How does your email account get hijacked?

Man of Honour
Joined
29 Mar 2003
Posts
57,161
Location
Stoke on Trent
Many a time I've emailed friends to tell them to change their hotmail, gmail or other email account password because I've had emails from them with viagra or other such links.
Does changing the password make any difference?
How is the email address hijacked but more importantly, how do they find out your contacts?
How can you stop it?

I've got one woman in the office who is very upset that she has supposedly sent an email at 2am to around 25 contacts with a rather saucy link in it (2replied asking what was going on).

Any info appreciated
 
Brute force on the password or security question or password intercepted via keylogger.

Use strong passwords and security questions which cannot be guessed easily or answered with easy research. Run decent anti virus and anti malware. Don't use IE :p
 
Brute force on the password or security question or password intercepted via keylogger.

Use strong passwords and security questions which cannot be guessed easily or answered with easy research. Run decent anti virus and anti malware. Don't use IE :p

Does this mean that the person doing it can actually get access and read all the emails of my colleague?
If that is the case why don't they go into the settings and change the password to really upset my colleague (I've never heard of this happening)?
 
More times than none it will be a spoofed address and not that account being hacked.

Obviously if those emails are in the account's sent folder it's a different matter.
 
So its either:

Phishing - a site setup to look like hotmail or the like that tricks people into signing into it.

Password re-use - a dubious, or compramised site gets an e-mail and password combination and tries it on several sites including the webmail sites. You shouldn't use the same password on multiple sites

Brute force (not likely on webmail) - trying all the password combinations to get in, all decent webmail systems should block this

Trojans - a bit of malicious software installed on the users machine thats recorded their username and password for several sites and sent it back to some dodgey character.

Guessing password reset questions - can be very easy to guess or find a password reset question, ie if its your pets name and you have details of said pet on an open facebook profile...

There are other methods but these are the most likely - essentially they need to change their password on everything thats important and clean down their machine asap
 
security questions which cannot be guessed easily or easy research

No, you use another random string of letters and numbers and keep it in a safe place. If that is too much hassle, in the very least the answer should have absolutely nothing to do with the question.

Q: "What colour is the sky?"

A: "Albatross"

Run decent anti virus and anti malware. Don't use IE :p

Nothing wrong with IE. Plenty of people who run other browsers get crap on their systems. Common sense is what you need.
 
The most likely and widespread cause of this is not a hacked account but usually some form of malware on the user's PC that has read their email contacts from outlook, msn etc...

Mostly the address is spoofed rather than actually being sent from the user's PC or email Account.

This method works well because it is so simple, no keylogging or human intervention is required.
 
Does this mean that the person doing it can actually get access and read all the emails of my colleague?
If that is the case why don't they go into the settings and change the password to really upset my colleague (I've never heard of this happening)?

Its happened to me once, hacked my hotmail and changed the password. Luckily had another account linked up to it, found his email that he joined to my account and googled it, some Swedish tit with no job. What was weird, he didn't read any email for the month, all were unread :confused:

I wish I could remember his email to facebook him for ya :p

But be careful, don't register on forums with the same password for your email and maybe even have a public email address that you use online that is not linked to any important accounts or friends :)
 
As said, majority of things like this are when the email address is spoofed, not from having their email acc hijacked.
 
Recently had my account hacked and used by spammers (according to the provider who shut the account down).

Major ball ache to sort out, the account was locked very quickly but nearly everything I used online had that email address associated with it, which meant I had to go and change my email address in every online account I had, along with changing the password incase they had used my email to compromise that as well.

Some of the online things such as steam won't let you change it unless you click a link sent to the verified email address which is even more of a ball ache to resolve. I've now ditributed my online accounts between various email addresses so I'm not completely compromised if something similar happens again.
 
Back
Top Bottom