Sign in to follow this  
Followers 0
CityFan 06

Email hacker

26 posts in this topic

Posted (edited)

Is there anyone here who is an IT expert? 

 
Basically, the other day on the computer at home, my relative clicked on a phishing email, from a very clever hacker who made the email look exactly like Facebook. Used the same email name as 'Facebook' but unfortunately when clicked on the email the address was of course very dodgy as soon as I looked at it. 
 
To my question, me and my other relative have worked extremely hard to secure as much as we can linked to that email address. We know this hacker has access to the email account, but can he have access to the whole computer? In our efforts, we ran a full scan of the computer with the security we have in Kaspersky. This picked up no threats. 
 
My only worry is, what happens if the hacker is so sophisticated that he's gone undetected from our security. Thing is, we do banking and all sorts on this computer, as it's a home family one.
 
Is it really worth just getting rid of the computer and hard drive? The biggest worry of all is the hacker getting into our financial stuff through the emails, as such we haven't logged into any online banks recently. We are concerned that the hacker may be monitoring our time on the computer, waiting for us to log into something financial.
 
System we're using is Windows 10, which is a blessing I suppose as that is the latest software with up-to-date security features. 
 
Do you think this guy would've been able to bypass both Kaspersky security and Windows 10 security? 
 
Obviously everyone, please be extra careful if you receive any emails from Facebook, if it looks strange such as one of your friends wants to accept your friend request even though you're already friends, don't click on the email. I think they are working as a group to catch people out, they are using the same email name as Facebook, so please be doubly careful. I've think they're also doing Instagrammers on email aswell. This email didn't even go into my relative's junk/spam folder. 
 
Any feedback is appreciated. Understandably it does shake you, hence why I'm very worried on behalf of my relative at the moment. 

Edited by CityFan 06
0

Share this post


Link to post
Share on other sites

If Kaspersky hasnt picked anything you should be ok. Run with Malware bytes and spybot.

 

If all clear.. change passwords and you are safe?

0

Share this post


Link to post
Share on other sites

if your anti-virus/firewall picked up nothing, it's probably correct. I'd make sure to back up all your files/documents on to an external hard-drive just incase. 

 

I don't think you'd need to get rid of your computer. If anything get rid of any important files (after backing them up of course). Change passwords where possible as well. 

 

You could always try another anti-virus programme (McAfee, AVG, Norton etc). There's also a programme called 'CCleaner/Crap Cleaner' (genuine name!). That's been handy for me. 

 

Might be worth checking to choose what emails you receive from Facebook. That way you know if any future e-mails from Facebook aren't what you choose, you or your relatives know what not to click on. 

 

If you use Chrome, I think it comes with an in-built setting where you can hover over a link and in the bottom left/bottom right of the screen it'll show you what the URL is of the link you are hovering over. 

0

Share this post


Link to post
Share on other sites

Why would they have access to your email account? Just change the password and move on. 

 

It's only a phishing scam

0

Share this post


Link to post
Share on other sites
1 minute ago, DB11 said:

Why would they have access to your email account? Just change the password and move on. 

 

It's only a phishing scam

he does come across very paranoid reading it back again lol 

0

Share this post


Link to post
Share on other sites

I'd concur with the above.

Kaspersky is reliable enough to have picked up on anything sinister.

I'd also agree with the comment to run Malwarebytes if you have it. If that shows 'all clear' you're likely a lucky bunny!

Any doubts, back-up externally and consider changing your passwords for vulnerable accounts... All different of course!!

1

Share this post


Link to post
Share on other sites

To add to what others have said.

 

You've got Kaspersky, if that's picking nothing up it unlikely that you've got anything nasty.  Phishing is usually about "capturing" your accounts and passwords.  Hackers know that we are fundamentally lazy.  If you facebook account has the email address of fred@fred.com and a password of password, then for a lot of folk so will their amazon account, tesco, argos etc etc etc etc.

 

Change your passwords.

Back up your files (pictures, music, documents) - use one of the many free cloud storage sites (try mega.nz)

Always hover over "click here" buttons, look at email addresses.  Look for the full email address, the blah@blah.com not the "handy" decriptive name.

0

Share this post


Link to post
Share on other sites

What happened when you clicked on the email?

 

Kaspersky and other AV companies are always updating their databases.  It is a game of cat and mouse - hackers try and get around it and once the anti-virus companies pick it up, they shut it down.  If your Kaspersky was up to date, you should be OK. 

 

I recommend changing passwords to be on the safe side.

 

Theoretically, it is possible to get around AV, claim admin rights and start doing all sorts BUT that takes time so tends to reserved for targetted attacks.  It is much more likely that you were one of 10million people to receive the email so the hacker could get some small benefit from a 0.5% of users who don't run anti-virus, leave themselves vulnerable, click on the link and continue filling in forms etc.

0

Share this post


Link to post
Share on other sites

Posted (edited)

Thanks for the responses so far, very helpful.

 

I've tried to think of all the accounts associated with this email account. Ultimately we don't know if we're too late as to whether this hacker has got into information. 

 

Leading into @nnfox's question, when my relative clicked on the email nothing happened straight away. A few hours later logging back in to get rid of emails etc, Kaspersky flagged it up saying something like "cannot verify this source, or uncertified certificate".  Along the top of the Outlook tab there was then this code which we have never seen before, leading me to think it had been hacked into. One thing I would say, in the email it wanted us to click on a further link to Facebook which we did not do, but we did open the email...


Edited by CityFan 06
0

Share this post


Link to post
Share on other sites
5 minutes ago, CityFan 06 said:

Thanks for the responses so far, very helpful.

