GOOGLE account hacked / compromised

[Dario]

This morning I could not access my gmail account and I was asked to log in, but my (correct) password was apparently wrong. Google marked: password changed 2 hours ago. So I opted for password lost and created a new, more difficult password. I then saw that coins.co.th with whom I registered but never did any transactions reported the same. Coins gave me the "hackers" IP address, Location and browser type. It said IP address 45.56.146.37, country: Philippines, but when I checked the IP address on the net, I was told India.

 

What can I do to get the hacker busted?

 

[OneMoreFarang]

22 minutes ago, Dario said:

What can I do to get the hacker busted?

Nothing - at least in 99.9% of the cases.

Make sure you change all your passwords and if necessary cancel your credit card and things like that. That's unfortunately all you can (realistically) do.

[dimitriv]

Probably there is not much you can do.

 

If you check the IP https://whatismyipaddress.com/ip/45.56.146.37

 

It says "proxy".  The hacker used a proxy server or VPN to hide his real IP address. Probably there is no way to find out his real identity.

 

 

[Swiss1960]

Did the hacker steal something from you? If not, forget anybody doing something about it. Only option is report IP to google fraud department. 

 

WARNING: don't forget to change ALL logins where you used your gmail account!

[Peterw42]

Nothing you can do, The IP address wouldn't mean much as it would  be a proxy/VPN server etc, or a starbucks coffee shop.

Probably more productive to work out how /when you have inadvertently disclosed your original password, probably by logging into a fake site, using the same password across multiple logins etc.

Always a good idea to have a couple of throw away gmail accounts for sign ups.

 

[DannyCarlton]

1 minute ago, Peterw42 said:

Always a good idea to have a couple of throw away gmail accounts for sign ups.

Particularly for logging on to Thai sites/forums. I always use a VPN and a throwaway email account (not gmail).

[Peterw42]

15 minutes ago, DannyCarlton said:

Particularly for logging on to Thai sites/forums. I always use a VPN and a throwaway email account (not gmail).

A VPN doesn't do much in the way of password security, most people inadvertently give away their password by using their email address and the "same" password to sign up for other sites.

If you have an acme email account and password is "name of your dog", then go to bogusdownloads.com and sign in with acme email address and make the password "name of your dog". Bogusdownloads.com has your email and your password.

Edited March 2, 2020 by Peterw42

[DannyCarlton]

1 minute ago, Peterw42 said:

A VPN doesn't do much in the way of password security, most people inadvertently give away their password by using their email address and the "same" password to sign up for other sites.

If you have an acme email account and password is "name of your dog", then go to bogusdownloads.com and sign in with acme email account and make the password "name of your dog". Bogusdownloads.com has your email and your password.

I keep a little notebook with all my account passwords in. Almost all unique. Hundreds of them.

 

Only so many variations of "Danny Carlton" though. 555

[Tayaout]

Use 2 factors login on every accounts especially Gmail since it can reset all the other one. If you have bitcoin you should own a hardware wallet. 

[Peterw42]

5 minutes ago, DannyCarlton said:

I keep a little notebook with all my account passwords in. Almost all unique. Hundreds of them.

 

Only so many variations of "Danny Carlton" though. 555

It can be an interesting exercise to change the spelling of your name, as you start to see the spelling variation come back as bogus.

I have always had some throwaway emails petersignup@, its amazing how many things I get addressed to "Dear Mr Signup"

[gamb00ler]

When signing up for an account where I have no need for further communication I use [email protected].

Yopmail requires no password and zero setup and offers zero security.  Some free WiFi places require my email and I always give them a yopmail address.  bobsmith@yopmail does get some interesting emails ????

[Dario]

Thank you for all the answers, although some are not really encouraging, but nevertheless, thank you. I know that there are some very knowledgeable people among our members. One thing I must say: I'm grateful to Google that they contact me when somebody is intruding into my account. There are so many cyber criminals around these days, people would not believe until they get hacked themselves. I got compromised twice on my credit cards, one to the tune of more than 300'000 Baht! Lucky that the card issuer of that fraud was extremely helpful. 

Edited March 2, 2020 by Dario

[oliveryuan]

Hello, 

 

Account recovery form: https://accounts.google.com/signin/recovery is the only option provided by Google to recover the account. 

 

Kindly check this help article for tips to complete account recovery steps: https://support.google.com/accounts/answer/7299973?hl=en. 

 

For more information, you can also check this article: http://gmailaccountrecovery.blogspot.com/.

[rwill]

This is why it is best not to use facebook or your google account to log into other sites when they offer that option.

[seancbk]

9 hours ago, Dario said:

This morning I could not access my gmail account and I was asked to log in, but my (correct) password was apparently wrong. Google marked: password changed 2 hours ago. So I opted for password lost and created a new, more difficult password. I then saw that coins.co.th with whom I registered but never did any transactions reported the same. Coins gave me the "hackers" IP address, Location and browser type. It said IP address 45.56.146.37, country: Philippines, but when I checked the IP address on the net, I was told India.

 

What can I do to get the hacker busted?

 

Absolutely nothing.   

What you should have been doing is using a password management tool (I recommend LastPass or BitWarden)

Never use the same password on more than 2 sites.  I have 650 different passwords.  

 

Make sure all your passwords are at least 14 characters.

Make sure your master password is at least 20 characters (mine is 45). 


 

 

[timendres]

The question that I would be asking right now is how the hacker got your password?!

