Hacked emails.

[Sportsman]

I have reason to believe that someone has hacked my emails.

Do you techy guys know of any way that I could find out who has dome it?

[Steve Walker]

Not easy. You would probably need access to your isp's logs, and even then would end up not being able to pin it down to anything closer than the perpetrator's ISP.

 

What makes you think you've been hacked?

[Sportsman]

Someone being privy to information that he just couldn't know any other way.

The person in question could never have done it but I think that he knows someone who could. The problem is that I don't know who the someone is.

Anyone got any suggestions on how to make emails more secure? From a business point of view changing addresses is not an option at the moment.

[Andy_1984]

if its a gmail account your in luck as there is an access logs feature on their webmail client. other than that the provider would need to provide access logs which im sure they would be more than happy enough to oblige if there is a security concern.

[Sportsman]

Cheers Andy, I will check with my ISP tomorrow.

After reading up on it it seems possible that we may have a covert key stroke recorder on this computer.

Does anyone know if there is a program that can find and delete such things?

Thanks again

[kirisute]

 

nothing that will scan and find them.because they are technically not a virus or malware etc..you just need to check the startup files and see whats listed in there when your pc starts.

run CCleaner:

goto tools>startup

under windows TAB look down the list and track back any EXE files you don't recognise as linked to drivers,printers,skype or whatever.

same with the internet explorer and the scheduled tasks tabs.

if your unsure then post a screenie up or PM me screenies and ill take a look for you...

if your really stuck then PM me and ill talk you through registering logmein on your pc and then ill remote access it and take a proper look for you.

let me know what ever you fancy...ill help all I can.

Edited July 17, 2013 by kirisute

[Steve Walker]

If someone has knowledge of an email they should not have, I can think of quite a few possibilities;

 

* they've guessed your password and logged in to your webmail (or the recipient's)

* they've compromised your PC (or the recipient's)

* someone has been less than careful disposing of an old PC with emails on it

* someone has printed the email out and the snooper has been through their bins

* someone has blabbed

 

Theoretically, writing something in an email is about as private as writing it on the back of a postcard, though in practice the chances of your snooper being in the position to read it are slim.

[Sportsman]

According to ISP no obvious problems

No way they would have guessed the password

No old PCs

Has knowledge of many emails

No connection for someone blabbing. Other end of the country.

I will have to go round and torture him (that would actually be quite satisfying)

[kirisute]

OK;

so your back to discovering how they got compromised and then resolving it from your end:

 

change your password obviously

use an email client that is set to remove emails from the server when they are downloaded; incredimail; outlook;windows mail etc can all do this by doing this you eliminate the chance for this person to be logging on as you to the webmail side of things and browsing your emails without you knowing; especially if you run IMAP instead of POP3...its one of the primary reasons I hate imap!! its also 80% of the way most email systems are compromised; people very rarely access their webmail settings if they use a desktop client.

check for a keylogger

check for email forwarding from the webmail client of your ISP; if the person knows your password then they can access your webmail settings and forward whatever emails they wish without you ever knowing if you personally never access your webmail settings.

final straw having set all this would be to remove email client from pc system and use an iOS or tablet device instead; yes you might lose a little functionality but a tablet; especially an iPAD has never been known to be compromised with a keylogger or hacking unless it is jailbroken.

same with an android device; the only way a keylogger or hacking software will get on there is if you install it by being stupid.

 

get me screenies of your pc systems startup files and ill tell you if there is anything suspicious looking within minutes!

Edited July 17, 2013 by kirisute

[Sportsman]

Hi Kiri

Thanks for all of the advice.

we have changed passwords etc

We have outlook as our email server and run pop3 (whatever all of that means)

I will see if I can manage the screenshots but will probably need help

Thanks again