Gmail hacked

SandTiger

An old gmail address I havent used in a couple of months sent an email to everyone in my address book that linked a webpage with a virus.

The same thing happened once before, two months ago.

Is there anything I can do to stop this happening again?

LoLth

Change the password on the gmail account to something complex.

Dont use the same password on other websites as you sue for gmail. Doesnt matter how good gmail password security is if you are creatign a forum account on a website with little or no security and using the same credentials (either user/pass or email in profile).

There's a link somewhere on gmail with steps to take if your account has been compromised. (dont have time to link to it righ tnow but I'll look later if I get a chance).

SandTiger

The IP address that hacked my account is based in Spain.

2.138.176.110



Is there anyway for me to find out the address?

Gmail logged the IP address of the computer that logged into my account.

obviousTroll

SandTiger wrote: »

The IP address that hacked my account is based in Spain.

2.138.176.110



Is there anyway for me to find out the address?

Gmail logged the IP address of the computer that logged into my account.

The IP addresss originates from Madrid or thereabouts. The ISP is Telefonica, which is the largest ISP in Spain AFAIK. You will not be able to gain any more information publically.

What would be interesting to me is the method that the perp logged in. If it was 'POP', or 'IMAP', chances are that it was automated, but if it was 'Browser', then it would be a manual login.

http://mail.google.com/support/bin/answer.py?answer=45938

Have a look at the link above and you'll see the last IP's that logged into your account, and you'll also see the login method.

Going back to your account being hacked, changing your password is a must. Do you use any desktop mail applications? (Outlook, Thunderbird,etc)? It is possible that a malware attack on your machine was the reason that your account was compromised. If in doubt, download and run MalwareBytes.

SandTiger

It says he logged in through the browser.

I don't use any programs like outlook, I always log in through the website.

He must have got my password from me logging into the account from an internet cafe pc in Ireland which means he is probably getting information from a lot of computers and looking for access to financial information.

I didn't use that email address for 2 months prior to him logging into my account on the 26th July so it took him a while to get to looking at my information.

Password has been changed so hopefully that is the end of it.

Thanks.

PogMoThoin

Did you use that email and the same password to sign up on any other sites, if so I'd go changing passwords on them all.

Every site needs a unique password, take 20 minutes and teach yourself a method of remembering, like a common password + a selection of letters like the first 2 consonants from the name of the site) or use a password manager like Lastpass

ironclaw

Have to agree with the password idea. I started it 6 months ago.

I take a phrase e.g. dublin, then add the first letter of the site (So for Boards.ie it would be 'b') and then the same number e.g. 7

So my password for boards.ie would be dublinb7

On another site it could be dublinf7

Basically every password is almost the same, but the HASH or plaintext will each be different. Simple but its very effective.