|
Korean Job Discussion Forums
"The Internet's Meeting Place for ESL/EFL Teachers from Around the World!"
|
| View previous topic :: View next topic |
| Author |
Message |
Peeping Tom
Joined: 15 Feb 2006
|
 Posted: Sat Feb 18, 2006 3:45 am Post subject: Hackers - How do I find out who they are? |
 |
|
| Someone stole my e-mail account a few months ago, and now I see that someone is trying to get access to my account on another website. In other words, when I try to log in I get a "Account temporarily disabled due to excessive failed login attempts" message. I have never given my password to anyone, nor should anyone have reason to know it. Since this never happened to me before, and now it's the second time within a few months, I think it might be the same person. Any advice on how I can find out who? Or at least general location of the person? |
|
| Back to top |
|
 |
JAWINSEOUL
Joined: 19 Nov 2005
|
| Posted: Sat Feb 18, 2006 6:30 am Post subject: |
|
|
The company that you hold your account with will be able to find out the IP address of the computer the hacker used.
Although I assume this will have to be done through the police and I doubt they will care enough to even look into it.
Any respectable hacker of course may be able to stop them, by rerouting their work.
The only option you may have is to email them when they gain access. They are probably running a program to find out your code and will gain entry eventually.
BEST OPTION CALL THE PROVIDER AND HAVE THEM DISABLE YOUR ACCOUNT OR TAKE IT OFFLINE SO YOU CAN RETRIEVE YOUR EMAILS.
Keep me posted ��good luck |
|
| Back to top |
|
|
splok
Joined: 30 Jan 2006
|
| Posted: Sat Feb 18, 2006 10:09 am Post subject: |
|
|
So long as your password is a good one, I wouldn't worry too much about the failed logins, but it should provide a good reason to make sure that all of the passwords you use are highly secure. The fact that you've had an email account comprimised recently would definately be a cause for alarm though.
There are two likely possibilities imo. Someone you know is doing it and was able to guess your password because you used something for a password that you shouldn't have. People often use names of family or friends, birthdates, liscense plate numbers, ss numbers, etc. etc. etc. for passwords, and then they wonder how someone was able to "hack" their account. If that's not the case, you probably have a keylogger installed on your system. It could have gotten there through something you downloaded or through a vulnerability in some software that you're using.
In either case, to be on the safe side, you should assume that your computer and every account that you've logged into since the first problem are potentially comprimised. I would go to a different computer and change the passwords to everything you do online, and don't just change the pw by one letter or whatever. Make it entirely different and at least a random combination of letters and numbers. Then contact the email provider and let them know that your account has been compramised. There should be a link for that sort of thing somewhere on the site. Check the help or faq if it isn't readily apparant. Depending on what information you provided when you registered the account, they may be able to reset your password, allowing you to regain control of your account. Do the same thing for the account that you're concerned over now.
Then go back to your computer, make sure all the software you're using is current on updates, especially windows, and run some good virus protection software and spyware software. Here are three links for free ones. I would run all three of these at the very least.
http://www.download.com/AVG-Anti-Virus-Free-Edition/3000-2239_4-10503939.html?tag=lst-0-2
http://www.download.com/Spybot-Search-Destroy/3000-8022_4-10401314.html?tag=lst-0-1
http://www.download.com/Ad-Aware-SE-Personal-Edition/3000-8022_4-10399602.html?tag=lst-0-1
The only realistic way you're going to be able to find out who is doing this is through some social engineering. If the person is actively using your old email account, you could contact them and see what happens. Your email provider won't give you the person's ip address though. Now, if the person gets access to your account on a privately run website, you might be able to get the admin to give you all of the ip's that your account has logged in from as well as what other usernames have been logged in from those ip's. You didn't mention what kind of site it was, but if it is any kind of forum, this information will be easily available to the admin and possibly the mods. |
|
| Back to top |
|
|
Hollywoodaction
Joined: 02 Jul 2004
|
| Posted: Sun Feb 19, 2006 4:51 am Post subject: Re: Hackers - How do I find out who they are? |
|
|
| Peeping Tom wrote: |
| Someone stole my e-mail account a few months ago, and now I see that someone is trying to get access to my account on another website. In other words, when I try to log in I get a "Account temporarily disabled due to excessive failed login attempts" message. I have never given my password to anyone, nor should anyone have reason to know it. Since this never happened to me before, and now it's the second time within a few months, I think it might be the same person. Any advice on how I can find out who? Or at least general location of the person? |
Been to the PC-bang lately? |
|
| Back to top |
|
|
chiaa
Joined: 23 Aug 2003
|
| Posted: Sun Feb 19, 2006 5:03 am Post subject: |
|
|
| Check with the girlfriend or wife.... |
|
| Back to top |
|
|
dbee
Joined: 29 Dec 2004
Location: korea
|
| Posted: Sun Feb 19, 2006 10:21 pm Post subject: |
|
|
...
Last edited by dbee on Mon Feb 20, 2006 4:04 am; edited 1 time in total |
|
| Back to top |
|
|
dbee
Joined: 29 Dec 2004
Location: korea
|
| Posted: Mon Feb 20, 2006 4:03 am Post subject: |
|
|
| Quote: |
There are two likely possibilities imo. Someone you know is doing it and was able to guess your password because you used something for a password that you shouldn't have.
|
... the OP said that he's getting a failed login attempt error. If someone knew his password, then why would they fail the login ? Brute forcing the password probably isn't realistic, because of the 3 attempt lock out thing.
| Quote: |
f that's not the case, you probably have a keylogger installed on your system
|
... again, same point. If someone had the password off a keylogger, then they'd have no trouble accessing the account now would they ?
| Quote: |
The company that you hold your account with will be able to find out the IP address of the computer the hacker used.
|
... he's probably running his script through a proxy. And even if he isn't - there's nothing you could do to him anyway.
| Quote: |
Although I assume this will have to be done through the police and I doubt they will care enough to even look into it.
|
... you assume correct, the police don't care. In the states you need to be able to prove at least $3000 in damage was done, before they'll even bother to look. If it's in Korea, you could just dob him in to one of those citizen crimeline things - and tell them that the guy sells drugs to school kids ... (that's just a joke by the way) but the koreans tend to track down people on email boards fairly lively.
| Quote: |
Any respectable hacker of course may be able to stop them, by rerouting their work.
|
... I think you've been watching 'sneakers' too many times.
| Quote: |
The only option you may have is to email them when they gain access. They are probably running a program to find out your code and will gain entry eventually.
|
... he doesn't have 'code' - he's not a developer I presume.
| Quote: |
BEST OPTION CALL THE PROVIDER AND HAVE THEM DISABLE YOUR ACCOUNT OR TAKE IT OFFLINE SO YOU CAN RETRIEVE YOUR EMAILS.
|
... how's he going to retrieve his mail after they take it offline.
I wouldn't bother with the reinstall, spyware stuff if I were you OP. It seems like someone is just running a kiddie-script against your address. They'll freeze your account for two weeks or so by attempting a failed login every 15mins. Then at the end of the two weeks when you're account is renewed. They'll take your account name.
As to what you can do ? Not much really. You can contact your email administrator and he might be able to help you. If not then you could run your own script. I could run you one up (for educational purposes) in about 10mins. But all that would do really is lock the account out ad infinitum. Because he'd run his script, you'd run yours - and no-one would be able to log into the account ... ever
If you think that he's actually using the account. And that this isn't some form of digital harrassment, then you sign him up for loads of porno spam etc... Although he/she might actually like that.
You could email harrass him ... send him mails entitled 'You are a cocksucker' sixty times daily.
You could email bomb him ... send him an email with a huge attachment three or four times, till his account space overflows. Thread carefully though.
You could share the email account with him 
If it's not that big a deal, then just sign up for another account. |
|
| Back to top |
|
|
Bulsajo
Joined: 16 Jan 2003
|
| Posted: Mon Feb 20, 2006 10:10 am Post subject: |
|
|
Check out thstats for identity theft (which is what I'm assuming this is a part of) in cnada (as an example, because the Cdn stats are posted; I can't speak for other countries but it would be grerat if somebody had some links):
https://www.recol.ca/trendsandstats.aspx
"You've been watching sneakers too many times."
Running a program to find an email password?
Sure, not impossible, but let's remember this is an email account, not a bank vault, or even an online banking account. But speaking of that, I hope the OP doesn't have any sensitive emails saved (like from your bank, or when a site/business sends you a password by email, etc.) Sensitive emails saved in an online email account like Yahoo or Gmail combined with a not very secure password can really F__k you up these days.
(Remember I'm the moderator who had his password guessed here by some psyochotic who was crazy/bored enough to spend time trying obvious passwords on the Dave's mod log-ins; arrogance and thinking no one is really paying attention to you can get you really f__ked up too). |
|
| Back to top |
|
|
splok
Joined: 30 Jan 2006
|
| Posted: Mon Feb 20, 2006 1:57 pm Post subject: |
|
|
| Quote: |
... the OP said that he's getting a failed login attempt error. If someone knew his password, then why would they fail the login ? Brute forcing the password probably isn't realistic, because of the 3 attempt lock out thing.
... again, same point. If someone had the password off a keylogger, then they'd have no trouble accessing the account now would they ?
|
Failed attempts wouldn't be indicitive of a keylogger, but a comprimise email account would. He did say his email account was successfully hacked, so that was done somehow. If he was using very unsecure passwords (or was just careless with them), anyone that knew him wouldn't have to brute force it. They could make educated guesses (I've seen educated pw guesses work wonders). These things cover almost all of the instances of people that I've know who have claimed to have been "hacked."
| Quote: |
... he's probably running his script through a proxy. And even if he isn't - there's nothing you could do to him anyway. |
If it was another user on the forum or whatever (which could easily be shown by ip comparison... sure, it's easy to get around, but most people don't bother, or don't know to bother), he could be banned. Depending on the community, it might be useful or satisfying to bring his actions to the public, and if it's someone he knows (pretty likely imo), it would definately be useful to know.
Regardless, its better to be safe than sorry, especially if you use ebay, paypal, online banking, or even buying anything online. |
|
| Back to top |
|
|
dbee
Joined: 29 Dec 2004
Location: korea
|
| Posted: Tue Feb 21, 2006 2:00 am Post subject: |
|
|
| Quote: |
Failed attempts wouldn't be indicitive of a keylogger, but a comprimise email account would ... He did say his email account was successfully hacked
|
... when did he say that exactly ?
He never said his email had been hacked. He said that one of them was stolen and the other one is giving a login failure error. That's not the same thing as hacked.
| Quote: |
If he was using very unsecure passwords (or was just careless with them), anyone that knew him wouldn't have to brute force it. They could make educated guesses (I've seen educated pw guesses work wonders). These things cover almost all of the instances of people that I've know who have claimed to have been "hacked."
|
... yes, but like I said beforehand, if someone had guessed his password. Then they wouldn't be having any trouble logging in now would they ?
Having someone guess your email password isn't the same thing as being hacked. It just means that you should be more careful with the passwords that you choose.
| Quote: |
If it was another user on the forum or whatever (which could easily be shown by ip comparison... sure, it's easy to get around, but most people don't bother, or don't know to bother), he could be banned. Depending on the community, it might be useful or satisfying to bring his actions to the public, and if it's someone he knows (pretty likely imo), it would definately be useful to know.
|
... well that's not entirely true. The manner in which phpbb stores IP addresses leaves some room there for collisions. If the area was small enough, the user base large enough, and most users were on the same ISP's ... it'd be possible for two users to use the same IP number as each other in a relatively short space of time. Again - it wouldn't be very likely to happen, but then I guess it depends at what stage you'd need proof 'beyond reasonable doubt' before you banned someone and announced to the 'community' that they were guilty of 'hacking'.
There's also the possilbility that someone could read your IP address from the database and then use it to hack into dave's and deliberately throw up warning signals. And that stage - you could be then banned and the name 'splok' denounced from the pulpit by the grandmaster dave. |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
