NZFF

[omitchell]

If you have a Google, GMail, or YouTube account. Please take note of this post....

I woke up on Saturday morning to an alert by Google (Who own Gmail and YouTube). There was unauthorized activity detected on my account. Well they weren't far wrong. There WAS unauthorized activity on my account. Someone had tried to hack into my Google account. Here are the details (Address edited)...

"Hi Owen,

Someone recently used your password to try to sign in to your Google Account -XXXXXX@xtra.co.nz.
We prevented the sign-in attempt in case this was a hijacker trying to access your account. Please review the details of the sign-in attempt:

Saturday, March 14, 9:00 PM GMT+3
IP Address: 193.105.245.110
Location: Tverskoy District, Moscow, Russia

If you do not recognize this sign-in attempt, someone else might be trying to access your account. You should sign in to your account and reset your password immediately."

I urge ALL members who have a Google+, YouTube or Gmail account to IMMEDIATELY log in and change your passwords...

Some bastard in Russia just tried to access my YouTube account (And this is my 4th account on Google's system, the first 3 I had (GMail) got hacked to hell) . So please take a few minutes and change your passwords to ensure your security...

Thanks...

[Fozzer]

WOWZERS!....

If I was to get a message like that in my E-Mail In-Box I would immediately suspect it as being a Spam message, possibly containing a Virus, send it straight to my Spam Box, and then immediately delete it without opening it.

Opening suspicious messages informs the Spammer that you are "at home" and ready to receive the Virus, or claim your private details!

I NEVER "open" suspicious messages in my In Box, whether requesting information, or not, especially regarding Passwords and Names!

A single "Click" in the wrong place can be very dangerous!.... ...!

I just Delete it...then do a Virus and Malware scan...just to make sure!


Paul.

[toprob]

Yes, I'd be very careful with an email like this. It is a very effective phishing technique.

Forum admin used to delete these posts, as they can add to the effectiveness of phishing scams, by encouraging people to accept them as legitimate, they are a lot more likely to click on any links and that's where the trouble starts.

There's really only one warning I'd ever give -- the internet is a dangerous place, your accounts are always and continually under attack, and the social engineering which goes on uses some lovely methods to manipulate people, somebody is always going to fall for them.

Yes, Google send out emails like this, which is why they are such an effective target for scammers. So the 'cure' becomes worse than the disease, which is why I'd generally trash warnings like this.

[NZ255]

Enable second factor authentication and you're on your way.

I have it on for my MS accounts and Gmail. All my passwords are different managed by a password manager with plugins on my browser and smartphone.

[toprob]

Yes, I've used a password manager for a while now, and it does seem to give a lot more security -- I suspect that if you know your own passwords, then they aren't secure enough:)

[Ian Warren]

People stealing your data or anything , no tolerance for that , go's with hardware stolen well , a plonker and not to bright down the back flat got his hand on a laptop , the twit deleted half the operating system (dll,s exe.files and all sorts) what caught this idiot out.

He was told to come and see me because I was a little PC savy ... the laptop would boot up to the admin page , showed that this plonker did not own the PC under a different name, own by a Reverend , not sure what happened to him after I called the police , ...

I got one good thing out off it , Marsbar wanted nothing off him either !

[deeknow]

Enable second factor authentication and you're on your way. I have it on for my MS accounts and Gmail. All my passwords are different managed by a password manager with plugins on my browser and smartphone.

Yep this is essential for key logins like GMail, Yahoo etc. Do this !!!

[omitchell]

Yes, I'd be very careful with an email like this. It is a very effective phishing technique.

Forum admin used to delete these posts, as they can add to the effectiveness of phishing scams, by encouraging people to accept them as legitimate, they are a lot more likely to click on any links and that's where the trouble starts.

There's really only one warning I'd ever give -- the internet is a dangerous place, your accounts are always and continually under attack, and the social engineering which goes on uses some lovely methods to manipulate people, somebody is always going to fall for them.

