There are two of my favorite site in my google reader that their domain name has been stolen, MakeUseOf.com and David Airey. All of the incident have two things in commons, they both use Gmail as their web mail to store valuable information and use Goddady as their Registrar.
I dont want to discuss about Godaddy but i would like to describe about Gmail, because by far Gmail to me is the best web mail, and i’d like to share tips to check whether you account has been hack or not.
One of the common method to know whether your gmail account has been compromised by cracker (Person who use hacking to do evil things) is by checking the “Filters” and the “Forwarding and POP/IMAP” in the setting page of your Gmail. This is just one way to check whether your gmail has been compromised or not, i don’t know other method.
Here is the step by step with the screenshot:
- Click on “Settings” on the right above corner of your gmail
- Then click on “Filters” tab
- Last Check the “Forwarding and POP/IMAP” Tab
here are a closer one, click on “Settings”
If u never use Filters tab before then there should be no list in it, but if you have use it, check the filters and double check to make sure you dont forward it to unidentified email.
If u found a list on the filters that u dont know, delete it right away.
 |
| From Web IV |
if u never use any of these feature or even understand it, just disabled it all, To disable it set it in to
Forwarding: Disable
POP Download: 1. Status: POP is disabled
IMAP Access:1. Status: IMAP is disabled
Capiche? u could leave a comment to ask more.
OMG, There are unauthorized changes that i didn’t know?!
(like adding filter or POP setting)!!
First delete it right away and change the gmail password.
If u ever store password about others critical site on your gmail account, for god sake change it quickly.
Make your password really strong, u could check how strong your password in Microsoft Password checker and read about Strong passwords: How to create and use them(Microsoft) too. Note: if u still not confident using Gmail, u could always use Yahoo or personal email using your domain name.
To go depth in to the process of Gmail hijacking, u could read in detail at GNUCITIZEN site in Google GMail E-mail Hijack Technique
Update:
Gmail also keeps a list of the last few IPs that have logged in at the bottom of the page. Much easier to keep track of * From: Nuke It dot Org
Here are the screenshot to see the IP log
Click on the “Details” to see the IP log for the last IP on 5-12 hours
Update:
Just found an interesting new post from Gnucitizen and others about Gmail Exploit
u may also like this :
- – A nice way to phish
- – aaa@gmail.com = aaa+1@gmail.com
- – Securing Your Wordpress Site
- – Website New Themes
- – My list of things to remember when re-design my own site
4 Comments
“Digosok + sip” ? lol would love to read that email :D
Anyway, thanks for the simple tip. I have lots of filters, so it can be a bit of a problem to check
Dang! :)) i forgot to erase it, it my campus mail list :P
Gmail keeps a list of the last few IPs that have logged in at the bottom of the page. Much easier to keep track of :)
huhuhu i forgot, i also usually check the IP log first thing in the morning. Thx for the reminder NukeIT :D