Popular Post Dario Posted March 1, 2020 Popular Post Share Posted March 1, 2020 This morning I could not access my gmail account and I was asked to log in, but my (correct) password was apparently wrong. Google marked: password changed 2 hours ago. So I opted for password lost and created a new, more difficult password. I then saw that coins.co.th with whom I registered but never did any transactions reported the same. Coins gave me the "hackers" IP address, Location and browser type. It said IP address 45.56.146.37, country: Philippines, but when I checked the IP address on the net, I was told India. What can I do to get the hacker busted? 1 2 Link to comment Share on other sites More sharing options...
Popular Post OneMoreFarang Posted March 2, 2020 Popular Post Share Posted March 2, 2020 22 minutes ago, Dario said: What can I do to get the hacker busted? Nothing - at least in 99.9% of the cases. Make sure you change all your passwords and if necessary cancel your credit card and things like that. That's unfortunately all you can (realistically) do. 6 Link to comment Share on other sites More sharing options...
dimitriv Posted March 2, 2020 Share Posted March 2, 2020 Probably there is not much you can do. If you check the IP https://whatismyipaddress.com/ip/45.56.146.37 It says "proxy". The hacker used a proxy server or VPN to hide his real IP address. Probably there is no way to find out his real identity. 1 Link to comment Share on other sites More sharing options...
Swiss1960 Posted March 2, 2020 Share Posted March 2, 2020 Did the hacker steal something from you? If not, forget anybody doing something about it. Only option is report IP to google fraud department. WARNING: don't forget to change ALL logins where you used your gmail account! 2 Link to comment Share on other sites More sharing options...
Popular Post Peterw42 Posted March 2, 2020 Popular Post Share Posted March 2, 2020 Nothing you can do, The IP address wouldn't mean much as it would be a proxy/VPN server etc, or a starbucks coffee shop. Probably more productive to work out how /when you have inadvertently disclosed your original password, probably by logging into a fake site, using the same password across multiple logins etc. Always a good idea to have a couple of throw away gmail accounts for sign ups. 3 Link to comment Share on other sites More sharing options...
DannyCarlton Posted March 2, 2020 Share Posted March 2, 2020 1 minute ago, Peterw42 said: Always a good idea to have a couple of throw away gmail accounts for sign ups. Particularly for logging on to Thai sites/forums. I always use a VPN and a throwaway email account (not gmail). Link to comment Share on other sites More sharing options...
Peterw42 Posted March 2, 2020 Share Posted March 2, 2020 (edited) 15 minutes ago, DannyCarlton said: Particularly for logging on to Thai sites/forums. I always use a VPN and a throwaway email account (not gmail). A VPN doesn't do much in the way of password security, most people inadvertently give away their password by using their email address and the "same" password to sign up for other sites. If you have an acme email account and password is "name of your dog", then go to bogusdownloads.com and sign in with acme email address and make the password "name of your dog". Bogusdownloads.com has your email and your password. Edited March 2, 2020 by Peterw42 1 Link to comment Share on other sites More sharing options...
DannyCarlton Posted March 2, 2020 Share Posted March 2, 2020 1 minute ago, Peterw42 said: A VPN doesn't do much in the way of password security, most people inadvertently give away their password by using their email address and the "same" password to sign up for other sites. If you have an acme email account and password is "name of your dog", then go to bogusdownloads.com and sign in with acme email account and make the password "name of your dog". Bogusdownloads.com has your email and your password. I keep a little notebook with all my account passwords in. Almost all unique. Hundreds of them. Only so many variations of "Danny Carlton" though. 555 Link to comment Share on other sites More sharing options...
Tayaout Posted March 2, 2020 Share Posted March 2, 2020 Use 2 factors login on every accounts especially Gmail since it can reset all the other one. If you have bitcoin you should own a hardware wallet. 1 Link to comment Share on other sites More sharing options...
Peterw42 Posted March 2, 2020 Share Posted March 2, 2020 5 minutes ago, DannyCarlton said: I keep a little notebook with all my account passwords in. Almost all unique. Hundreds of them. Only so many variations of "Danny Carlton" though. 555 It can be an interesting exercise to change the spelling of your name, as you start to see the spelling variation come back as bogus. I have always had some throwaway emails petersignup@, its amazing how many things I get addressed to "Dear Mr Signup" 1 Link to comment Share on other sites More sharing options...
gamb00ler Posted March 2, 2020 Share Posted March 2, 2020 When signing up for an account where I have no need for further communication I use [email protected]. Yopmail requires no password and zero setup and offers zero security. Some free WiFi places require my email and I always give them a yopmail address. bobsmith@yopmail does get some interesting emails ???? 1 1 Link to comment Share on other sites More sharing options...
