Archive for the 'hack' Category

30
Jul
07

Cyber raped – Having your Gmail and Ebay accounts violated and then being locked out

Hey there, [apologies for cross posting]

I thought I’d send out a word of warning to my comrades today after having a very upsetting experience yesterday, whereby I believe someone has hacked in to my gmail and ebay accounts. If anyone can offer any constructive advice, I’d like to hear from you. At the moment, I feel completely violated – properly cyber raped. Who knows what will happen next.

Also on stream here: http://stream.lbigroup.com/index.php?/weblog/comments/cyber_raped_having_your_gmail_and_ebay_accounts_violated_and_then_being_loc/

Here’s what happened:

  1. Was checking my gmail account on Sunday afternoon and saw some emails from ebay saying I was trying to sell a Nikon D40x. I haven’t ever sold anything on ebay so I was very surprised.
  2. I logged into ebay and couldn’t find any action to remove the item from the listing. I’m sure it was there, but because of my panic, I really couldn’t see it, so I just set a ridiculous reserve price. A bit stupid, but what could I do?
  3. When I returned to my gmail account I had an email from ebay suggesting that there was some suspicious activity. ‘good ebay’ I thought. It even had some tips of what to do next to bring back the account, and to change the details of my email account.
  4. So I tried to change my ebay account details but it was too late – I was locked out
  5. I went back to my gmail account and tried to change my details there. Too late again, someone/something had changed my details again.
  6. Panicked. Near tears. Girlfriend in ear saying ‘we’ve got to go to the cinema, we’ll be late’.
  7. Tried to do the forgotten password but my secondary email address (where it will be sent) was from a job I left 3 years ago. Uh oh!
  8. Explored the various other links and info and found out that I can only get my password sent to another email address if I waited 5 days after no email activity. But, would a hacker really not use my account for 5 days after hacking into it? I don’t think so.
  9. I tried to follow various forms, email addresses etc. but no luck, there was no action for my situation and google said that they wouldn’t waive the 5 day wait thing.
  10. So then I tried to go into all my regularly used accounts to change the details, hoping that I didn’t alert my gmail hacker into my new email address and password combination: HSBC (can’t change details – bizarrely remembered the stupid id), John Lewis Partnership Card (can’t remember details), Flickr (easy), Facebook (easy), Ning (easy), linkedin (easy), expedia (easy), Egg (easy) etc. etc.
  11. Now I am trying to pick up the pieces. I will await some contact from Google, I will try to change the details on some other accounts, I will probably have to inform my banks so that they can reset my details and I have to contemplate the repercussions of someone having my gmail and ebay account and me never being able to access either again.

If anyone has any suggestions of what I can do, then please let me know. Otherwise, let this be a lesson to you all:
back up your contacts

  • don’t store login details in your gmail account (I always knew this was a bad idea, but how else was I suppose to remember how to login to my flipping HSBC / John Lewis accounts with their obtuse username password, keys etc.?)
  • be careful where you expose your email address (mine’s on facebook – is that a good idea?)
  • watch out for ebay scams
  • check your secondary email address
  • backup your data (not really relevant here, but hey, you should always do it)
  • try not to use the same username / email address and password combination for all your accounts (I can’t see myself changing this one easily)