Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

How is my gmail being hacked.

  • 23-01-2021 4:45am
    #1
    Registered Users, Registered Users 2 Posts: 15,297 ✭✭✭✭


    Apologies if this is the wrong forum so mods feel free to change. I took steps to secure my Google and gmail account ( changing passwords etc) .Someone took a trusted phone and sim) and so had access to my account and passwords ( sites,bank and other stuff) I had saved on it. Its no longer trusted. I thought it was secure but today they mentioned something that they could only know from seeing an email. How are they doing this? Could have set up a backdoor when they had access? Is the router bugged? How can they monitor my online presence. And can it be proven?


Comments

  • Registered Users, Registered Users 2 Posts: 28 dpforce


    Go to Security>Manage devices and check if you see any device that you can't recognize. Then sign out it. Just in case sign out everything. Then activate 2-step authentication.


  • Posts: 17,378 ✭✭✭✭ [Deleted User]


    dpforce wrote: »
    Go to Security>Manage devices and check if you see any device that you can't recognize. Then sign out it. Just in case sign out everything. Then activate 2-step authentication.

    Check that emails aren't being auto-forwarded on.


  • Registered Users, Registered Users 2 Posts: 15,297 ✭✭✭✭cj maxx


    Check that emails aren't being auto-forwarded on.

    How do I check that ?
    It seems to be only my gmail account and not another email I have . At one time we were both on my (gmail) apple id.


  • Registered Users, Registered Users 2 Posts: 6,958 ✭✭✭DopeTech


    Disable POP and imap.

    A hacker used one of these to hack,bypass and disable 2FA on my google account before. They got in and set a rule so any google payments emails would bypass my inbox and therefore no notification would pop up on my phone. They tried using all my cards linked to google pay to buy play store purchases at around €400 each. I blocked the revolut one but google refunded me the successful one.

    It was only after the revolut attempt that I noticed I'd been hacked and then I seen a s10 device logged in from the USA for about 3 days. Then I found the payments emails and the penny dropped.

    They must have extracted my saved passwords from chrome too as other sites then had attempts on them.

    And to top it all off they began using my Google cloud account to run virtual machines doing God knows what, costing about 70 per month. It was a battle to get google to help but they eventually shut it down and wiped the charges.

    I presume it's all automated and the hackers have bots doing it all but a bit unnerving when someone unknown has that level of access and you can't figure out how they got in.


  • Registered Users, Registered Users 2 Posts: 6,958 ✭✭✭DopeTech


    cj maxx wrote: »
    How do I check that ?
    It seems to be only my gmail account and not another email I have . At one time we were both on my (gmail) apple id.

    Go to Gmail on desktop view and go to settings and then the forwarding tab.


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 15,297 ✭✭✭✭cj maxx


    Changed the pin to Lenovo laptop in my panic , changing all pass words I had saved in Google account but forgot it now. Can I get it unlocked by Microsoft or any one? I've tried every pin/password :( ican think of. Thanks


  • Registered Users, Registered Users 2 Posts: 1,175 ✭✭✭Citrus_8


    cj maxx wrote: »
    Changed the pin to Lenovo laptop in my panic , changing all pass words I had saved in Google account but forgot it now. Can I get it unlocked by Microsoft or any one? I've tried every pin/password :( ican think of. Thanks
    Well, that's an example of a poor password management you're suffering now.


  • Registered Users, Registered Users 2 Posts: 15,297 ✭✭✭✭cj maxx


    Citrus_8 wrote: »
    Well, that's an example of a poor password management you're suffering now.

