Tuesday, September 29, 2009

Gmail Hacked!

This morning I got an email from a church administrator forum I monitor. The email said it was from a church administrator that is traveling in England who got robbed at gun point and needs some money to satisfy his hotel bill and get home.

It was SPAM.

An email just came from the church administrator saying his Gmail account had been hacked by someone in Nigeria and the phishing SPAM was sent to everyone in his contact list.

I did a little research and found there are many articles and tools available to help people hack into Gmail accounts. My guess is that the same exist for Yahoo, AOL, and others. A word to the wise: be cautious about using online or hosted email systems! Check their website to see what you can do to protect your account with high-quality passwords and security.


bamed said...

Also be careful if you're checking your email in a public area. It's VERY easy to watch your network traffic and get into your Gmail, etc. even without your password with man-in-the-middle attacks, or by simply replaying cookies which can be gathered by simply watching traffic on the same network.

Nick Nicholaou said...

I agree! Since I'm on a Mac (they are *especially* vulnerable), I don't connect to public WiFi networks. Instead, I carry a VerizonWireless MiFi card.

jason.moseley said...

There is an option in Gmail to use a secure connection when using it. Go to Settings and make sure "Always Use https" is checked under "Browser Connection" on the General tab. This will solve the traffic-sniffing problem.

My biggest tip is to use a secure password. People tend to use something very simple for their email account. My password uses upper and lower-case, numbers, and a special character, and it's 9 characters long.