A Tale of a Hacked Email Account
Yes, my main email account was hacked.
I don't know for how long it lasted but I'm very thankful that no serious damage was done (to my knowledge at least). I experienced the frustration of changing my passwords from different websites. I do use different passwords in different sites but this particular password is the one I use for my paypal account and other important accounts on the web.
The Story
I was out the whole day last Sunday and upon arriving home I opened my laptop and check my email. I use Thunderbird for my emails and I notice one email about successful resetting of Admin password in one of my wordpress site. This raised a red flag for me because I never initiated any password reset. If this is just a request, I will not bother but this one is a successful reset. I immediately went to the site and as expected, I cannot log in using my password. I ask for a password reset and was able to gain access to the site. Good thing that I assigned a different email address for admin purposes in this particular wordpress site. The perpetrator didn't know that and that is the reason I was able to know that something is not right.
I suspected first that I don't have an updated wordpress so the hacker was able to find a hole to initialize a password reset. But upon checking, my wordpress site is updated to the latest version. I told myself that if not wordpress, then the next culprit is my email account (edmartechguide email). So I checked it and found out that someone was able to use it and that individual was able to access it the whole day that I was out. I use Gmail's built-in tracker:
This experience will definitely change how I view things about user accounts and passwords. I can say that this is a blessing in disguise. I view account security now very seriously unlike before.
I don't know for how long it lasted but I'm very thankful that no serious damage was done (to my knowledge at least). I experienced the frustration of changing my passwords from different websites. I do use different passwords in different sites but this particular password is the one I use for my paypal account and other important accounts on the web.
The Story
I was out the whole day last Sunday and upon arriving home I opened my laptop and check my email. I use Thunderbird for my emails and I notice one email about successful resetting of Admin password in one of my wordpress site. This raised a red flag for me because I never initiated any password reset. If this is just a request, I will not bother but this one is a successful reset. I immediately went to the site and as expected, I cannot log in using my password. I ask for a password reset and was able to gain access to the site. Good thing that I assigned a different email address for admin purposes in this particular wordpress site. The perpetrator didn't know that and that is the reason I was able to know that something is not right.
I suspected first that I don't have an updated wordpress so the hacker was able to find a hole to initialize a password reset. But upon checking, my wordpress site is updated to the latest version. I told myself that if not wordpress, then the next culprit is my email account (edmartechguide email). So I checked it and found out that someone was able to use it and that individual was able to access it the whole day that I was out. I use Gmail's built-in tracker:
By checking the IP address, I found out that the perpetrator was from the Philippines (my home country). He was also checking my other email account (gmail), the same account I use for paypal and other google products. So I immediately head to paypal and check if there are any unauthorized transactions for the last week or so but it came out clean. So I immediately changed my passwords in paypal, my email accounts and other important accounts from different websites. The next thing I did is to check if the hacker enabled email forwarding. He did. He used this email address basurahanito@gmail.com. If you're a Filipino you will understand this: "basurahan ito" means "this is a trash bin". At least this guy has a sense of humour. Good for him/her.
The Aftermath
I didn't know how or where this individual got my password. I cannot remember any suspicious websites that I recently visited. I don't use that password to any other regular site so until now I am completely baffled by this. I checked my laptop and my wife's laptop for any spyware or keylogger but both of our units turned out clean. I don't use public computers because I always bring my laptop with me.
He used my email to subscribe to SEO software so I am now receiving newsletter from this. The software name is Attracta. It's not a big deal but the bad thing is this particular newsletter doesn’t offer any unsubscribe link so I just marked the emails as junk.
Moral of the Story
Don't be complacent. I always thought that the odds are very small that someone will hack my account. I said what would they get from me? Upon experiencing it, my mentality changed. He was able to get hold of one of my site and he has the capability to access my paypal account at that time. Good thing that that individual didn’t capitalized on it or maybe he just had access for a short time.
Change your password from time to time. I remember reading something in fiverr that passwords are like underwear; you need to change it often. I know you don't need to change it everyday, but at least once every six months.
Don't use the same password in different sites, EVER. So that if someone was able to get a hold of your password, he can only access one site and not the others.
Comments