The Student Room Group
Competition - post a photo you've taken of nature >>
Uni students - Complete our survey >>
Competition - post a photo you've taken of nature >>
Uni students - Complete our survey >>

This discussion is now closed.

Check out other Related discussions

How do people hack accounts?

Scroll to see replies

Original post by tombayes
that email address is definitely not google. They don't use addresses like that.


So how exactly would you explain the exact event that email is talking about appearing in the security event log inside the email account? And the accounts.google.com domain belongs to Google...
(edited 9 years ago)
Original post by Chlorophile
That email was sent to the email in question and my backup email address. Whoever tried to log in was blocked by gmail, fortunately. Password was not changed by them.

Oh okay, that makes sense. Thanks! (:
Original post by Chlorophile
So how exactly would you explain the exact event that email is talking about appearing in the security event log inside the email account?


if they have your username (i.e. from youtube) they just type in a random password and then it will appear in the security log as a login 'attempt'...

trust me change your password now (and do not use the link again)
Original post by tombayes
if they have your username (i.e. from youtube) they just type in a random password and then it will appear in the security log as a login 'attempt'...

trust me change your password now (and do not use the link again)


I have changed my password but the I think the email address it came from is legitimate... And all of the links go to google https secure pages...
(edited 9 years ago)
Original post by Chlorophile
I have changed my password but the email address it came from is legitimate...


why do you think that?
Original post by tombayes
why do you think that?


Because the domain is owned by google and every link in the email goes to a security verified https google owned domain.
Original post by Chlorophile
Because the domain is owned by google and every link in the email goes to a security verified https google owned domain.


firstly, it is easy to fake the domain and the email address
secondly, be careful just because the link says something it does not mean it takes you there.
Original post by tombayes
firstly, it is easy to fake the domain and the email address
secondly, be careful just because the link says something it does not mean it takes you there.

Well I clicked on the links and they did. The https thing in chrome is green, the page has the exact same URL as the URL I get by going through the ordinary google controls. I can forward it to you if you want but I am convinced the email is legit.
Original post by Chlorophile
Well I clicked on the links and they did. The https thing in chrome is green, the page has the exact same URL as the URL I get by going through the ordinary google controls. I can forward it to you if you want but I am convinced the email is legit.


I could be wrong - i don't know.

But it would surprise me if Google includes links to reset passwords in emails - this is very bad practice indeed.

Anyway you changed your password so it does not matter.
Original post by Chlorophile
x

I'd say phishing or RAT.. But since you mentioned a linux machine that's very unlikely since not many people are sad enough to write malicious tools for a linux-based machine

You most likely had an easy to guess password? e.g. a word followed by a sequence of numbers in order from largest to smallest and vice versa.

Or someone socially engineered you? and got the password that way?

I can see any other means they'd bother with it.. If they bothered with actual proper decryption or injections then I must question how dignified their existence is.
Original post by Binary Freak

I'd say phishing or RAT.. But since you mentioned a linux machine that's very unlikely since not many people are sad enough to write malicious tools for a linux-based machine

You most likely had an easy to guess password? e.g. a word followed by a sequence of numbers in order from largest to smallest and vice versa.

Or someone socially engineered you? and got the password that way?

I can see any other means they'd bother with it.. If they bothered with actual proper decryption or injections then I must question how dignified their existence is.


There is absolutely no way somebody would be able to guess that password in under several hundred or thousand attempts. It is broadly what you described but the word is very random, there's absolutely no link with my email address or anything.

And I've definitely not willingly told that password to anyone.
Original post by Chlorophile
So somebody apparently just logged into my gmail account from China which made me wonder, how do people actually hack into accounts like email accounts? Because I know that there's no way anybody could have simply guessed my password and given that gmail locks down accounts after a number of incorrect attempts, it couldn't have been done by repeatedly trying random combinations. So how do they do it?

I'm not entirely sure but I think if you crack the hash, which doesn't use any of your password attempts, then you can decrypt the password...

Or something like that never tried it haha.
Original post by Chlorophile
There is absolutely no way somebody would be able to guess that password in under several hundred or thousand attempts. It is broadly what you described but the word is very random, there's absolutely no link with my email address or anything.

And I've definitely not willingly told that password to anyone.


Might want to change it? Try the word but in a numerical variant.. e.g. 371T3 - Elite?

You haven't strangely downloaded anything or clicked on a bad link?
Original post by Chlorophile
So somebody apparently just logged into my gmail account from China which made me wonder, how do people actually hack into accounts like email accounts? Because I know that there's no way anybody could have simply guessed my password and given that gmail locks down accounts after a number of incorrect attempts, it couldn't have been done by repeatedly trying random combinations. So how do they do it?

Interesting...someone hacked into my gmail account too.
Original post by Binary Freak
Might want to change it? Try the word but in a numerical variant.. e.g. 371T3 - Elite?

You haven't strangely downloaded anything or clicked on a bad link?


I've clicked on a couple of dodgy links in my linux PC but as you said, I didn't think it was likely that I'd have something on it (I don't even know if there are any anti-viruses for linux)? I've wiped my iPod. My phone runs Windows Mobile so I don't know how vulnerable it is, but I really barely use it for anything apart from email, research and calls.
Original post by Chlorophile
I've clicked on a couple of dodgy links in my linux PC but as you said, I didn't think it was likely that I'd have something on it (I don't even know if there are any anti-viruses for linux)? I've wiped my iPod. My phone runs Windows Mobile so I don't know how vulnerable it is, but I really barely use it for anything apart from email, research and calls.


It's not more so you having something dodgy on your machine but more so that someone has sent you a link that is dodgy.

Someone.. Someone very sad has probably created a html page that is duplicated exactly to gmail.. They upload that file on a free web hosting service or a privately brought one if they want to be fancy.

They may also include a text file(s) with it which is where your details would be stored. They access that file once you've done whatever and they have your password.

That's also another reason why you shouldn't use the same password for all websites. People are ever so inclined to use the same password because it's simple.
Original post by AdamCee
I'm not entirely sure but I think if you crack the hash, which doesn't use any of your password attempts, then you can decrypt the password...

Or something like that never tried it haha.


But the attacker would have to have the hash to crack, which would suggest either MITB (why would you do it this way if you had malware on the machine in the first place) or they've compromised Google, in which case, you have yourself an exclusive.
Original post by tombayes
that email address is definitely not google. They don't use addresses like that.

Also, it would be very bad practice to have a password reset link inside the email.

Change your password now.


I wouldn't be so confident. You don't really have enough information to make that judgement. Phishing emails frequently mimic legitimate email accounts. I've done some quick searches and found conflicting information about this email address. Without seeing the body of the email or the headers, it's difficult to say for sure.

I will say this, though, Google is pretty **** hot with its use of SPF. It'd take a very well crafted email to spoof a Google email address and send it to a Gmail inbox.
Original post by Chlorophile
I've clicked on a couple of dodgy links in my linux PC but as you said, I didn't think it was likely that I'd have something on it (I don't even know if there are any anti-viruses for linux)? I've wiped my iPod. My phone runs Windows Mobile so I don't know how vulnerable it is, but I really barely use it for anything apart from email, research and calls.


ClamAV
Original post by Chlorophile
So somebody apparently just logged into my gmail account from China which made me wonder, how do people actually hack into accounts like email accounts? Because I know that there's no way anybody could have simply guessed my password and given that gmail locks down accounts after a number of incorrect attempts, it couldn't have been done by repeatedly trying random combinations. So how do they do it?


The same way as you crack a safe - with great care, practice, a big bunch of tools and a stroke of luck.

Related discussions

Latest

Trending

Trending

Articles for you