    I know but it was blind panic . Is there a way to do a password recovery ?
    The crazy thing is it I thought it wouldn’t work yesterday but at the 3rd/4th time it did. So I’m guessing it’s something trivial I done


  • Registered Users, Registered Users 2 Posts: 8,184 ✭✭✭riclad


    How do I unlock my Lenovo laptop if I forgot the password?
    Recover Lost Lenovo Laptop Password
    Power on your Lenovo laptop, and press F8. Choose Safe Mode, and press the Enter key in the Advanced Boot Option window.
    On the login window, select the Administrator account and leave the Password field blank. ...
    Input a new password, and confirm it to complete Lenovo XP password reset.


    you should be using a password manager.
    make a new account in protonmail to use as a backup email for
    gmail .
    i do not know why someone would save all their passwords in gmail.
    setup 2fa 2 factor auth .eg put your phone no into gmail ,
    if you forgot your password they,ll send a sms code to your phone.







    for windows 10 laptops see below
    https://forums.lenovo.com/t5/Lenovo-Yoga-Series-Notebooks/Forgot-PIN-can-t-sign-in-my-Lenovo-Yoga-910/m-p/5028411

    maybe you could make a new gmail account just to deal with your credit card, banking accounts,
    with a completely new name.
    not similar to the old email account.


  • Registered Users, Registered Users 2 Posts: 1,740 ✭✭✭kingtiger


    get a password manager like lastpass and let it run through changing your passwords automatically, as you would be surprised how many times you used the same password, the best thing about lastpass is you only have to remember one master password

    for all your important accounts you should enable two step verification through either txt messages or Authy

    I would also advise you open a separate gmail account for your financial accounts and use it for nothing else, also keep your Paypal/Revolt/etc passwords unique and in your head and dont keep them in your password manager


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 15,297 ✭✭✭✭cj maxx


    riclad wrote: »
    How do I unlock my Lenovo laptop if I forgot the password?
    Recover Lost Lenovo Laptop Password
    Power on your Lenovo laptop, and press F8. Choose Safe Mode, and press the Enter key in the Advanced Boot Option window.
    On the login window, select the Administrator account and leave the Password field blank. ...
    Input a new password, and confirm it to complete Lenovo XP password reset.


    you should be using a password manager.
    make a new account in protonmail to use as a backup email for
    gmail .
    i do not know why someone would save all their passwords in gmail.
    setup 2fa 2 factor auth .eg put your phone no into gmail ,
    if you forgot your password they,ll send a sms code to your phone.







    for windows 10 laptops see below
    https://forums.lenovo.com/t5/Lenovo-Yoga-Series-Notebooks/Forgot-PIN-can-t-sign-in-my-Lenovo-Yoga-910/m-p/5028411

    maybe you could make a new gmail account just to deal with your credit card, banking accounts,
    with a completely new name.
    not similar to the old email account.

    I didn't keep them in gmail. Because she had access to a trusted phone she just choose that phone for authentication and had access to all my Google stuff and my apple I'd. She also turned off location history and other stuff and deleted mail.


  • Registered Users, Registered Users 2 Posts: 15,297 ✭✭✭✭cj maxx


    kingtiger wrote: »
    get a password manager like lastpass and let it run through changing your passwords automatically, as you would be surprised how many times you used the same password, the best thing about lastpass is you only have to remember one master password

    for all your important accounts you should enable two step verification through either txt messages or Authy

    I would also advise you open a separate gmail account for your financial accounts and use it for nothing else, also keep your Paypal/Revolt/etc passwords unique and in your head and dont keep them in your password manager
    Good idea , I tried the f8 thing but it didn’t do anything


  • Registered Users, Registered Users 2 Posts: 15,297 ✭✭✭✭cj maxx


    Update.
    Got the laptop unlocked and passwords sorted. Just so people know the pin I used were correct and the password was correct according to the hint. There is no forwarding tab on my gmail, that I can see .


  • Moderators Posts: 6,900 ✭✭✭Spocker


    cj maxx wrote: »
    Update.
    Got the laptop unlocked and passwords sorted. Just so people know the pin I used were correct and the password was correct according to the hint. There is no forwarding tab on my gmail, that I can see .

