Gmail Account Hacked

posted in: Personal, Tech 5 |
Reading Time: 2 minutes

I had a rather scary, and odd, experience while we were on the road back to yesterday. I have my setup to get email from my main account as well as my work email account, and as we were driving up Route 23 in Kentucky, I noticed an email to that Gmail account, from my other, much less frequently used, Gmail account that was . When I went ahead and logged in to that account, I also spotted 3 autoresponses to the spam email from addresses I was vaguely familiar with, as opposed to the random unfamiliar addresses you usually see when your email address is spoofed.

Sure enough, the spam was in my sent box. Obviously, someone had accessed the account in order to send that email. So, I changed my password immediately and my question later, when I wasn’t working on my blackberry. That account wasn’t tied to any other services, as I said, it isn’t my main account, but I also went ahead and changed the password on that one to be safe, and any other service that I thought might have sent an email to that account. I’m slightly befudded as to how that account got compromised. I don’t even log in to it very often, let alone on a public PC or insecure wireless network. Since we were out of town, my immediate thought was that someone had sniffed the password on the hotel wireless, but I don’t think I even logged in to that account. Perhaps there’s some Gmail notified or other service on my iGoogle page that logs in to it and checks for email, and the password got sniffed there, it’s hard to say.

Of course, a little research shows me that this has happened before to others, and it’s something that’s been happening for awhile now. Still it appears no one has a definite answer as to how the account got compromised, so if anyone has more info on that, I’d love to hear it!

Tags: Gmail, Security

5 Responses

  1. Chad D
    | Reply

    Did you happen to check the last logged in IP’s for that account?

    | Reply

    Is it possible someone guessed your security question(s)?

  3. Mike McBride
    | Reply

    Chad, that would have been a good idea, had I thought of it before I logged in with the mobile a few times to change my password, and security question, etc. Those are the last entries when I log in now.

    Aaron, I suppose that’s possible. I don’t even remember what the security question was. It is odd though that they only sent the one email, to the 10 contacts I even have in that account, and didn’t even try to change the password or anything. So, little actual damage done, but it still bugs me!

  4. kylenishioka
    | Reply

    I guess the next logical thing to check would be how long do you remain logged in when you do check that e-mail account. Cross site request forgery, etc. And do you purge your cookies and history on shutdown?

  5. Mike McBride
    | Reply

    Kyle, cross site might be a possibility. I typically don;t log in to that account directly, but I do have an iGoogle page for that account in Flock, with the gmail notifier on it. I typically only access social networks with Flock like Facebook, LinkedIn etc. so there’s a possibility that something I clicked there could have performed it. Don’t really know for sure though.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.