 

I've tried to think of all the accounts associated with this email account. Unfortunately, there are a couple of other accounts on websites which have used very similar or the same login details as the email address.

 

With PayPal, I don't know if I was too late but I did change the password on that. With the NOW TV account, I believe could have the same email and password as the email account. But I'm not sure if I can change the password without it wanting me to send a link to the email address that has been hacked. Also changed my relative's Twitter and Facebook accounts. It's so hard because it's trying to remember all the accounts linked with this email address which could have the same password as the email account. Ultimately we don't know if we're too late as to whether this hacker has got into information. 

 

Leading into @nnfox's question, when my relative clicked on the email nothing happened straight away. A few hours later logging back in to get rid of emails etc, Kaspersky flagged it up saying something like "cannot verify this source, or uncertified certificate".  Along the top of the Outlook tab there was then this code which we have never seen before, leading me to think it had been hacked into. One thing I would say, in the email it wanted us to click on a further link to Facebook which we did not do, but we did open the email...

I wouldn't worry too much. As said above, a lot of the time it's chancers relying on law of averages that they're bound to get someone vulnerable without any anti-virus or protection. 

 

Opening e-mails also doesn't activate anything. It's the clicking on the link which does the harm. 

0

Share this post


Link to post
Share on other sites
3 minutes ago, StanSP said:

I wouldn't worry too much. As said above, a lot of the time it's chancers relying on law of averages that they're bound to get someone vulnerable without any anti-virus or protection. 

 

Opening e-mails also doesn't activate anything. It's the clicking on the link which does the harm. 

Right, so we may just of gotten away with it then. We did only open up email, no further than that.

 

0

Share this post


Link to post
Share on other sites

The 1st thing hackers will do is change your password, to stop you getting back in.  If you can still access all your account AND you changed the password then all is good.

 

0

Share this post


Link to post
Share on other sites
5 hours ago, StanSP said:

I wouldn't worry too much. As said above, a lot of the time it's chancers relying on law of averages that they're bound to get someone vulnerable without any anti-virus or protection. 

 

Opening e-mails also doesn't activate anything. It's the clicking on the link which does the harm. 

Or downloading attachments 

0

Share this post


Link to post
Share on other sites

You do not have to bin your computer because you got sent a phishing email, that'd be bizarre 

0

Share this post


Link to post
Share on other sites
9 hours ago, CityFan 06 said:

Right, so we may just of gotten away with it then. We did only open up email, no further than that.

 

Nothing to worry about in that case. The links are the only deadly source in the email so you'll be fine. 

 

Would do no harm to back your files up to an external hard drive just in case though. 

0

Share this post


Link to post
Share on other sites

The point of phishing email is to gather data, if you've clicked on the email and input any details then you need to be careful make sure that you change your password for Facebook and anything else where you use the same password. Likewise if you have input any answers to security questions.

 

Phishing isn't hacking and won't damage your computer.

0

Share this post


Link to post
Share on other sites

Change your password and move on like others have stated they can't access your computer by having the password, only if you download or execute a file will they be able

to imploy any kind of virus that starts logging

0

Share this post


Link to post
Share on other sites

Don't worry :) doubt they'll be using keyloggers,it'll  just be some fat nerd in his mums spare bedroom stealing email passwords :) 

0

Share this post


Link to post
Share on other sites

To be sure, would this hacker of been able to obtain login details for the actual email account by us opening the phising email?

 

You see, login details for the email account were very similiar and maybe the same as some other website logins. Of course, now I've changed a large bulk of those email and password logins on sites. 

0

Share this post


Link to post
Share on other sites
2 minutes ago, CityFan 06 said:

To be sure, would this hacker of been able to obtain login details for the actual email account by us opening the phising email?

 

You see, login details for the email account were very similiar and maybe the same as some other website logins. Of course, now I've changed a large bulk of those email and password logins on sites. 

Nope. 

0

Share this post


Link to post
Share on other sites
12 minutes ago, StanSP said:

Nope. 

I mean, when we went onto the email account again after logging out for a bit; Kaspersky did flag up and say about the script/certificate which was running. At the top of the tab, there was also a code which looked unfamiliar. Hence why this became very worrying, and still is to a degree.

0

Share this post


Link to post
Share on other sites
13 minutes ago, CityFan 06 said:

I mean, when we went onto the email account again after logging out for a bit; Kaspersky did flag up and say about the script/certificate which was running. At the top of the tab, there was also a code which looked unfamiliar. Hence why this became very worrying, and still is to a degree.

have faith that Kaspersky is protecting you and flagging up the right things before you go any further. best thing you can do (if you think your login details have been compromised or stolen), change your password.

 

You'll be fine - look at all the comments on here. I think you're worrying more than you need to. 

0

Share this post


Link to post
Share on other sites
2 hours ago, CityFan 06 said:

I mean, when we went onto the email account again after logging out for a bit; Kaspersky did flag up and say about the script/certificate which was running. At the top of the tab, there was also a code which looked unfamiliar. Hence why this became very worrying, and still is to a degree.

 

Don't worry mate. They cannot get anything from you simply opening the email.

 

Kaspersky has some of the best tracking of malicious software and viruses on the market. I would have faith in this.

 

If you want your own piece of mind, then it would be wise to change your password. But an email such as this cannot do any harm unless you click the link where it'll put software onto your computer.

0

Share this post


Link to post
Share on other sites

We have an ethical hacker at work. I'll ask him for you Cityfan.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0


  • Recently Browsing   0 members

    No registered users viewing this page.