Yes, Google send out emails like this, which is why they are such an effective target for scammers. So the 'cure' becomes worse than the disease, which is why I'd generally trash warnings like this.

And trashing warnings like that is why people get their accounts deleted for being used for Spam. You can actually login to Google and view all activity within a period, and I have verified the attempt. Most attempts actually come from Eastern Europe and are why Google Inc employs the protections it has. This is not hte first time I have had it done, 3 accounts already got banned because they were hacked to hell and used for spamming (Prior to their current security measures) and all from Eastern Europe. Feel free to trash the warnings, but thats your risk..

[toprob]

And trashing warnings like that is why people get their accounts deleted for being used for Spam. You can actually login to Google and view all activity within a period, and I have verified the attempt...

That's fair enough, and I assumed that you had checked by logging into Google, but your original post didn't deal with any need to verify the email, which to me is the most important thing -- the link I gave to the Softpedia article deals specifically with this exact email, and I would guess that there are a LOT more phishing versions of this around than 'real' versions.

Which is why I would rather people deal with their own security, rather than relying on advice from forums etc. Or worse still, a well-meaning Facebook post from a friend:) In my first reply, I actually gave the same sort of advice as Nick(?) -- use some sort of system to remove the human-error factor -- but I deleted it from my post as it falls into the a-little-knowledge-is-a-dangerous-thing category.

[Ian Warren]

Which is why I would rather people deal with their own security, rather than relying on advice from forums etc.

You nailed Rob , That is generally it , everyone should know or have the sense , if your not sure about the mail delete it , you get to know the regulars and everyone has a different 'security setup' and over the years start understanding the do's and not too's , I think this would be directed to the newbies for example my Bro Rick .... but seriously I think the threat would be gone before he even turns on his computer.

[dbcunnz]

I am using a small program called Mail Washer and it accesses all my emails on the server before I download them and any suspect ones I will check the IP address of the sender and if suspicious Mail Washer has a bounced back to the sender from the server option on it which I use quite frequently
Here are the Mail Washer options you have before downloading your email from the server.

[omitchell]

And trashing warnings like that is why people get their accounts deleted for being used for Spam. You can actually login to Google and view all activity within a period, and I have verified the attempt...

That's fair enough, and I assumed that you had checked by logging into Google, but your original post didn't deal with any need to verify the email, which to me is the most important thing -- the link I gave to the Softpedia article deals specifically with this exact email, and I would guess that there are a LOT more phishing versions of this around than 'real' versions.

Which is why I would rather people deal with their own security, rather than relying on advice from forums etc. Or worse still, a well-meaning Facebook post from a friend:) In my first reply, I actually gave the same sort of advice as Nick(?) -- use some sort of system to remove the human-error factor -- but I deleted it from my post as it falls into the a-little-knowledge-is-a-dangerous-thing category.

I spent too many years doing internet and network tech support and security was always a headache for us. The original post was to point out that this is happening and to advise people with accounts on the Google servers (Google, Gmail, YouTube etc) that they should change their passwords. Most of us long timers know this already but not every one does but passwords should be changed regularly. If you receive an email like this don't follow the links in the emails but just pop into the website through your normal methods and verify if needed or change through there.

The phishing emails are another problem, they are formatted to look like they are authentic but they will always ask you to "Click here" to change your password and then take you to a site that looks authentic but isn't to gather your information. A security warning from Google won't, it will tell you to log in to your account and change your password from there.

[NZ255]

The only thing that I've come close to is my Mum's email account. Live.com saw she had 2 active sessions, one from Wellington and one from Auckland.....that's odd. Oh well, reported, change password etc. Done.

Few days later...same thing....hmmm.....look at the IP address coming from Auckland. "I wonder..."
Open smartphone browser on 3G, Google what's my IP address... what do you know. The public IP from 2 degrees is based in Auckland.
Another mystery solved.