gmail hack

[angler]

My GF's gmail and FB accounts got hacked this morning.  I'm calling it a hack because it doesn't seem like a virus, but could be.  It has been sending fraud emails asking for $$ and IM'ing people through both gmail and FB.  It has been changing her passwords to both accounts every time she changes them, so she keeps getting locked out of both accounts. 

Any tips?  I'm on FB, but not on gmail so should I be worried?

[Monster Dave]

As a risk assessment specialist, I have to ask:

1) Are either of her user name/passwords the same for both Gmail and FB?
2) Did she respond to a message in either that warned her that her account would be locked out or deleted if she didn't submit the information from question #1?

[angler]

As a risk assessment specialist, I have to ask:

1) Are either of her user name/passwords the same for both Gmail and FB?
2) Did she respond to a message in either that warned her that her account would be locked out or deleted if she didn't submit the information from question #1?

Unfortunately they were the same (not smart).  They are now different and her FB account has been shut down.

I'll ask about #2.  If the answer is yes, she is never touching my computer again!  

I've heard that this some sort of worm.

[Monster Dave]

Unfortunately they were the same (not smart).  They are now different and her FB account has been shut down.

I'll ask about #2.  If the answer is yes, she is never touching my computer again!  

I've heard that this some sort of worm.

That's an unfortunate error made by a lot of people out of a desire to standardize access to various secure logins - but from a risk assessment perspective, it's an awful thing to do. It's like having one key that works for your car, motorcycle, motorcycle disk lock, house, etc....

I've really had to work hard to have the people in my office check with me when they get what looks like a credible email asking for their login information. Most of the time, when they unfortunately do choose to respond to such emails, it's due to a threat of account termination or some sort of threat like "if you don't respond withing X amount of time...."

It makes me want to smack someone when they respond because I don't know how many time I've said that I will NEVER ask for user/logon information via email....but they do it anyway!!!! 

[derby]

I've heard that this some sort of worm.

it's not really a worm. her credentials were most likely phished and there's an automated process (bot) handling the rest of the business (spam/passwd changes).

[angler]

it's not really a worm. her credentials were most likely phished and there's an automated process (bot) handling the rest of the business (spam/passwd changes).

So far the best tip I've heard is to delete everything in the gmail account and walk away from it.  Sounds a bit drastic - any other tips?

[Monster Dave]

I'd say that's too drastic. Just change her credentials and make them "strong" - 7-12 letters include caps, symbol and a number.

[Mad Duc]

Go to a different PC and change the passwords. Then go to the "secret questions" and change questions (if you can) and the answers to something that isn't right or logical - Q: "what street did you grow up on?" A: "11,111,111"

If it is a local password logger this will make is so that it can't catch your password. If is a remote one then it can't answer the questions properly to reset your password.

For google here's the page to change those settings:
https://www.google.com/accounts/UpdateAccountRecoveryOptions?service=mail

I can't get to FB at work or else I would post up that link too.

[il d00d]

You may also try contacting google to let them know the account has been hacked - they may be able to suspend the account until your girlfriend can verify ownership, prevent her from ending up on black lists etc.  Hopefully they can erase all used passwords and establish a new set of credentials.

https://www.google.com/support/accounts/bin/request.py?ara=1&hl=en&contact_type=ara&ctx=ara

[ducatiz]

You may also try contacting google to let them know the account has been hacked - they may be able to suspend the account until your girlfriend can verify ownership, prevent her from ending up on black lists etc.  Hopefully they can erase all used passwords and establish a new set of credentials.

https://www.google.com/support/accounts/bin/request.py?ara=1&hl=en&contact_type=ara&ctx=ara

right, and get a reply 2 months from now?

[il d00d]

right, and get a reply 2 months from now?

Exactly.  I mention this because I want this to be process as long and painful as possible.  I forgot to mention, also change her password to her credit card number, then post that update on facebook.

Wow.  Not feeling the love from the board today.

[angler]

Thanks everybody.  I knew I would get some good stuff here.  All my credentials are real tough, but I'll pass these along to her just as soon as I reply to an email about 10,000,00 US$ waiting in a bank in Nigeria for me.

[cyrus buelton]

Does she have an ex-boyfriend that would want to be reading her personal messages?


just sayin'

[angler]

Go to a different PC and change the passwords. Then go to the "secret questions" and change questions (if you can) and the answers to something that isn't right or logical - Q: "what street did you grow up on?" A: "11,111,111"

If it is a local password logger this will make is so that it can't catch your password. If is a remote one then it can't answer the questions properly to reset your password.

For google here's the page to change those settings:
https://www.google.com/accounts/UpdateAccountRecoveryOptions?service=mail

I can't get to FB at work or else I would post up that link too.

Thanks a bunch from the GF.  The link turned out to be super helpful.  Hopefully she is all squared away.

[angler]

right, and get a reply 2 months from now?

She actually contacted them first and got an almost instant response.