    Are you looking at "All Settings"? See here: https://support.google.com/mail/answer/10957?hl=en#zippy=%2Cturn-automatic-fowarding-on-or-off


  • Registered Users, Registered Users 2 Posts: 15,297 ✭✭✭✭cj maxx


    Spocker wrote: »

    I tried everything and googled it but no sign of a forward tab. Unless I have a kids account ?


  • Closed Accounts Posts: 22,648 ✭✭✭✭beauf


    Are you using a secure password. Like a random jumble of letters.


  • Registered Users, Registered Users 2 Posts: 15,297 ✭✭✭✭cj maxx


    beauf wrote: »
    Are you using a secure password. Like a random jumble of letters.

    No as. But I have changed it ( logging out of all accounts)
    Can the router be ‘bugged’
    She was the account holder


  • Closed Accounts Posts: 22,648 ✭✭✭✭beauf


    Shes probably knew your most common passwords, things you like and guessed it.

    https://www.lastpass.com/password-generator


  • Registered Users, Registered Users 2 Posts: 5,148 ✭✭✭rom


    If you use the same password on multiple sites that are the same as your google account then when these get compromised and if they are stored incorrectly then they have your username and password. These lists can be got in many places. You can search with your email on this site https://haveibeenpwned.com/ and it will tell you are you part of any public breaches where it can contain your password.
    You can also put your password in here and it will tell you if it's on a list. Chrome now has this built in when you login to a site.


  • Registered Users, Registered Users 2 Posts: 15,297 ✭✭✭✭cj maxx


    beauf wrote: »
    Shes probably knew your most common passwords, things you like and guessed it.

    https://www.lastpass.com/password-generator
    Oh some passwords I had saved on my phone , but not my Microsoft one and she was still able to lock me out of it . My password or pin wouldn't work and I know they were right. I discovered some emails from my outlook account sent to her and i would never ,ever mail her from that account


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 1,910 ✭✭✭kala85


    Is there any way of setting up 2fa everytime some one logs into google it comes up like a text message code request like microsoft does.
    Sometimes I find with google that it will click recognise this device and wont ask for 2FA.

    I dont think google is as good with security as microsoft is?


  • Registered Users, Registered Users 2 Posts: 9,604 ✭✭✭irishgeo


    kala85 wrote: »
    Is there any way of setting up 2fa everytime some one logs into google it comes up like a text message code request like microsoft does.
    Sometimes I find with google that it will click recognise this device and wont ask for 2FA.

    I dont think google is as good with security as microsoft is?

    https://www.google.com/landing/2step/


  • Registered Users, Registered Users 2 Posts: 1,910 ✭✭✭kala85


    irishgeo wrote: »

    In my opinion Microsoft is better. It asks me for a text code or via authenticator. It doesn't keep me logged in.

    In Google, if you tick the box remember me on this computer which is ticked by default after you confirm , it doesn't look for 2fa anymore on that device.


  • Closed Accounts Posts: 15 observanto


    I recommend you to buy and use a YubiKey as a second-factor or at list TOTP app (Google Authenticator, Authy).
    If this gmail account is very important you can consider Google Advanced Protection Program.


  • Registered Users, Registered Users 2 Posts: 15,297 ✭✭✭✭cj maxx


    I've gone through settings in gmail, disabled ipop etc but still no forwarding tab.


  • Moderators Posts: 6,900 ✭✭✭Spocker


    Are you using a browser to check? This is what I see on mine:

    544346.png


  • Registered Users, Registered Users 2 Posts: 43 kinanoman


    Ensure there are no app passwords setup as these will bypass MFA.


  • Moderators Posts: 6,900 ✭✭✭Spocker


    kinanoman wrote: »
    Ensure there are no app passwords setup as these will bypass MFA.

    Thats correct, and you can access them from here: https://myaccount.google.com/apppasswords


  • Registered Users, Registered Users 2 Posts: 15,297 ✭✭✭✭cj maxx


    Spocker wrote: »
    Thats correct, and you can access them from here: https://myaccount.google.com/apppasswords

    No I don't have any, it says


  • Advertisement
Advertisement