 

If the password was weak, and it was guessed by a brute force application, then fair enough.

 

But there are known computer viruses that have keyboard sniffers, meaning that someone could potentially be watching everything you type on your computer right now, and any new passwords will be handed to them just like the old one.

 

So be sure to run some solid virus scanning software on your machine asap.

[Dario]

1 hour ago, timendres said:

So be sure to run some solid virus scanning software on your machine asap.

What do you suggest as solid virus scanning software?

[Paul DS]

10 hours ago, OneMoreFarang said:

Nothing - at least in 99.9% of the cases.

Make sure you change all your passwords and if necessary cancel your credit card and things like that. That's unfortunately all you can (realistically) do.

Clear your history on computer, reset modem / router  password.

[OneMoreFarang]

1 hour ago, Paul DS said:

11 hours ago, OneMoreFarang said:

Nothing - at least in 99.9% of the cases.

Make sure you change all your passwords and if necessary cancel your credit card and things like that. That's unfortunately all you can (realistically) do.

Clear your history on computer, reset modem / router  password.

Yes, but do that additionally to above, not instead.

[OneMoreFarang]

1 hour ago, Dario said:

What do you suggest as solid virus scanning software?

Best is if you use software which runs outside of your operating system. Because some viruses are so "smart" that they can hide from ordinary scanners.

 

I recommend a well known brand name like i.e. Kaspersky Rescue Disk

https://www.kaspersky.com/?ignoreredirects=true

 

If possible download it on another PC.

[tom in bangkok]

3 hours ago, seancbk said:

What you should have been doing is using a password management tool (I recommend LastPass or BitWarden)

Either of these are fine, but 1Password has a much better whitepaper so is more secure in theory. I also vaguely remember LastPass was breached a while ago?

 

A good password manager and 2-factor authentication (I recommend Authy) is basically the best you can practically do to protect yourself.

 

There's probably nothing you can do to have the person who broke into your account persecuted.

[Number 6]

11 hours ago, Tayaout said:

Use 2 factors login on every accounts especially Gmail since it can reset all the other one. If you have bitcoin you should own a hardware wallet. 

Google thanks you for being able to link you to everything you do on the internet to your phone number

[Tayaout]

39 minutes ago, Number 6 said:

Google thanks you for being able to link you to everything you do on the internet to your phone number

He said he use Gmail. With a email account you can reset most other website password. To prevent this his Gmail as to be protected at all cost. The easiest way to do so is to enable 2 factor authentication. The privacy issue is irrelevant and would require a whole new thread. 

[rvaviator]

You could also use a stand alone password manager - One that is very good, open source and free KeePass

Then run it off a USB stick that you can keep safe ... (you can also keep a copy of the encrypted database for all your passwords - in case the loose or damage the USB stick.

 

https://keepass.info/download.html

 

Worth trying

[gamb00ler]

5 hours ago, seancbk said:

 

Absolutely nothing.   

What you should have been doing is using a password management tool (I recommend LastPass or BitWarden)

Never use the same password on more than 2 sites.  I have 650 different passwords.  

 

Make sure all your passwords are at least 14 characters.

Make sure your master password is at least 20 characters (mine is 45). 


 

 

One more suggestion is to change at least the passwords to the "important" web sites OFTEN.  Password management tools make it easy to create and record new unique passwords.

 

There are also a couple of tricks you can use with gmail account names that help you to identify who is spamming you or selling your email to spammers.  Check out the details at:

https://www.lifewire.com/easy-gmail-address-hacks-1616186

[The Theory]

6 hours ago, Dario said:

What do you suggest as solid virus scanning software?

If you believe that your pc got some virus or malware the best is removing everything from your pc, to factory condition. There is no virus scanner that can remove malware. 

[Iron Tongue]

8 hours ago, Dario said:

What do you suggest as solid virus scanning software?

So you haven't used any securities in the past?

 

It's likely you weren't "hacked" but were careless when going online.  Do you like to use free wifi at cafes, hotels, etc?  People can easily grab your session data if you haven't taken precautions.

 

Next, learn about phishing/spoof attempts and don't click any attachments from unknown sources or fake emails asking for banking/account info.

[Tayaout]

2 hours ago, Iron Tongue said:

So you haven't used any securities in the past?

 

It's likely you weren't "hacked" but were careless when going online.  Do you like to use free wifi at cafes, hotels, etc?  People can easily grab your session data if you haven't taken precautions.

 

Next, learn about phishing/spoof attempts and don't click any attachments from unknown sources or fake emails asking for banking/account info.

Not anymore. Almost every websites use https. The most likely password leaks are website compromise, phishing or a compromised pc. 

 

https://haveibeenpwned.com/PwnedWebsites

[PeteDaKat]

12 hours ago, tom in bangkok said:

Either of these are fine, but 1Password has a much better whitepaper so is more secure in theory. I also vaguely remember LastPass was breached a while ago?

 

A good password manager and 2-factor authentication (I recommend Authy) is basically the best you can practically do to protect yourself.

My Dynamic Duo is Bitwarden and Authy for 2fa. It's a tedious bore to go through all your passwords if you've used the same one on multiple sites, but evil never sleeps, so I've slogged through them and now have all unique passwords on my logins. And as the booger-men get every more clever and computing power increases, I've started increasing the length of my passwords, AND, changing them every 3-6 months. It's just another chore for the modern world, wash the dishes, take out the trash, change the passwords. Remember the good old days when 8 characters were enough?