Gmail hacked?

Cheetah Designs · 14 Nov 2010 at 21:43

Just got home from a restaurant to find a load of Mail Delivery Failures for an email I never sent to a load of email addresses:

Code:

Delivery to the following recipient failed permanently:

     **some email**

Technical details of permanent failure: 
Message rejected.  See http://mail.google.com/support/bin/answer.py?answer=69585 for more information.

----- Original message -----

MIME-Version: 1.0
Received: by 10.216.231.160 with SMTP id l32mr5668317weq.98.1289768783312;  Sun, 14 Nov 2010 13:06:23 -0800 (PST)
Received: by 10.216.35.202 with HTTP; Sun, 14 Nov 2010 13:06:23 -0800 (PST)
Date: Sun, 14 Nov 2010 21:06:23 +0000
Message-ID: <[email protected]>
Subject: Hi
From: **me**
To: **load of emails here**
Content-Type: text/plain; charset=ISO-8859-1

http://phpmotion.com/cache/index.php

Just logged into gmail to find this:

What is going on? I use a safe password and am safe with all my accounts?

Thanks.

Windle · 15 Nov 2010 at 00:07

Cheetah Designs said:
Just got home from a restaurant to find a load of Mail Delivery Failures for an email I never sent to a load of email addresses:

Code:

Delivery to the following recipient failed permanently: **some email** Technical details of permanent failure: Message rejected. See http://mail.google.com/support/bin/answer.py?answer=69585 for more information. ----- Original message ----- MIME-Version: 1.0 Received: by 10.216.231.160 with SMTP id l32mr5668317weq.98.1289768783312; Sun, 14 Nov 2010 13:06:23 -0800 (PST) Received: by 10.216.35.202 with HTTP; Sun, 14 Nov 2010 13:06:23 -0800 (PST) Date: Sun, 14 Nov 2010 21:06:23 +0000 Message-ID: <[email protected]> Subject: Hi From: **me** To: **load of emails here** Content-Type: text/plain; charset=ISO-8859-1 http://phpmotion.com/cache/index.php

Just logged into gmail to find this:

What is going on? I use a safe password and am safe with all my accounts?

Thanks.

Last week it was claiming someone from China had accessed my account, new password time!

Also there's no such thing as a safe password, only a slightly harder to crack password.

asim18 · 15 Nov 2010 at 00:55

A spammer probably using your email address as a "From" address. Causing all his bounced emails to end up in your inbox, and making people think you're the spammer.

Have you got any e-enemies?

Greenlizard0 · 15 Nov 2010 at 00:56

Yeap I had something similar a while back. Just changed the password.

davenjac · 15 Nov 2010 at 04:27

I've had this happened twice in the past couple of weeks, pardon my ignorance but how do they spam your account exactly?

rsatd · 15 Nov 2010 at 05:23

Emails come with "from" address, if someone is using yours (and they can as its just text), bounceed emails will come to you.

Energize · 15 Nov 2010 at 07:26

Windle said:
Also there's no such thing as a safe password, only a slightly harder to crack password.

Slightly harder as in a few million years more.... You don't have to have perfect secrecy for a password to be considered safe.

mrk · 15 Nov 2010 at 07:28

Yeah spoofing has been around for years so you're bound to encounter it at least a few times on your eTravels

Cosimo · 15 Nov 2010 at 07:58

Khaaan! said:
Yeah spoofing has been around for years so you're bound to encounter it at least a few times on your eTravels

Is that really you or is someone spoofing your travels?

Greenlizard0 · 15 Nov 2010 at 08:00

I don't think it's him.

I've seen that sig and so many variations, they're all fakes I think.

mrk · 15 Nov 2010 at 08:02

My sig is the original item, everything else is inferior, although amusing

Cosimo · 15 Nov 2010 at 08:35

Khaaan! said:
My sig is the original item, everything else is inferior, although amusing

We can't tell whether it's you anymore.

Stringy · 15 Nov 2010 at 08:39

As a side note GMail (from experience a year ago, might have changed now) is really easy to access if the person whose account it is has an easy secret question. Used to be as daft as Mothers Maiden name or name of first teacher allowing you to reset the password...not great if you've got mates with a twisted sense of humour or a jilted girlfriend etc.

Poor security ftl!

Inquisitor · 15 Nov 2010 at 08:43

Windle said:
Also there's no such thing as a safe password, only a slightly harder to crack password.

I beg to differ. Most of mine comprise 32 randomly generated ASCII characters in the 31-128 range (where the website doesn't impose stupid and arbitrary restrictions on password complexity). I'd be surprised if that could be "cracked" in any useful timescale. I use KeePass (with KeePassDroid on my phone) to keep track of them.

For more commonly used sites like webmail I use a phrase of several words that have been jumbled up, combined, and re-split and had characters swapped for numbers/punctuation, so a dictionary attack is impossible.

MikeHunt79 · 15 Nov 2010 at 08:51

click the 'Details'link at the bottom of the page to see what IP addresses have recently accessed your account:

Last account activity: 44 minutes ago at this IP (xx.xxx.xx.xxx). -----> Details <-----

Mercenary Keyboard Warrior · 15 Nov 2010 at 10:25

I had the same with gmail 3-4 months ago, luckily google blocked the send messages due to spamming so it didnt send a viagra link to all my business and professional contacts ^^

Changed password as was done.

Cheetah Designs · 15 Nov 2010 at 10:52

Some of the email addresses were of people I know/were in my address book, that's why I am a bit worried.

I will check out the ip thing later.

Thanks for the replies so far.

wannabedamned · 15 Nov 2010 at 11:27

I had this last week, Came to log in and wanted my mobile to verify my account was my own. And when i logged in I had 4 attempts to send emails to people in my contact list. Just like the OPs message.

Password is officially changed ofcourse

Priapus · 15 Nov 2010 at 12:17

In the four years that I have had a Gmail account - I have not yet come across this problem or being hijacked.

Then again - I regularly change my passwords for all my online accounts.

Shikkaka · 15 Nov 2010 at 12:33

Have you got an Android phone by any chance?