1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

help needed sister in law's email account hijacked

Discussion in 'Internet, Connectivity and Communications' started by grizz3210, Jan 12, 2008.

  1. grizz3210

    grizz3210 Byte Poster

    105
    2
    29
    hi guys

    just after any info you can give me please.

    this story starts a few months ago when someone got hold of my sister in law's face book password.
    the person then went on to send some really nasty messages to people on her account.
    she managed to get control back changing her password to a better one every thing seamed ok,
    untill yesterday when some one got control of face book again yet again she changed the password and deactivated her facebook and left it at that.
    i have just heard that some one now has got in to her hotmail account changed the password so she can not get in and has reactived face book and is send very nasty messages to everyone.

    i am currently looking on the mircosoft website trying to find info on how we go about getting it stopped, and having no luck (mircosoft for you).

    as i am typing this my wife has told me she has spoken to face book and has got control back.

    now for the iceing on the cake face book say that they know who hacked in but cannot tell her to protect the privacy of the person who hacked her account!!!!!!!!!!
     
    Certifications: A+ N+ MCTS-vista
    WIP: MCDST
  2. drum_dude

    drum_dude Gigabyte Poster

    1,547
    46
    113
    This hotmail/msn hijacking is turning into an epedemic! Two people I know have had there accounts hijacked! Turns out that they responded to those "Find out who has blocked you on MSN" emails - the link takes you to a phishing website were one is asked to enter their email address and password! Hey presto and the hi-jackers got their details!

    I don't think MS have responded to their requests to get their hotmail accounts back...it's terrible!
     
    Certifications: MCSA , N+, A+ ,ITIL V2, MCTS
    WIP: MCITP 2008 Ent Admin, Server Admin, Exchange 2010, Lync 2010, CCNA & VCP5
  3. zebulebu

    zebulebu Terabyte Poster

    3,748
    330
    187
    Sadly, there's very little that can be done here. Even if a criminal act has been committed (and, despite what you or I might think about the obviousness of that, proving it is extremely difficult, time-consuming and costly in a court of law) the Police don't have the time, technical know-how or resources to do anything about it.

    I sympathise with your sister-in-law. Someone once did this to one of my private web-based mail accounts and thought it would be funny to send rude messages to all my MSN contacts - not particularly clever when you consider that the messages were extremely rude - and some of them went to my nieces and nephews. However, I would put it down to experience, delete the facebook account, delete any webmail accounts that link to it and change passwords on all other web-based accounts she owns. Email all the contacts from a new webmail address and explain that she has been hacked, and that any communication from the facebook account and her 'old' email address are not from her. People will be much more sympathetic about this type of thing than she realises and, once the initial embarrassment has worn off, she'll realise it has taught her a valuable lesson - use strong passwords, change them frequently, don't EVER have a web browser remember them for you and make sure your browser is closed & your workstation locked/logged off when you aren't using it. I know that when this happened to me I resolved never to use the feature that some sites offer to 'help' you recover a password by asking you a question - those questions are often extremely easy to guess the answers to!

    We have a member on this very forum who went through a similar experience just before Christmas - it was traumatic for him at the time, but he seems to be over it now. personally, if anyone ever did this to me again I would pummel the living shite out of them - but as it's probably not wise to advocate violence, I'll refrain from doing that here :)

    The question of privacy is an extremely hot topic at the moment. Social networking sites like Facebook seem to think they are completely unaccountable to law enforcement. Actually, It's not just social networking sites - I used to have to deal with Ebay's law enforcement department on a semi regular basis for the Professional Standards Department (Internal Affairs) when I worked for a police force - they deliberately select the stupidest, laziest, most unhelpful people possible because, as far as they are concerned, all they are is a drain on their profits. I would imagine Facebook will hide behind every piece of legislation possible, not so much because they deliberately want to be arseholes, but because every time they have to investigate miscreants of this kind, they know it will take a certain amopunt of time (and time equals money) to do it.
     
    Certifications: A few
    WIP: None - f*** 'em
  4. grizz3210

    grizz3210 Byte Poster

    105
    2
    29
    i m not sure if it is a pro hijack.
    i think it is more likely someone she has p****d off.
     
    Certifications: A+ N+ MCTS-vista
    WIP: MCDST
  5. wagnerk
    Highly Decorated Member Award

    wagnerk aka kitkatninja Moderator

    10,831
    357
    341
    The only thing I can advise is to speak to the Citizens Advice Bureau (CAB), as this may come under personation, Indentify Theft and/or maybe the Computer misuse act. Especially when this has happened multiple times.

    -ken
     
    Certifications: CITP, PGCert, BSc, HNC, LCGI, PTLLS, MCT, MCITP, MCTS, MCSE, MCSA:M, MCSA, MCDST, MCP, MTA, MCAS, MOS (Master), A+, N+, S+, ACA, VCA, etc... & 2nd Degree Black Belt
    WIP: PGDip
  6. grizz3210

    grizz3210 Byte Poster

    105
    2
    29
    hi zeb

    thanks for the advice i will pass this on to my sister in law.
     
    Certifications: A+ N+ MCTS-vista
    WIP: MCDST
  7. grizz3210

    grizz3210 Byte Poster

    105
    2
    29
    hi wagnerk

    it looks like she had bank details from members of her family saved in her inbox so looks like her family will be canceling their bank cards i will get them to look in the the Citizens advice bureau at the same time.

    thanks
     
    Certifications: A+ N+ MCTS-vista
    WIP: MCDST
  8. BosonMichael
    Highly Decorated Member Award

    BosonMichael Yottabyte Poster

    19,136
    462
    374
    Ouch, that's rough. Hope she doesn't use her e-mail box as a storage facility in the future...