Dario Posted March 2, 2020 Author Share Posted March 2, 2020 (edited) Thank you for all the answers, although some are not really encouraging, but nevertheless, thank you. I know that there are some very knowledgeable people among our members. One thing I must say: I'm grateful to Google that they contact me when somebody is intruding into my account. There are so many cyber criminals around these days, people would not believe until they get hacked themselves. I got compromised twice on my credit cards, one to the tune of more than 300'000 Baht! Lucky that the card issuer of that fraud was extremely helpful. Edited March 2, 2020 by Dario Link to comment Share on other sites More sharing options...
oliveryuan Posted March 2, 2020 Share Posted March 2, 2020 Hello, Account recovery form: https://accounts.google.com/signin/recovery is the only option provided by Google to recover the account. Kindly check this help article for tips to complete account recovery steps: https://support.google.com/accounts/answer/7299973?hl=en. For more information, you can also check this article: http://gmailaccountrecovery.blogspot.com/. 1 Link to comment Share on other sites More sharing options...
rwill Posted March 2, 2020 Share Posted March 2, 2020 This is why it is best not to use facebook or your google account to log into other sites when they offer that option. 1 Link to comment Share on other sites More sharing options...
seancbk Posted March 2, 2020 Share Posted March 2, 2020 9 hours ago, Dario said: This morning I could not access my gmail account and I was asked to log in, but my (correct) password was apparently wrong. Google marked: password changed 2 hours ago. So I opted for password lost and created a new, more difficult password. I then saw that coins.co.th with whom I registered but never did any transactions reported the same. Coins gave me the "hackers" IP address, Location and browser type. It said IP address 45.56.146.37, country: Philippines, but when I checked the IP address on the net, I was told India. What can I do to get the hacker busted? Absolutely nothing. What you should have been doing is using a password management tool (I recommend LastPass or BitWarden) Never use the same password on more than 2 sites. I have 650 different passwords. Make sure all your passwords are at least 14 characters. Make sure your master password is at least 20 characters (mine is 45). Link to comment Share on other sites More sharing options...
timendres Posted March 2, 2020 Share Posted March 2, 2020 The question that I would be asking right now is how the hacker got your password?! If the password was weak, and it was guessed by a brute force application, then fair enough. But there are known computer viruses that have keyboard sniffers, meaning that someone could potentially be watching everything you type on your computer right now, and any new passwords will be handed to them just like the old one. So be sure to run some solid virus scanning software on your machine asap. Link to comment Share on other sites More sharing options...
Dario Posted March 2, 2020 Author Share Posted March 2, 2020 1 hour ago, timendres said: So be sure to run some solid virus scanning software on your machine asap. What do you suggest as solid virus scanning software? Link to comment Share on other sites More sharing options...
Paul DS Posted March 2, 2020 Share Posted March 2, 2020 10 hours ago, OneMoreFarang said: Nothing - at least in 99.9% of the cases. Make sure you change all your passwords and if necessary cancel your credit card and things like that. That's unfortunately all you can (realistically) do. Clear your history on computer, reset modem / router password. Link to comment Share on other sites More sharing options...
OneMoreFarang Posted March 2, 2020 Share Posted March 2, 2020 1 hour ago, Paul DS said: 11 hours ago, OneMoreFarang said: Nothing - at least in 99.9% of the cases. Make sure you change all your passwords and if necessary cancel your credit card and things like that. That's unfortunately all you can (realistically) do. Clear your history on computer, reset modem / router password. Yes, but do that additionally to above, not instead. Link to comment Share on other sites More sharing options...
OneMoreFarang Posted March 2, 2020 Share Posted March 2, 2020 1 hour ago, Dario said: What do you suggest as solid virus scanning software? Best is if you use software which runs outside of your operating system. Because some viruses are so "smart" that they can hide from ordinary scanners. I recommend a well known brand name like i.e. Kaspersky Rescue Disk https://www.kaspersky.com/?ignoreredirects=true If possible download it on another PC. 1 Link to comment Share on other sites More sharing options...
tom in bangkok Posted March 2, 2020 Share Posted March 2, 2020 3 hours ago, seancbk said: What you should have been doing is using a password management tool (I recommend LastPass or BitWarden) Either of these are fine, but 1Password has a much better whitepaper so is more secure in theory. I also vaguely remember LastPass was breached a while ago? A good password manager and 2-factor authentication (I recommend Authy) is basically the best you can practically do to protect yourself. There's probably nothing you can do to have the person who broke into your account persecuted. Link to comment Share on other sites More sharing options...
