Our system detected that your browser is blocking advertisements on our site. Please help support FoxesTalk by disabling any kind of ad blocker while browsing this site. Thank you.
Jump to content
Guest CityFan 06

Email hacker

Recommended Posts

Guest CityFan 06

Is there anyone here who is an IT expert? 

 
Basically, the other day on the computer at home, my relative clicked on a phishing email, from a very clever hacker who made the email look exactly like Facebook. Used the same email name as 'Facebook' but unfortunately when clicked on the email the address was of course very dodgy as soon as I looked at it. 
 
To my question, me and my other relative have worked extremely hard to secure as much as we can linked to that email address. We know this hacker has access to the email account, but can he have access to the whole computer? In our efforts, we ran a full scan of the computer with the security we have in Kaspersky. This picked up no threats. 
 
My only worry is, what happens if the hacker is so sophisticated that he's gone undetected from our security. Thing is, we do banking and all sorts on this computer, as it's a home family one.
 
Is it really worth just getting rid of the computer and hard drive? The biggest worry of all is the hacker getting into our financial stuff through the emails, as such we haven't logged into any online banks recently. We are concerned that the hacker may be monitoring our time on the computer, waiting for us to log into something financial.
 
System we're using is Windows 10, which is a blessing I suppose as that is the latest software with up-to-date security features. 
 
Do you think this guy would've been able to bypass both Kaspersky security and Windows 10 security? 
 
Obviously everyone, please be extra careful if you receive any emails from Facebook, if it looks strange such as one of your friends wants to accept your friend request even though you're already friends, don't click on the email. I think they are working as a group to catch people out, they are using the same email name as Facebook, so please be doubly careful. I've think they're also doing Instagrammers on email aswell. This email didn't even go into my relative's junk/spam folder. 
 
Any feedback is appreciated. Understandably it does shake you, hence why I'm very worried on behalf of my relative at the moment. 
Link to comment
Share on other sites

if your anti-virus/firewall picked up nothing, it's probably correct. I'd make sure to back up all your files/documents on to an external hard-drive just incase. 

 

I don't think you'd need to get rid of your computer. If anything get rid of any important files (after backing them up of course). Change passwords where possible as well. 

 

You could always try another anti-virus programme (McAfee, AVG, Norton etc). There's also a programme called 'CCleaner/Crap Cleaner' (genuine name!). That's been handy for me. 

 

Might be worth checking to choose what emails you receive from Facebook. That way you know if any future e-mails from Facebook aren't what you choose, you or your relatives know what not to click on. 

 

If you use Chrome, I think it comes with an in-built setting where you can hover over a link and in the bottom left/bottom right of the screen it'll show you what the URL is of the link you are hovering over. 

Link to comment
Share on other sites

1 minute ago, DB11 said:

Why would they have access to your email account? Just change the password and move on. 

 

It's only a phishing scam

he does come across very paranoid reading it back again lol 

Link to comment
Share on other sites

To add to what others have said.

 

You've got Kaspersky, if that's picking nothing up it unlikely that you've got anything nasty.  Phishing is usually about "capturing" your accounts and passwords.  Hackers know that we are fundamentally lazy.  If you facebook account has the email address of [email protected] and a password of password, then for a lot of folk so will their amazon account, tesco, argos etc etc etc etc.

 

Change your passwords.

Back up your files (pictures, music, documents) - use one of the many free cloud storage sites (try mega.nz)

Always hover over "click here" buttons, look at email addresses.  Look for the full email address, the [email protected] not the "handy" decriptive name.

Link to comment
Share on other sites

What happened when you clicked on the email?

 

Kaspersky and other AV companies are always updating their databases.  It is a game of cat and mouse - hackers try and get around it and once the anti-virus companies pick it up, they shut it down.  If your Kaspersky was up to date, you should be OK. 

 

I recommend changing passwords to be on the safe side.

 

Theoretically, it is possible to get around AV, claim admin rights and start doing all sorts BUT that takes time so tends to reserved for targetted attacks.  It is much more likely that you were one of 10million people to receive the email so the hacker could get some small benefit from a 0.5% of users who don't run anti-virus, leave themselves vulnerable, click on the link and continue filling in forms etc.

Link to comment
Share on other sites

Guest CityFan 06

Thanks for the responses so far, very helpful.

 

I've tried to think of all the accounts associated with this email account. Ultimately we don't know if we're too late as to whether this hacker has got into information. 

 

Leading into @nnfox's question, when my relative clicked on the email nothing happened straight away. A few hours later logging back in to get rid of emails etc, Kaspersky flagged it up saying something like "cannot verify this source, or uncertified certificate".  Along the top of the Outlook tab there was then this code which we have never seen before, leading me to think it had been hacked into. One thing I would say, in the email it wanted us to click on a further link to Facebook which we did not do, but we did open the email...

Link to comment
Share on other sites

5 minutes ago, CityFan 06 said:

Thanks for the responses so far, very helpful.