    She should also change the passwords and e-mail address on record for EVERYTHING else she uses online... Amazon accounts, eBay accounts, online banking, EVERYTHING.
     
    Certifications: CISSP, MCSE+I, MCSE: Security, MCSE: Messaging, MCDST, MCDBA, MCTS, OCP, CCNP, CCDP, CCNA Security, CCNA Voice, CNE, SCSA, Security+, Linux+, Server+, Network+, A+
    WIP: Just about everything!
  9. greenbrucelee
    Highly Decorated Member Award

    greenbrucelee Zettabyte Poster

    14,283
    254
    329
    yep she is gonna have to cancel it all aswell as tell the family members to do it too.
     
    Certifications: A+, N+, MCDST, Security+, 70-270
    WIP: 70-620 or 70-680?
  10. wizard

    wizard Petabyte Poster

    5,763
    35
    174
    I wouldn't go to the CAB, if you don't know who did it, then you'll have no chance.

    Do as zeb suggested, and chalk it down to experience and move on.
     
    Certifications: SIA DS Licence
    WIP: A+ 2009
  11. MrNerdy

    MrNerdy Megabyte Poster

    544
    4
    0
    Can you not ask Facebook for the persons details under The Freedom of Information Act 2000.
     
    Certifications: ECDL, CiscoIT1 & A+
    WIP: Girlfriend & Network+
  12. wagnerk
    Highly Decorated Member Award

    wagnerk aka kitkatninja Moderator

    10,831
    357
    341
    However Facebook do know, see Grizz3210's quote below...

    If there has been any criminal acts commited, especially since this person has access to bank details, etc... Then it becomes a police matter, the affected parties would not be the ones asking for the persons details, the police would be. Now it's down to the law to determine whether or now a criminal act has been commited.

    -Ken
     
    Certifications: CITP, PGCert, BSc, HNC, LCGI, PTLLS, MCT, MCITP, MCTS, MCSE, MCSA:M, MCSA, MCDST, MCP, MTA, MCAS, MOS (Master), A+, N+, S+, ACA, VCA, etc... & 2nd Degree Black Belt
    WIP: PGDip
  13. wizard

    wizard Petabyte Poster

    5,763
    35
    174
    The bank may ask why were there bank details stored in an email inbox? The onus is on the person to make sure the bank details are stored in a secure place, I wouldn't call being left in a hotmail account as a secure place.
     
    Certifications: SIA DS Licence
    WIP: A+ 2009
  14. grizz3210

    grizz3210 Byte Poster

    105
    2
    29
    I would have to agree with you on that one.

    I think that she has learnt the hard way the same as most people do i don't think she will store things like that again.

    Just found out that they have now got in to her pay pal account she's not having a great time of it i belive she is going to speak to the police over this, we will just have to see what they can do.
     
    Certifications: A+ N+ MCTS-vista
    WIP: MCDST
  15. wizard

    wizard Petabyte Poster

    5,763
    35
    174
    Is she using the same email address as her paypal address?
     
    Certifications: SIA DS Licence
    WIP: A+ 2009
  16. grizz3210

    grizz3210 Byte Poster

    105
    2
    29
    look's like she was.
     
    Certifications: A+ N+ MCTS-vista
    WIP: MCDST
  17. disarm

    disarm Byte Poster

    150
    3
    24
    Same thing happened to me a few years ago. Someone hacked my gmail account by sniffing the password over the network (Google had a windows app that 'stored' the password and checked for emails- don't use it). After much complaining to Google the account was permanently shut down.

    I never thought I would be 'hacked' but needless to say, security was stepped up a notch or two after that.
     
  18. JonnyMX

    JonnyMX Petabyte Poster

    5,239
    211
    236
    There is always a danger when you use the same username/password for multiple accounts, although so many of us do it.

    Having to use your email address as a username is also annoying as it takes half the guesswork out of the equation for a hacker.

    Social networking sites are also a menace as they give people a lot of useful information about you, special dates, names of friends, pets names, places you've been etc - any one of which could be your password to something. Same reason why some people go through the rubbish, hoping to find a piece of useful information about you - and there we are sticking it all on the Internet for them. :blink
     
    Certifications: MCT, MCTS, i-Net+, CIW CI, Prince2, MSP, MCSD
  19. NightWalker

    NightWalker Gigabyte Poster

    1,172
    25
    92
    I think the vast majority of accounts that get hijacked, either email, social sites or shopping sites are down to the fact that people use crap passwords. Every password I use comes from a randomly generated string and is as long as the site will allow one to be. Secure passwords are essential.

    Try this site to give you the perfect password easily.
     
    Certifications: A+, Network+, MCP, MCSA:M 2003, ITIL v3 Foundation
  20. JonnyMX

    JonnyMX Petabyte Poster

    5,239
    211
    236
    Nuts to that! :blink:biggrin

    Surely there comes a point where the password becomes so complex that you are increasing the liklihood that someone will have to write it down or store it somewhere else, which surely defeats the object.
     
    Certifications: MCT, MCTS, i-Net+, CIW CI, Prince2, MSP, MCSD

Share This Page

Loading...