Question re Gmail hacking

[albionmoonlight]

I've had my gmail account for a long while now. And I had a pretty short password that I never changed. Stupid, I know. So, over Christmas, it was hacked. Gmail froze the account after it started spamming everyone. I got back into it and changed the password to something much longer and unique. I was on my home laptop when I did that.

Yesterday, about two weeks after that change, I was again locked out of my gmail. The password had been changed without me changing it. I got back into it with my security question and re-changed the password.

So, my question(s):

(1) I can get how brute force got the first password--short password that I've had for years. But what about the second password?

(2) Is this likely a problem with my laptop or is it external to that? Might I have a keylogger program or something? And, if so, how do I get rid of it?

(3) Is there any way to be ensured with my security that does not involve getting a new account? I don't mind frequent password changes, but if possible, I'd love to keep the same email address.

Any and all insight would be appreciated.

[Rizon]

I've heard a lot lately about gmail accounts being hacked. It's got to be either a keystroke logger, or someones hacking into Google.

[Rizon]

Do you use Facebook and use the same password for FB as you do Gmail? Maybe your FB is hacked and they're gettnig your gmail email from your FB page with some sort of program.

I'd try the typical spyware/virus scan and see if it comes up with anything.

[Rizon]

Quote:

Originally Posted by Rizon

Do you use Facebook and use the same password for FB as you do Gmail? Maybe your FB is hacked and they're gettnig your gmail email from your FB page with some sort of program.

I'd try the typical spyware/virus scan and see if it comes up with anything.

Or maybe some other website you use where you're using your gmail as a user name and the exact same password?

[Mizzou B-ball fan]

Quote:

Originally Posted by albionmoonlight

I've had my gmail account for a long while now. And I had a pretty short password that I never changed. Stupid, I know. So, over Christmas, it was hacked. Gmail froze the account after it started spamming everyone. I got back into it and changed the password to something much longer and unique. I was on my home laptop when I did that.

Yesterday, about two weeks after that change, I was again locked out of my gmail. The password had been changed without me changing it. I got back into it with my security question and re-changed the password.

So, my question(s):

(1) I can get how brute force got the first password--short password that I've had for years. But what about the second password?

(2) Is this likely a problem with my laptop or is it external to that? Might I have a keylogger program or something? And, if so, how do I get rid of it?

(3) Is there any way to be ensured with my security that does not involve getting a new account? I don't mind frequent password changes, but if possible, I'd love to keep the same email address.

Any and all insight would be appreciated.

You need to adjust your password reset information. Doesn't matter what you change your password to. The hacker logged all the password reset information that you had on the account, so he's able to just jump right back into the account even with a password reset. They usually change the secret question info on something. Also, they usually change a secondary notification e-mail so they know when you change the password.

[albionmoonlight]

Quote:

Originally Posted by Mizzou B-ball fan

You need to adjust your password reset information. Doesn't matter what you change your password to. The hacker logged all the password reset information that you had on the account, so he's able to just jump right back into the account even with a password reset. They usually change the secret question info on something. Also, they usually change a secondary notification e-mail so they know when you change the password.

Thank you.

[mckerney]

For added security you can now set your cell phone up as an authenticator, any time someone tries to log in from an unrecognized ip or location it requires both a password and a code redress to you by Google.

[Radii]

Quote:

Originally Posted by mckerney

For added security you can now set your cell phone up as an authenticator, any time someone tries to log in from an unrecognized ip or location it requires both a password and a code redress to you by Google.

I've been using this and like it quite a bit. I do tell it to remember me for 30 days on my desktop at home, but any other computer I may access gmail from I do this every time I log in.

[DanGarion]

I'd suggest to enable 2 Part Authentication as well once you get this situated.

[bhlloy]

I had exactly the same thing happen with hotmail and fb this week (thankfully I woke up at 1am when I was being flooded with alerts on my phone)

The initial password was a crappy short one that I have been using for 10+ years but even after I changed it to something much stronger it was hacked another couple times. Makes me very worried that I have a key logger somewhere on my home PC but I've done four virus and malware scans with different suites since then and nothing showed up.

Haven't had an issue since that one night but doesn't exactly inspire me with confidence. I figure somebody is either way ahead of the security crowd or has access to something that nobody knows about yet (eg facebook passwords)

[Mizzou B-ball fan]

Quote:

Originally Posted by bhlloy

I had exactly the same thing happen with hotmail and fb this week (thankfully I woke up at 1am when I was being flooded with alerts on my phone)

The initial password was a crappy short one that I have been using for 10+ years but even after I changed it to something much stronger it was hacked another couple times. Makes me very worried that I have a key logger somewhere on my home PC but I've done four virus and malware scans with different suites since then and nothing showed up.

Haven't had an issue since that one night but doesn't exactly inspire me with confidence. I figure somebody is either way ahead of the security crowd or has access to something that nobody knows about yet (eg facebook passwords)

Same situation as original poster. Change security responses and check notification e-mails to make sure they aren't finding out when you're changing the password.

[mckerney]

Quote:

Originally Posted by Mizzou B-ball fan

Same situation as original poster. Change security responses and check notification e-mails to make sure they aren't finding out when you're changing the password.

And Two Step Verification.

[bhlloy]

I know they don't have access to the alternative email address. As for the security questions I've reset them and that's good advice but that they would have those in the first place is very suspicious to me. I can buy you brute force a bunch of password but then you also brute force all the security questions as well?

Sounds like somebody somewhere has access to something they shouldn't still

[Mizzou B-ball fan]

Quote:

Originally Posted by bhlloy

I know they don't have access to the alternative email address. As for the security questions I've reset them and that's good advice but that they would have those in the first place is very suspicious to me. I can buy you brute force a bunch of password but then you also brute force all the security questions as well?

Sounds like somebody somewhere has access to something they shouldn't still

Learned a lot from both personal and IT experience. The bots that access the e-mail are amazingly refined now. They can change your account information in a hurry. I've seen situations where you change the password and then go to change the security information, only to find you can't change the security question. The bot has already received the e-mail saying that you changed the password and has reset it before you even have the chance to reset the security info. As someone mentioned, the cell phone security option is the only way to combat that kind of situation.

[bhlloy]

well, here you go. a lesson not to use same password across different sites if there ever was one

hxxp://www.bbc.co.uk/news/technology-16426824

[stevew]

Someone hacked my hotmail the other day and sent out a gazillion spam. Then i changed my password, and it happened again. I think after changing it a third time, it's now okay.