Number 6 Posted March 2, 2020 Share Posted March 2, 2020 11 hours ago, Tayaout said: Use 2 factors login on every accounts especially Gmail since it can reset all the other one. If you have bitcoin you should own a hardware wallet. Google thanks you for being able to link you to everything you do on the internet to your phone number Link to comment Share on other sites More sharing options...
Tayaout Posted March 2, 2020 Share Posted March 2, 2020 39 minutes ago, Number 6 said: Google thanks you for being able to link you to everything you do on the internet to your phone number He said he use Gmail. With a email account you can reset most other website password. To prevent this his Gmail as to be protected at all cost. The easiest way to do so is to enable 2 factor authentication. The privacy issue is irrelevant and would require a whole new thread. Link to comment Share on other sites More sharing options...
rvaviator Posted March 2, 2020 Share Posted March 2, 2020 You could also use a stand alone password manager - One that is very good, open source and free KeePass Then run it off a USB stick that you can keep safe ... (you can also keep a copy of the encrypted database for all your passwords - in case the loose or damage the USB stick. https://keepass.info/download.html Worth trying Link to comment Share on other sites More sharing options...
gamb00ler Posted March 2, 2020 Share Posted March 2, 2020 5 hours ago, seancbk said: Absolutely nothing. What you should have been doing is using a password management tool (I recommend LastPass or BitWarden) Never use the same password on more than 2 sites. I have 650 different passwords. Make sure all your passwords are at least 14 characters. Make sure your master password is at least 20 characters (mine is 45). One more suggestion is to change at least the passwords to the "important" web sites OFTEN. Password management tools make it easy to create and record new unique passwords. There are also a couple of tricks you can use with gmail account names that help you to identify who is spamming you or selling your email to spammers. Check out the details at: https://www.lifewire.com/easy-gmail-address-hacks-1616186 Link to comment Share on other sites More sharing options...
The Theory Posted March 2, 2020 Share Posted March 2, 2020 6 hours ago, Dario said: What do you suggest as solid virus scanning software? If you believe that your pc got some virus or malware the best is removing everything from your pc, to factory condition. There is no virus scanner that can remove malware. Link to comment Share on other sites More sharing options...
Iron Tongue Posted March 2, 2020 Share Posted March 2, 2020 8 hours ago, Dario said: What do you suggest as solid virus scanning software? So you haven't used any securities in the past? It's likely you weren't "hacked" but were careless when going online. Do you like to use free wifi at cafes, hotels, etc? People can easily grab your session data if you haven't taken precautions. Next, learn about phishing/spoof attempts and don't click any attachments from unknown sources or fake emails asking for banking/account info. Link to comment Share on other sites More sharing options...
Tayaout Posted March 2, 2020 Share Posted March 2, 2020 2 hours ago, Iron Tongue said: So you haven't used any securities in the past? It's likely you weren't "hacked" but were careless when going online. Do you like to use free wifi at cafes, hotels, etc? People can easily grab your session data if you haven't taken precautions. Next, learn about phishing/spoof attempts and don't click any attachments from unknown sources or fake emails asking for banking/account info. Not anymore. Almost every websites use https. The most likely password leaks are website compromise, phishing or a compromised pc. https://haveibeenpwned.com/PwnedWebsites Link to comment Share on other sites More sharing options...
PeteDaKat Posted March 3, 2020 Share Posted March 3, 2020 12 hours ago, tom in bangkok said: Either of these are fine, but 1Password has a much better whitepaper so is more secure in theory. I also vaguely remember LastPass was breached a while ago? A good password manager and 2-factor authentication (I recommend Authy) is basically the best you can practically do to protect yourself. My Dynamic Duo is Bitwarden and Authy for 2fa. It's a tedious bore to go through all your passwords if you've used the same one on multiple sites, but evil never sleeps, so I've slogged through them and now have all unique passwords on my logins. And as the booger-men get every more clever and computing power increases, I've started increasing the length of my passwords, AND, changing them every 3-6 months. It's just another chore for the modern world, wash the dishes, take out the trash, change the passwords. Remember the good old days when 8 characters were enough? Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now