. Cant get in without it, very secure?
Click to expand...

Too much hassle for a social networking site, really.
 
oxygene said:
Hmm there should be better methods for protecting your accounts this far along tbh. It shouldnt be too hard for places like facebook to work with fingerprint scanners or something should it? Fork out a one time charge for a scanner, then swipe it to log you in to email facebook etc, job done. Cant get in without it, very secure?
Click to expand...

Crap idea. There's only so much you can do to safeguard against someone's stupidity.

There would be a never ending list of complaints "I've lost my scanner, how do I login?" etc.

Also, it's a crap idea in general. Hindering the user's experience is not the answer.
 
From reading thread I would have said either your child or your gf/wife/husband (although you said "we"...) so that narrows it down to child or house/flatmate. IMO.

Just say which it is regardless of whether they are on here. I reckon it has to be someone that is physically near you rather than you just 'knowing'.
 
You must log in or register to reply here.
Back
Top Bottom