Gmail hacked - how?

mrochester

mrochester

mrochester

Soldato
Joined
29 Sep 2003
Posts
5,834
Location
Newcastle upon Tyne
Hi all

My Gmail account was hacked today at 14:10 and 3 separate emails were sent out to what I assume were all of my recent/known contacts. This happened while I was at work and I was lucky enough to spot it right away because I too was the recipient of the emails that were sent. As I was on my lunch break at the time, I immediately logged into Gmail which advised me that suspicious activity had been detected at which point I had to give my mobile number so a verification code could be sent and then change my password.

I don't use public wifi hotspots and I don't access my email on any public computer. The only locations I use are at home on my secure wifi network and on my phone over my provider's network, so I'm a little bit puzzled as to how my account security could have been compromised. My password was a 'strength - good' according to Google so it's not like someone could have guessed it.

What other avenue could someone have taken to fraudulently access my account?

Thanks

M
 
Use the same password for other websites? Maybe one got hacked e.g. Gawker. You may also want to do a full virus scan of your computer.
 
scorza said:
Use the same password for other websites? Maybe one got hacked e.g. Gawker. You may also want to do a full virus scan of your computer.
Click to expand...

Yes (bad I know). Running Malware Bytes full scan as we speak.

What methods do you have to reset your password?
Click to expand...

Sorry? Gmail simply required me to change my password because of the suspicious activity that had just occurred.
 
Did you use a ridiculously easy security question when you setup the account? Somebody probably guessed it and reset the password so they could get in.
 
2 step authentication, enable it!

Also, download the Android Google Authenticator app, it generates the authenticator code for you so you don't need to use the alt option which is where Google send you a login code via SMS. It's just much more convenient and since you most likely have your phone to hand at all times... :)

My daily running is managed via my Google account so if it got hacked things would be rather inconvenient until I got it back, 2 step auth adds an incredibly secure way to keep your account, the only way someone could hack your account then is if they had your phone and found out your password.
 
mrk said:
2 step authentication, enable it!

Also, download the Android Google Authenticator app, it generates the authenticator code for you so you don't need to use the alt option which is where Google send you a login code via SMS. It's just much more convenient and since you most likely have your phone to hand at all times... :)
Click to expand...

I have done now. And I've also setup application/device specific passwords for my other devices.
 
What web browser do you use?

You might have visited a site one day that harvested your password using code via a browser exploit perhaps?
 
Rather weird!

Consider this one a mystery then I guess! When you log into GMail you can view IP addresses it was logged in from, one of them should be the dodgy person, was it from the UK?
 
Bottom right it will say

Code: 
Last account activity: 43 minutes ago
Details

Click 'Details' :)
 
mrk said:
Bottom right it will say

Code: 
Last account activity: 43 minutes ago
Details

Click 'Details' :)
Click to expand...

Thanks! Any idea how to show more than just the last 7 hours? It was nearly 8 hours ago when this happened. The earliest thing it is showing today is when I logged in to see what was going on which was about 15 minutes after it happened.
 
Last edited:
What was the content of the 3 emails that you didn't write yourself? Was it fairly personal like insults? That would suggest it was done by someone who knows you. If it was just spam / marketing, then it would have been a bot that got you.
 
Monserrat said:
What was the content of the 3 emails that you didn't write yourself? Was it fairly personal like insults? That would suggest it was done by someone who knows you. If it was just spam / marketing, then it would have been a bot that got you.
Click to expand...

All 3 were just links that directed to a page which shows a mock news article on a site called 'News Daily 7' about a woman who earns huge sums of working from working at home.

*Apparently this is a well know 'Kelly Richards' scam.
 
Last edited:
Cool, so it was nothing personal then. Interesting how you got zapped by a bot though. Have you knowingly let anyone else use your PC while Gmail was logged in? Your kids / someone else's kids perhaps? Or a typical Limewire/Incredimail user lol?
 
Monserrat said:
Cool, so it was nothing personal then. Interesting how you got zapped by a bot though. Have you knowingly let anyone else use your PC while Gmail was logged in? Your kids / someone else's kids perhaps? Or a typical Limewire/Incredimail user lol?
Click to expand...

Nope not to my knowledge! Hopefully it was just a freak incident.
 
Almost certainly a brute force attack.

I had the same happen a while back, some login from some random place and a few spam emails sent out to various contacts.

No spyware on my regular machines, and a long time since I'd logged in from another machine. It's possible that one of those other machines I once used had been compromised in some way, but I think it's unlikely.

Either way, 2-step authentication is the way to go - which you've already done by the looks of things.

After that, as long as you're fairly sure your machine is clean, just forget it and move on.
 
You must log in or register to reply here.
Back
Top Bottom