Just got hacked need advice

[DrakeN2k]

I woke up this morning to discover my Uni email , and two other personal emails were hacked what I have lost I cant tell. each email had different passwords. I have reset all three and changed passwords to brand new ones. Other passwords to games have be also hacked and im going though them , Can you give any advice about how this could have happened, and the best way about not letting it happen again?

[+Byt Subscriber¹]

You probably have a keylogger on your PC, the way to stop it happening again is dont browse for dodgy porn and go on dodgy websites.

But for the time being you can scan with this - http://www.surfright.nl/en/hitmanpro/

Once infections have been removed, then change your passwords again.

[DrakeN2k]

I went though a few scans with my internet security and nothing was found.

[pes2013]

Top recommendation: Format.

[_bobcat_ Veteran]

How do you know you were hacked? Is it possible that you used another computer to access those things (which might have malware)? Or left something logged in or saved passwords at a public place?

[ingramator]

Ok first of, you probably weren't "hacked" why have you come to this conclusion?

[cork1958]

Either format (last resort) or start scanning with Malwarebytes and SuperAntiSpyware. Just do a search for those and you will find them. Make sure to get the FREE versions.

Very seriously doubt you were hacked though.

[+Nik Louch Subscriber²]

"Hacked"...?

[Guest]

Dictionary passwords?

[dancedar]

No one gets 'hacked' nowadays, it's not possible. Phished, malwared, social engineered, yes.

Enable 2-factor authentication after you've reset everything, check your logs (gmail), sent items, trash etc.

[DrakeN2k]

Well it "I" requested a password reset for most of my accounts which then the password was changed to something else.

I have not logged on to any public network.

[techbeck]

Well, make sure you have some type of password protection on the sites that were compromised. Many sites have phone verification, second email verification, or answers to get your password rest.

[sc302 Veteran]

No one gets 'hacked' nowadays, it's not possible. Phished, malwared, social engineered, yes.

Enable 2-factor authentication after you've reset everything, check your logs (gmail), sent items, trash etc.

I am curious...what is your definition of "hacked"?

http://www.merriam-w...ctionary/hacker

Definition 4 applies here.

a person who illegally gains access to and sometimes tampers with information in a computer system

http://www.merriam-w...dictionary/hack

intransitive verb 4b applies here.

b : to gain access to a computer illegally

[techbeck]

I am curious...what is your definition of "hacked"?

http://www.merriam-w...ctionary/hacker

Definition 4 applies here.

http://www.merriam-w...dictionary/hack

intransitive verb 4b applies here.

I was going to say...sounds like hacked to me.

[+Nik Louch Subscriber²]

I would argue that those dictionary definitions are not really valid. This is where general understanding is often behind technology. If I broke into my library and turned on their PC is that hacking? IMHO no. To me, "hacking" would be:

Gaining access to a computer system by means of exploiting technical vulnerabilities.

That distinguishes it from social engineering and so on. Also seeing as "ethical hacking" is a common phrase, and something we (as a company) pay for (as penetration testing) - it's not illegal at all, and yet still "hacking"!?

[Guest]

As nik said. Stealing passwords is not hacking. I'm sat at someone else's desk today at work and on their notepad I can see various passwords. Taking them wouldn't make me a hacker.

In the words of Tyler Durden: Shoving feathers up your butt does not make you a chicken.

[DrakeN2k]

Ok i understand i was not hacked, but why would this guy go to the length to reset my university system passwords ?

or reset the password to one mmo game I play.

but not Facebook ?

[Guest]

To prevent you changing passwords to accounts that use that email address?

[vcfan]

sometimes your emails could get hacked without anything happening on your end. if you register on websites and forums using the same password as your email,if the site gets compromised,so does your email account. the sites might not even know they've been compromised. Once they have access to one email,the floodgates open.

[DrakeN2k]

That is true. I have got control over everything again.

I was wondering how it just happened. I have got new and different passwords for everything. Changed security options, Removed trusted emails to a trusted phone number.

2 step verification added to supports accounts.

uh it was so strange how the "person" just changed stuff on some things not others and yet he left a paper trail of all the reset emails lol.

[rr_dRock]

uh it was so strange how the "person" just changed stuff on some things not others and yet he left a paper trail of all the reset emails lol.

it could have been a she....

/troll

[Hum]

Damn you North Korea !

[sc302 Veteran]

I would argue that those dictionary definitions are not really valid. This is where general understanding is often behind technology. If I broke into my library and turned on their PC is that hacking? IMHO no. To me, "hacking" would be:

Gaining access to a computer system by means of exploiting technical vulnerabilities.

That distinguishes it from social engineering and so on. Also seeing as "ethical hacking" is a common phrase, and something we (as a company) pay for (as penetration testing) - it's not illegal at all, and yet still "hacking"!?

As dog is not the same as hot dog, ethical hacking is not the same as hacking.

[AsherGZ]

From what you've mentioned, looks like it was someone you know as this person knew even your gaming habits. A friend of mine once did it to another as a joke by slipping a keylogger into his study notes. You should talk to your university IT department and see if they can tell you what IP was used to request for a password reset.

[+BudMan MVC]

great you use other passwords for other sites. But as touched upon already..

lets say your main email is [email protected] - and all the other sites you login too, even other email accounts you setup [email protected] as recovery, etc..

If I get into [email protected] because your password was compromised, bruted, guessed then I could just look into your email to where you got logins from, game sites, forums, etc.. And then from there access them and ask for resets to be able to get in, etc.

as already mentioned, access to something like your main email account could open a flood gates to access to all your other accounts. You really need to turn on 2 factor for your main email account if possible. Or use a very strong password on this account.