Gmail accounts being hijacked like crazy

Toggle sidebar Toggle sidebar
shocksyde

shocksyde

Diamond Member
Jun 16, 2001
5,539
0
0
I log into Gmail this morning and it says my account has been disabled. I go through the process of proving it's me and then see some sent emails to my friends that contain only a link. I have no idea where the link goes b/c I didn't click any of them.

I immediately changed my password and sent emails to those that received the hijacked spam links.

I am very careful about phishing sites and clicking on questionable links. I seriously doubt the hijacking was on my end. Is it possible Google is to blame for this? Normally I'd say, "No, I'm a moron, I clicked on something I shouldn't have," but at least 5 other people I know (none of whom are the ones my hijacked account sent emails to) had their account hijacked this morning.

Any insight as to what's going on? Anyone else get hijacked?
 
DesiPower

DesiPower

Lifer
Nov 22, 2008
15,299
740
126
use hotmail, its safest right now. they have their heads up the Chinese'... you know where, will never get hacked.
 
S

spidey07

No Lifer
Aug 4, 2000
65,469
5
76
Make sure you don't use wireless networks you don't own or have control over. Your password is sent in the clear and easy for anybody to grab it when you log in.
 
lokiju

lokiju

Lifer
May 29, 2003
18,526
5
0
I got emails with just a link from a friends gmail account the other day. He never uses that account.
 
Saga

Saga

Banned
Feb 18, 2005
2,718
1
0
Once again, I'm continually amazed at people using the word "hacked" as a legitimate stand-in for having poor password security.

General rule of thumb, 8+ characters, mix capitals and lowercase ("l33t" speak is great for this, something like "Saga" turns int s4G4 quite easily) and include at least one character for maximum efficiency to brute-force attacks. Quite easy to replace a i or 1 with a !, etc.. even XP special tables can have trouble defeating passwords with symbols, the hash for those can be immense.

If your account is compromised, 99% of the time it is due to user-error with weak passwords.
 
PepePeru

PepePeru

Diamond Member
Jul 21, 2005
3,846
0
0
+1

This happened to me on the 17th. We woke up on Sat. morning and my SO asks why I sent her emails at 6am.

So I checked my gmail and looked at previous activity and there was a entry for an IP in Russia. I logged into my computer at work ran all sorts of scans, ran scans on my computer at home, nothing. My password was fairly strong. Not as strong as it is now, though.

Anyways, Spam emails were sent to everyone in my contacts. My dad responds, 'you should check target or wal*mart for generics instead of buying prescriptions from Canada.'

Thanks for the tip, dad.

Good to know I'm not alone in this, though...
 
ahenkel

ahenkel

Diamond Member
Jan 11, 2009
5,357
3
81
I ran into the same problem with my gmail account. I changed the password and secret question. Checked both computers for malware and the sort. Even after all that my gmail was still sending spam to my contacts. Only way to stop it was to delete all my contacts.
 
Saga

Saga

Banned
Feb 18, 2005
2,718
1
0
shocksyde said:
Nah, I'm just being a sourpuss.

Password stronginated.
Click to expand...

:thumbsup: Glad I could help.

Personally I hold little faith in passwords. Having a background as a sysadmin I value password security, and knowing firsthand how an ophcrack CD with XP Special tables can defeat any Windows password in less than 300 seconds regardless of length or strength, I maintain a (somewhat overly) complicated system of password modification for every single service I use. I have 3 different base passwords which are then l33tspeakified with symbols included which is modified on the third and seventh character of the password based upon the first and last letters or numbers of the service used. So for example my gmail password would be ##g###l###. Thus, every password is different, yet easy to remember.. in the event that one service is compromised through malware it makes it overly complicated to get access to any other service easily, and buys time to properly change anything if it ever happens (which thusfar in my entire time on the internet since, oh say 1994 or so, has never happened once).
 
Last edited:
OverVolt

OverVolt

Lifer
Aug 31, 2002
14,278
89
91
Juddog said:
Chinese government is watching you.
Click to expand...

My account was accessed by China. Wish I took a screenshot of it. I think google had some security breech on their end of some type a year or two ago because my end was pretty clear. Chinese WoW gold farmers got it and recovered my old WoW account, thats how I learned it was compromised since nothing else was touched.
 
S

slackerinabox

Lifer
Mar 15, 2003
12,668
103
106
Everytime I install an android ROM I freak out a bit - I'm no security expert but I'm guessing rooted android phones present a huge security risk for g-accounts
 
Saga

Saga

Banned
Feb 18, 2005
2,718
1
0
freedomsbeat212 said:
Everytime I install an android ROM I freak out a bit - I'm no security expert but I'm guessing rooted android phones present a huge security risk for g-accounts
Click to expand...

This has been a concern of mine since getting my Moment, especially with the recent exploits from remote cell carrier systems.. this just reminded me to do some research on this, thanks!
 
PepePeru

PepePeru

Diamond Member
Jul 21, 2005
3,846
0
0
Saga said:
This has been a concern of mine since getting my Moment, especially with the recent exploits from remote cell carrier systems.. this just reminded me to do some research on this, thanks!
Click to expand...

Is there a link? I'm not using a third party ROM but I am using an android phone...
 
SpatiallyAware

SpatiallyAware

Lifer
Sep 7, 2009
12,960
3
0
I've also had two friends who had this happen to them. They both claimed they received a bogus email from another hijacked account and then theirs ended up hijacked a day later. I got emails from both of them a few days ago but no problems from my accounts, yet.


I also heavily suspect Postini (google product) was hacked and address lists compromised. I haven't read anything about it but myself and 3 others got a ton of prescription spam to ALL of our users within a one week period. It mysteriously all stopped after a week or so but in the meantime my address list is probably being sold.
 
S

slackerinabox

Lifer
Mar 15, 2003
12,668
103
106
Saga said:
This has been a concern of mine since getting my Moment, especially with the recent exploits from remote cell carrier systems.. this just reminded me to do some research on this, thanks!
Click to expand...

This is why I don't install banking apps (and the Bank of America one gets great reviews) - I love android and don't assume that it's not secure, but rooting seems like it open a pandora's box of risk. I mean, how hard would it be to add a keylogger to that pretty theme download? Or to replace the stock gmail app with a compromised one. I enjoy the benefits quite a bit so it's a mixed bag for me.
 
J

Jzero

Lifer
Oct 10, 1999
18,834
1
0
freedomsbeat212 said:
Everytime I install an android ROM I freak out a bit - I'm no security expert but I'm guessing rooted android phones present a huge security risk for g-accounts
Click to expand...

Would definitely be fairly trivial to sneak little baddies either in the ROM itself or in programs that use su. It's one big reason I only use tried-and-true ROMs, but even that is far from a guarantee. I also find a lot of apps in the market suspect.
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom