Warning to Online Email Account Users - Gmail, Yahoo, Hotmail, etc

40 replies
I just found out that I was paying for a $125 a month VPS hosting account for some crook who hacked my Yahoo email account. Now I'm scrambling to see what other personal information they may have gotten from my email account.

These free email accounts hosted online are not safe at all. Your password means nothing - any information you have in your online email account is readily available to anyone with an Internet connection and some basic hacking skills.

Keep all your private information, tax returns, financial documents, etc off of these online email services.
#account #email #gmail #msn #online #users #warning #yahoo
  • Definitely not fun, sorry to hear about your story, but where else is it safer? Do you think some $9 per month shared hosting is more bulletproof than yahoo or gmail? Really check out your pc, someone might have sneaked a keylogger in there and retrieved your stuff that way. How can you be sure it was your yahoo email acc that got hacked?
    Signature
    [ENDORSED BY LMC]
    Stop Building Backlinks The OLD Way, Use >THIS< Instead!


    >Let Me Build HIGH QUALITY Backlinks For You!<
    {{ DiscussionBoard.errors[3343249].message }}
    • Profile picture of the author Ron Douglas
      Originally Posted by BacklinkExcellence View Post

      Definitely not fun, sorry to hear about your story, but where else is it safer? Do you think some $9 per month shared hosting is more bulletproof than yahoo or gmail? Really check out your pc, someone might have sneaked a keylogger in there and retrieved your stuff that way. How can you be sure it was your yahoo email acc that got hacked?
      I noticed it after all my contacts in that account got suspicious emails from me. I'm not having a problem with any other account.

      Having your information online where anyone can get it is a lot less safe than having it on your computer in Outlook. For the really important stuff, save it to an external storage and delete if from your computer.
      {{ DiscussionBoard.errors[3343261].message }}
      • Originally Posted by Ron Douglas View Post

        I noticed it after all my contacts in that account got suspicious emails from me. I'm not having a problem with any other account.

        Having your information online where anyone can get it is a lot less safe than having it on your computer in Outlook. For the really important stuff, save it to an external storage and delete if from your computer.
        With "other account" are you also refering to yahoo accounts or other providers?

        I agree about having sensitive info online isn't smart but even with outlook you have to make use of old protocols like pop3 to really download the stuff. With IMAP it will just keep syndicating what you have online and on your pc.
        Signature
        [ENDORSED BY LMC]
        Stop Building Backlinks The OLD Way, Use >THIS< Instead!


        >Let Me Build HIGH QUALITY Backlinks For You!<
        {{ DiscussionBoard.errors[3343309].message }}
    • Profile picture of the author drmani
      Originally Posted by BacklinkExcellence View Post

      Definitely not fun, sorry to hear about your story, but where else is it safer?
      For critical/private personal information, including banking passwords,
      domain registrar logins, credit card details and such like, go totally
      OFFLINE.


      Write them down in a notebook or sheet of paper - and keep them somewhere
      safe!

      Many long years ago, someone on some public forum somewhere first drove
      this point into my head very firmly.

      "If you don't mind seeing it plastered on the wall of a public toilet,
      then put it on the Web!"


      Great advice, even today!

      All success
      Dr.Mani
      {{ DiscussionBoard.errors[3344311].message }}
    • Profile picture of the author wanna-succeed
      Originally Posted by BacklinkExcellence View Post

      Definitely not fun, sorry to hear about your story, but where else is it safer? Do you think some $9 per month shared hosting is more bulletproof than yahoo or gmail? Really check out your pc, someone might have sneaked a keylogger in there and retrieved your stuff that way. How can you be sure it was your yahoo email acc that got hacked?
      I had one of those once, what a shi**y experience, pardon the french.
      Get a keyword scrambler or something, you can never go light when it comes to PC&Internet security.
      Better to be safe than sorry.
      Signature

      No sig, good day m8...

      {{ DiscussionBoard.errors[3344908].message }}
  • Profile picture of the author mojojuju
    Originally Posted by Ron Douglas View Post

    Your password means nothing - any information you have in your online email account is readily available to anyone with an Internet connection and some basic hacking skills.
    How so? Do you have any more details as to how your account was compromised?

    You also better make sure that dude didn't get any other sensitive information as a result of getting into your email.
    Signature

    :)

    {{ DiscussionBoard.errors[3343256].message }}
  • Profile picture of the author Lethologica
    Chances are, there was some sort of vulnerability on your system that this person was able to exploit. It's not Yahoo or MSNs fault.
    Signature

    {{ DiscussionBoard.errors[3343290].message }}
  • Profile picture of the author Daniel Fonda
    [DELETED]
    {{ DiscussionBoard.errors[3343403].message }}
    • {{ DiscussionBoard.errors[3343423].message }}
    • Profile picture of the author Tina Golden
      Originally Posted by Daniel Fonda View Post

      Have yet to experience such problems with gmail
      I have. My gmail account that was attached to my PayPal was hacked and then they hacked my PayPal. Cleaned me out of over $500. I did get that back, thankfully.

      I don't know about the other emails but Gmail does have a secure setting that you should have on. I haven't had any issues since I made sure that all my accounts were using https. Not sure that's as good as offline but it does help.

      The online email accounts can be hacked and frequently are, so those who are trying to say it must have been on Ron's computer are wrong.

      Tina
      Signature
      Discover how to have fabulous, engaging content with
      Fast & Easy Content Creation
      ***Especially if you don't have enough time, money, or just plain HATE writing***
      {{ DiscussionBoard.errors[3344940].message }}
  • Profile picture of the author Michael Mayo
    Ron, as an X-Navy Crypto Tech CTM I can tell you that you are 110% correct about
    storing personal info online. All I will say is that if someone does it then they should try
    to at least limit the damage that could be caused.

    Thanks for the reminder
    Have a Great Day,
    Michael
    {{ DiscussionBoard.errors[3343431].message }}
  • Profile picture of the author Alan Petersen
    That's a good heads up Ron. Yahoo doesn't lock it down as good as gmail. If you're checking Yahoo email in a public WIFI like at a Starbucks it's like putting out a welcome mat.

    I have a yahoo email account that I use as a dumping ground email address that I don't check often. But if you look at your Yahoo account it's not even encrypted the URL is just http vs. Gmail which is https.

    That right there is a a big red flag. I'm sure Gmail is also vulnerable but at least they encrypt your account by default.



    Signature
    {{ DiscussionBoard.errors[3343451].message }}
  • Profile picture of the author daj
    Often the "security questions" people use on free email accounts aren't secure enough. A hacker, ex, friend, or family member of yours can click "forgot password" or "I can't access my account" on yahoo, type in your email/username, and your security questions will appear (sometimes after they give a correct birth date, zipcode, etc..) to let someone hack into your email. Try it for yourself on your own email and see how easy it actually is for anyone with the information to get into your email and change your password.

    If your security questions are something like "What's the name of my dog?", "What's your favorite book?", "Where were you born?", etc.. you need to make the answers to these questions not so obvious, so nobody but you knows what they are.
    {{ DiscussionBoard.errors[3343532].message }}
    • Profile picture of the author mojojuju
      Also, don't reuse passwords.

      A lot of people use the same password for everything they do online.

      Knowing this, some evil person could create a cool service (maybe a free keyword tool) that lots of people would want to sign up for.

      In exchange for the free service, a password and email address could be required.

      Now, knowing that many people use the same password for everything, the evil webmaster could assume that in his database of members' information there would be some working email address & password combinations (because people reuse passwords). Then, all that is needed is a script that will automatically check every email & password in the members database against the popular email providers (yahoo, gmail, hotmail) to see if there are any correct matches.

      Once it's known who's reusing passwords like that, why stop at email? Start trying to log into people's paypal and bank accounts this way, transfer some funds around.
      Signature

      :)

      {{ DiscussionBoard.errors[3343630].message }}
      • Profile picture of the author Vogin
        Originally Posted by mojojuju View Post

        Also, don't reuse passwords.

        A lot of people use the same password for everything they do online.

        Knowing this, some evil person could create a cool service (maybe a free keyword tool) that lots of people would want to sign up for.

        In exchange for the free service, a password and email address could be required.

        Now, knowing that many people use the same password for everything, the evil webmaster could assume that in his database of members' information there would be some working email address & password combinations (because people reuse passwords). Then, all that is needed is a script that will automatically check every email & password in the members database against the popular email providers (yahoo, gmail, hotmail) to see if there are any correct matches.

        Once it's known who's reusing passwords like that, why stop at email? Start trying to log into people's paypal and bank accounts this way, transfer some funds around.
        I use different password for my email with which I'm signing up for stuff, than a different one for a lot of stuff and yet several more for important stuff.

        All of them are very long, don't make sense for anyone except me and I write my own security questions in my own language, again with an answer nobody but me can figure out.

        Still, I can get hacked and I know it. The truth is my profile is very low, so the question is - why would someone want to hack me at all?
        Signature

        ppcsluzby.cz/en - PPC agency


        {{ DiscussionBoard.errors[3345822].message }}
        • Profile picture of the author A P Geofrey
          Originally Posted by Vogin View Post

          I use different password for my email with which I'm signing up for stuff, than a different one for a lot of stuff and yet several more for important stuff.

          All of them are very long, don't make sense for anyone except me and I write my own security questions in my own language, again with an answer nobody but me can figure out.

          Still, I can get hacked and I know it. The truth is my profile is very low, so the question is - why would someone want to hack me at all?
          Because he is a hacker that's all. I think you are asking the wrong question. What you should be asking is why are there hackers at all?
          Signature

          Check Out Our SEO And Social Media Services with Prices Starting at $1
          Read Tips To Making Money Online

          {{ DiscussionBoard.errors[3345875].message }}
      • Profile picture of the author Paul Myers
        Also, don't reuse passwords.

        A lot of people use the same password for everything they do online.
        I've posted this before. It's from one of my favorite webcomics, at xkcd.com...


        Note: Randall Munroe, the creator of the comic, specifically allows this sort of hotlinking. Yes, I checked.


        Paul
        Signature
        .
        Stop by Paul's Pub - my little hangout on Facebook.

        {{ DiscussionBoard.errors[3346040].message }}
    • Profile picture of the author mojojuju
      Originally Posted by daj View Post

      If your security questions are something like "What's the name of my dog?", "What's your favorite book?", "Where were you born?", etc.. you need to make the answers to these questions not so obvious, so nobody but you knows what they are.
      When I was a child, I had the foresight to give my first pet a very unusual name.
      Signature

      :)

      {{ DiscussionBoard.errors[3343744].message }}
      • Profile picture of the author HD
        Wake up people. Yahoo is perfectly safe. I have not had one person touch any of my 10,439 unopened spam emails.
        Signature

        Have A Nice Day and a Prosperous New Year!!!

        {{ DiscussionBoard.errors[3343771].message }}
      • Profile picture of the author E. Brian Rose
        Originally Posted by mojojuju View Post

        When I was a child, I had the foresight to give my first pet a very unusual name.
        My first pet had an unusual name too. I didn't realize that I was channeling my future self until just now. My street name in the third grade was just as unusual.
        Signature

        Founder of JVZoo. All around good guy :)

        {{ DiscussionBoard.errors[3344911].message }}
  • Profile picture of the author Michael Forey
    If your using Gmail you should make sure that the browser connection is set to always use https in the setting and use the url https://mail.google.com/

    Mike
    {{ DiscussionBoard.errors[3344014].message }}
  • Profile picture of the author Sarah Harvey
    I never had any problems with Yahoo or hotmail personally. I have had my account for 10 years with Yahoo and although I must say I do not keep any sensitive information in it. It wouldn't bother me if someone hacked it as it contains mostly spam and stuff. So no point worrying about it.

    All my personal stuff like passwords, account info etc. I keep at home. Not on any computer. I even have a backup of my stuff hidden in case the original goes missing. I am well prepared.
    Signature
    "Find the problem and provide the solution."
    {{ DiscussionBoard.errors[3344037].message }}
  • Profile picture of the author yves
    Yeah, I just had this happen to me today (not the paying $125 per month part), the hacking part. A few of my friends told me they received spam emails from my main email account I use for most things. I went into my account and could actually SEE the sent items from the hacker!

    I have changed all my details, alternative email etc and created a ridiculously strong password but have no doubt that it could be hacked into again. I will never use a free email account for sensitive stuff again.

    Yves
    {{ DiscussionBoard.errors[3344187].message }}
  • Profile picture of the author entry
    Originally Posted by Ron Douglas View Post

    I just found out that I was paying for a $125 a month VPS hosting account for some crook who hacked my Yahoo email account. Now I'm scrambling to see what other personal information they may have gotten from my email account.

    These free email accounts hosted online are not safe at all. Your password means nothing - any information you have in your online email account is readily available to anyone with an Internet connection and some basic hacking skills.

    Keep all your private information, tax returns, financial documents, etc off of these online email services.
    im sorri, i didn't quite get you,

    i didnt get it, what did you pay $125 for? for the Paid version of yahoo mail?

    and who hacked your email?
    Signature
    I Have to say a Massive...THANK YOU to every Warrior who has helped me, and thanks to every warrior who helps me in the future...
    {{ DiscussionBoard.errors[3344327].message }}
    • Profile picture of the author davezan
      Or if you want to exercise your brain cells every other day, try memorizing the
      password/s. I do, even if they're a mix of letters, numbers and what-not, heh.

      But yeah, however convenient, I try not to store sensitive information online.
      Signature

      David

      {{ DiscussionBoard.errors[3344357].message }}
  • Profile picture of the author Canadian 51
    Originally Posted by Ron Douglas View Post

    I just found out that I was paying for a $125 a month VPS hosting account for some crook who hacked my Yahoo email account. Now I'm scrambling to see what other personal information they may have gotten from my email account.

    These free email accounts hosted online are not safe at all. Your password means nothing - any information you have in your online email account is readily available to anyone with an Internet connection and some basic hacking skills.

    Keep all your private information, tax returns, financial documents, etc off of these online email services.
    Sorry Ron, but I really don't understand what happened.

    Do you mean that you kept your PayPal log-in information within your Yahoo mail accout? Why would you do that? You may have had some good reason that would be nice to explain.

    From my personal experience, I have always considered a free account to be worth exactly the amount you paid for it - $0 with 0 rating for reliability. They can close such account for any reason, or for no reason at all.
    {{ DiscussionBoard.errors[3344879].message }}
  • Profile picture of the author matchoo77
    Same thing happened to me and a friend as well, Ron. Yahoo just blows. Someone needs to buy them out and right the ship.
    Signature

    Join Microcapmillionaires Affiliate Program (new tools!):http://members.microcapmillionaires....273-affiliates

    Attention Stock Investing/Trading, Forex & Binary Options Marketers: PM me or send email to microcapmillionaires [at] gmail if you'd like to join my new Mastermind Group, where you can rub elbows with million dollar marketers and grow your business quickly!

    {{ DiscussionBoard.errors[3344901].message }}
  • Profile picture of the author robert_aus
    I have had someone get into hotmail in the past but so far have been ok with gmail. But always good to be careful with online stuff. The problem is quite often that the really big companies like banks and credit card providers have security failures and millions of people have their info getting out into the open.
    Signature

    Go to my site http://yestotravelsavings.com and see how you can save thousands on your vacation accommodation.

    {{ DiscussionBoard.errors[3344989].message }}
  • Profile picture of the author Rod Cortez
    So Ron, what you're telling me is that I need to move all those compromising pictures of myself outta my yahoo and gmail accounts? Man, this is going to take all month......

    RoD
    Signature
    "Your personal philosophy is the greatest determining factor in how your life works out."
    - Jim Rohn
    {{ DiscussionBoard.errors[3344997].message }}
    • Profile picture of the author Ron Douglas
      Originally Posted by Rod Cortez View Post

      So Ron, what you're telling me is that I need to move all those compromising pictures of myself outta my yahoo and gmail accounts?

      RoD
      Yes. LOL

      Sorry Ron, but I really don't understand what happened.

      Do you mean that you kept your PayPal log-in information within your Yahoo mail accout? Why would you do that? You may have had some good reason that would be nice to explain.
      The hacker was able to get information from my email account needed to open up a new hosting account with my web host. I was billed for several months of hosting but the charges were later reversed. Nothing happen with PayPal.

      Honestly I'm not sure why I started this thread. Maybe I initially thought it would help someone.
      {{ DiscussionBoard.errors[3345150].message }}
  • Profile picture of the author CircularLogic
    I've had one of my Gmail accounts hacked. This was likely from having participated in a forum using that email address and password combo. I discovered it when my own account sent one of my other accounts (which was in the address book) some spam mail. One of the big things needed to protect your email is to never use the same password for your email as you use for everything else (like forums, online applications, etc), since your email is the major identity point in your online interactions.
    Signature
    {{ DiscussionBoard.errors[3345400].message }}
  • Profile picture of the author Regional Warrior
    If anyone is wondering how this happens to gmail check out the video I did on how hackers get access to your gmail account

    The video was done for our website

    PLEASE DO NOT GO TO THE WEBSITE , IT WAS TAKEN DOWN seems we peed off some hackers as they could not crack the software so they hit the site


    {{ DiscussionBoard.errors[3345703].message }}
  • Profile picture of the author A P Geofrey
    Well not only you are right but that does not apply only to emails. Everything you do online has a very great risk of being hacked at any time. Somebody just needs to decide to and work on it and believe me even your paypal account will be a joke.
    Signature

    Check Out Our SEO And Social Media Services with Prices Starting at $1
    Read Tips To Making Money Online

    {{ DiscussionBoard.errors[3345743].message }}
  • Profile picture of the author ZXT
    I thought not storing sensitive information online (email or what not) is a given already.
    Signature
    {{ DiscussionBoard.errors[3345890].message }}
  • Profile picture of the author John Taylor
    There was a time when people were thanked
    for providing helpful advice around here. Not
    called into quetion and criticised.

    Ron's advice is there for the taking... don't
    like it... don't use it.

    John
    Signature
    John's Internet Marketing News, Views & Reviews: John Taylor Online
    {{ DiscussionBoard.errors[3345949].message }}
  • Profile picture of the author Mike Nikolz
    Originally Posted by Ron Douglas View Post

    I just found out that I was paying for a $125 a month VPS hosting account for some crook
    Sorry, don't get it - how's that? Did he also hack your paypal account or cc data?
    Signature

    .

    {{ DiscussionBoard.errors[3345998].message }}
  • Profile picture of the author thebitbotdotcom
    A couple of times I logged on to my YAHOO mail account and I found myself staring at someone else's account. Not sure how THAT happened, but I logged out immediately.
    Signature
    Do Your Copywriting Skills Suck?

    Let Us Help You Develop Your Writing Skills!

    Submit Guest Posts With [ TheBitBot.Com ]
    {{ DiscussionBoard.errors[3346105].message }}
    • Profile picture of the author mrmanpower
      I sometimes put stuff online with zero labels. and no passwords. just accounts etc. and another thing on top of ron's warning. Please clean out your paypal account -- Unless you need for a WSO Screenshot. LOL

      All the best,

      Frank
      Signature

      {{ DiscussionBoard.errors[3346401].message }}
  • Profile picture of the author scorpio9
    Sorry to hear about your problems, but anyone who put personal information online is asking for trouble, the internet is not safe, read the headlines - even the best of them get hacked sooner or later. Any information that you consider "valuable" should be guarded and not left in a place where someone else can get at it. If someone is determined to get information they probably will given time and the right software, always be cautious about giving all pieces of your personal data, unless it is for legal reasons.

    I probably have 300+ passwords but I only have to remember, at most 6 or 7, of them, most of them are 10-15 random characters so no two are ever the same.
    The most inportant ones I make sure I change every month,
    I never give 100% identifiable information to the same data processor.
    It cannot be stressed enough Always, Always, Always BE CAUTIOUS about the information you disclose about yourself

    regards
    Lee
    Signature
    BeaconSites - Websites Designed For Lead Generation & Conversions
    {{ DiscussionBoard.errors[3352647].message }}
  • Profile picture of the author bulkmedia
    Banned
    [DELETED]
    {{ DiscussionBoard.errors[9835671].message }}

Trending Topics