Mac Forums

Mac Forums (http://www.mac-forums.com/forums/)
-   Security Awareness (http://www.mac-forums.com/forums/security-awareness/)
-   -   Email Hacking?? (http://www.mac-forums.com/forums/security-awareness/312782-email-hacking.html)

Parrappa 07-01-2014 02:02 AM

Email Hacking??
 
OK... I consider myself to be pretty educated when it comes to network security, I work in IT, and generally just have good common sense. I don't download and open suspicious files or plugins, I use different and secure passwords, I have a firewall...

Anyway, about a week ago, I got an email from myself that was advertising something, I quickly realized that that email had also been sent to all my contacts, and that obviously somebody had my email password. At this point, I downloaded and activated "Lastpass", Changed all of my passwords to even more secure, random ones, and also downloaded a copy of Kaspersky for Mac, as well as Macscan and did full scans of my system, which both turned up nothing in the malware department.

Fast forward a week, I just got another email from myself advertising something again. So my question is, how the hell did somebody get ahold of my updated password? Which is extremely secure. 12 random characters and numbers generated by Lastpass. I have only accessed the email account from my macbook, and my iphone.

I have no idea how my updated password was obtained, and am curious what I can do to prevent it from happening again.

Slydude 07-01-2014 02:25 AM

Since both sets of spam came from the same account and you changed your password in the intervening time I wonder if your e-mail addresses wasn't spoofed this time rather than hacked. One clue might be in your Sent e0mail folder. If copies of the problem e-mails aren't there spoofing is a possibility. See this lifehacker article for some ideas.

Some of our more networking/server savy members may come up with other ideas or even correct mistakes on my part.

Parrappa 07-01-2014 05:41 AM

Quote:

Originally Posted by Slydude (Post 1590413)
Since both sets of spam came from the same account and you changed your password in the intervening time I wonder if your e-mail addresses wasn't spoofed this time rather than hacked. One clue might be in your Sent e0mail folder. If copies of the problem e-mails aren't there spoofing is a possibility. See this lifehacker article for some ideas.

Some of our more networking/server savy members may come up with other ideas or even correct mistakes on my part.

After reading your post, I decided to check my sent mail folder, and what I found was actually very interesting....

The email was indeed in my sent mail folder, however next to the name, it had that little security warning from Gmail that states "This message may not have been sent by (my email)" Then it shows a completely different name than mine, followed by my email address in captions. Very interesting indeed, I'm not quite sure what to make of it...

MBP17•David 07-01-2014 01:22 PM

Quote:

Originally Posted by Parrappa (Post 1590416)
The email was indeed in my sent mail folder, however next to the name, it had that little security warning from Gmail that states "This message may not have been sent by (my email)" Then it shows a completely different name than mine, followed by my email address in captions

The footnote you quoted indicates that message was, quite likely, relayed from a different account/server. I'd contact Gmail and let them look into it. Also check to see which ports/protocols are listed for smtp, when you're using interface other, than their webmail (i.e. Mail, Thunderbird, Outlook, etc, etc) - it might be open to intercept, particularly if you regularly use a public WiFi network, say at a coffee shop.

harryb2448 07-01-2014 06:29 PM

Ahh the perils of Gmail and Hotmail.


https://support.google.com/mail/answ..._topic=3394464


All times are GMT -4. The time now is 09:44 AM.

Powered by vBulletin
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.