 

I've tried to think of all the accounts associated with this email account. Unfortunately, there are a couple of other accounts on websites which have used very similar or the same login details as the email address.

 

With PayPal, I don't know if I was too late but I did change the password on that. With the NOW TV account, I believe could have the same email and password as the email account. But I'm not sure if I can change the password without it wanting me to send a link to the email address that has been hacked. Also changed my relative's Twitter and Facebook accounts. It's so hard because it's trying to remember all the accounts linked with this email address which could have the same password as the email account. Ultimately we don't know if we're too late as to whether this hacker has got into information. 

 

Leading into @nnfox's question, when my relative clicked on the email nothing happened straight away. A few hours later logging back in to get rid of emails etc, Kaspersky flagged it up saying something like "cannot verify this source, or uncertified certificate".  Along the top of the Outlook tab there was then this code which we have never seen before, leading me to think it had been hacked into. One thing I would say, in the email it wanted us to click on a further link to Facebook which we did not do, but we did open the email...

I wouldn't worry too much. As said above, a lot of the time it's chancers relying on law of averages that they're bound to get someone vulnerable without any anti-virus or protection. 

 

Opening e-mails also doesn't activate anything. It's the clicking on the link which does the harm. 

Link to comment
Share on other sites

Guest CityFan 06
3 minutes ago, StanSP said:

I wouldn't worry too much. As said above, a lot of the time it's chancers relying on law of averages that they're bound to get someone vulnerable without any anti-virus or protection. 

 

Opening e-mails also doesn't activate anything. It's the clicking on the link which does the harm. 

Right, so we may just of gotten away with it then. We did only open up email, no further than that.

 

Link to comment
Share on other sites

5 hours ago, StanSP said:

I wouldn't worry too much. As said above, a lot of the time it's chancers relying on law of averages that they're bound to get someone vulnerable without any anti-virus or protection. 

 

Opening e-mails also doesn't activate anything. It's the clicking on the link which does the harm. 

Or downloading attachments 

Link to comment
Share on other sites

9 hours ago, CityFan 06 said:

Right, so we may just of gotten away with it then. We did only open up email, no further than that.

 

Nothing to worry about in that case. The links are the only deadly source in the email so you'll be fine. 

 

Would do no harm to back your files up to an external hard drive just in case though. 

Link to comment
Share on other sites

The point of phishing email is to gather data, if you've clicked on the email and input any details then you need to be careful make sure that you change your password for Facebook and anything else where you use the same password. Likewise if you have input any answers to security questions.

 

Phishing isn't hacking and won't damage your computer.

Link to comment
Share on other sites

Guest CityFan 06

To be sure, would this hacker of been able to obtain login details for the actual email account by us opening the phising email?

 

You see, login details for the email account were very similiar and maybe the same as some other website logins. Of course, now I've changed a large bulk of those email and password logins on sites. 

Link to comment
Share on other sites

2 minutes ago, CityFan 06 said:

To be sure, would this hacker of been able to obtain login details for the actual email account by us opening the phising email?

 

You see, login details for the email account were very similiar and maybe the same as some other website logins. Of course, now I've changed a large bulk of those email and password logins on sites. 

Nope. 

Link to comment
Share on other sites

Guest CityFan 06
12 minutes ago, StanSP said:

Nope. 

I mean, when we went onto the email account again after logging out for a bit; Kaspersky did flag up and say about the script/certificate which was running. At the top of the tab, there was also a code which looked unfamiliar. Hence why this became very worrying, and still is to a degree.

Link to comment
Share on other sites

13 minutes ago, CityFan 06 said:

I mean, when we went onto the email account again after logging out for a bit; Kaspersky did flag up and say about the script/certificate which was running. At the top of the tab, there was also a code which looked unfamiliar. Hence why this became very worrying, and still is to a degree.

have faith that Kaspersky is protecting you and flagging up the right things before you go any further. best thing you can do (if you think your login details have been compromised or stolen), change your password.

 

You'll be fine - look at all the comments on here. I think you're worrying more than you need to. 

Link to comment
Share on other sites

2 hours ago, CityFan 06 said:

I mean, when we went onto the email account again after logging out for a bit; Kaspersky did flag up and say about the script/certificate which was running. At the top of the tab, there was also a code which looked unfamiliar. Hence why this became very worrying, and still is to a degree.

 

Don't worry mate. They cannot get anything from you simply opening the email.

 

Kaspersky has some of the best tracking of malicious software and viruses on the market. I would have faith in this.

 

If you want your own piece of mind, then it would be wise to change your password. But an email such as this cannot do any harm unless you click the link where it'll put software onto your computer.

Link to comment
Share on other sites

I should add:

My first thought wouldn't be viruses etc - it would be information gathering.

Your relative really needs to come be honest about whether the link took them to somewhere where they were asked to give personal info - often these sorts of things will be an attempt to get somebody to give passwords or enough personal info that other things can be accessed. I know a fraud investigator whose wife fell for an email scam and they had £16k taken from an account because she gave personal information. It's fair to say we ripped the piss out of him over that. 

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...