07-01-2014, 03:02 AM
OK... I consider myself to be pretty educated when it comes to network security, I work in IT, and generally just have good common sense. I don't download and open suspicious files or plugins, I use different and secure passwords, I have a firewall...
Anyway, about a week ago, I got an email from myself that was advertising something, I quickly realized that that email had also been sent to all my contacts, and that obviously somebody had my email password. At this point, I downloaded and activated "Lastpass", Changed all of my passwords to even more secure, random ones, and also downloaded a copy of Kaspersky for Mac, as well as Macscan and did full scans of my system, which both turned up nothing in the malware department.
Fast forward a week, I just got another email from myself advertising something again. So my question is, how the hell did somebody get ahold of my updated password? Which is extremely secure. 12 random characters and numbers generated by Lastpass. I have only accessed the email account from my macbook, and my iphone.
I have no idea how my updated password was obtained, and am curious what I can do to prevent it from happening again.