EDAboard.com | EDAboard.de | EDAboard.co.uk | WTWH Media

Security Problem

Ask a question - edaboard.com

elektroda.net NewsGroups Forum Index - Electronics Design - Security Problem


Guest

Tue Jan 08, 2019 5:45 am   



Recently, I got an email from Google saying someone had tried to log onto my Google account using my password. They said they blocked it but I should check out the problem. I'm using a dial-up connection and recently the modem has been downloading about 2 gigabytes of data and runs all the time. I tried to shut the machine off and I got a message that the AVG virus program was being updated and I should not shut off the machine. Earlier, I got a few pop-up messages that said that some program was slowing down the machine and I had an option to click on stop or continue. I think I may have made a mistake on clicking the option to stop the program that was slowing everything down. That may have granted permission to do bad things. I had a text file on the machine with various notes about email addresses, birthdays, and passwords. I deleted all the password data which included my PayPal account and password. This was on December 18th and today I checked the PayPal balance and it was OK. But I can't figure out where someone obtained my Google password. As of now, the 2 gigabytes of data has been deleted and the the disk looks normal. I looked up the size of the current AVG update and it said about 149 megabytes.

Any ideas?

Rheilly Phoull
Guest

Tue Jan 08, 2019 7:45 am   



On 8/01/2019 12:36 pm, billbowden12_at_gmail.com wrote:
Quote:

Recently, I got an email from Google saying someone had tried to log onto my Google account using my password. They said they blocked it but I should check out the problem. I'm using a dial-up connection and recently the modem has been downloading about 2 gigabytes of data and runs all the time. I tried to shut the machine off and I got a message that the AVG virus program was being updated and I should not shut off the machine. Earlier, I got a few pop-up messages that said that some program was slowing down the machine and I had an option to click on stop or continue. I think I may have made a mistake on clicking the option to stop the program that was slowing everything down. That may have granted permission to do bad things. I had a text file on the machine with various notes about email addresses, birthdays, and passwords. I deleted all the password data which included my PayPal account and password. This was on December 18th and today I checked the PayPal balance and it was OK. But I can't figure out where someone obtained my Google password. As of now, the 2 gigabytes of data has been deleted and the the disk looks normal. I looked up the size of the current AVG update and it said about 149 megabytes.

Any ideas?



Change passwords, run malware and antivirus for a start.


Sylvia Else
Guest

Tue Jan 08, 2019 7:45 am   



On 8/01/2019 3:36 pm, billbowden12_at_gmail.com wrote:
Quote:

Recently, I got an email from Google saying someone had tried to log onto my Google account using my password.


How would they know that it wasn't you?

Sylvia.

Jeff Liebermann
Guest

Tue Jan 08, 2019 8:45 am   



On Mon, 7 Jan 2019 20:36:12 -0800 (PST), billbowden12_at_gmail.com wrote:

Quote:
Recently, I got an email from Google saying someone had
tried to log onto my Google account using my password.
They said they blocked it but I should check out the
problem.


That doesn't sound quite right. Google "fingerprints" each computer
that you use to login to your account. Whenever I login with a new
computer, it sends me an email message ask "Is this you?". If I click
"yes, it's me", it thanks me and exits. If I say no, it will block
that computer from further logins. I did that once by accident and it
took a while for that computer to reliably login.

Is this what you received from Google?

"‘Suspicious sign in prevented’ email"
<https://support.google.com/accounts/answer/6063333?hl=en>

If so, change your password and consider setting up 2FA (two factor
authentication):
<https://www.google.com/landing/2step/>

I don't know who or how someone obtained your password. My guess(tm)
is that you are using the same password on a different account and
that account was compromised. Someone then went through all your
other accounts trying the common password. Re-using a password is a
really bad idea.

--
Jeff Liebermann jeffl_at_cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

Martin Brown
Guest

Tue Jan 08, 2019 10:45 am   



On 08/01/2019 04:36, billbowden12_at_gmail.com wrote:
Quote:

Recently, I got an email from Google saying someone had tried to log
onto my Google account using my password. They said they blocked it
but I should check out the problem. I'm using a dial-up connection


By clicking on a link in that email? It sounds to me like a phishing
attack to try and get you to give them your login details.

If someone signs in as you using your password you would get an email
message telling you what new kit they were using (approximately).

Google fingerprint your machine(s) so that you do get a notification if
you connect with a new piece of hardware like a new tablet Xmas present.
Something along the lines of "Your Google Account was just signed in to
from a new Samsung Galaxy Tab S2 device. You're getting this email to
make sure that it was you.". That is routine and to be expected.

Quote:
and recently the modem has been downloading about 2 gigabytes of data
and runs all the time. I tried to shut the machine off and I got a
message that the AVG virus program was being updated and I should not
shut off the machine. Earlier, I got a few pop-up messages that said
that some program was slowing down the machine and I had an option to
click on stop or continue. I think I may have made a mistake on
clicking the option to stop the program that was slowing everything
down. That may have granted permission to do bad things. I had a text
file on the machine with various notes about email addresses,
birthdays, and passwords. I deleted all the password data which
included my PayPal account and password. This was on December 18th
and today I checked the PayPal balance and it was OK. But I can't
figure out where someone obtained my Google password. As of now, the
2 gigabytes of data has been deleted and the the disk looks normal. I
looked up the size of the current AVG update and it said about 149
megabytes.

Any ideas?


My advice would be download Malwarebytes from the authors home page (not
from any dodgy advertisements that appear higher up the Google search)
and allow it to run a deep scan. It has a chameleon mode that means it
will usually work even on a malware infected machine. It is my scanner
of choice for people who have clicked on something nasty. Run it twice
with a reboot inbetween. Then reinstall your AV.

There is a good chance your AVG is toast after visiting some dodgy site
or other. Any of the reputable AV products should have a CD image you
can download and boot from to delouse a computer that has been
compromised. You need to download it onto a machine that is clean.

Incidentally I have noticed that on machines running IE11 that are left
with the default MS homepage displayed it is only a matter of time
before a rogue advert pretends there is a virus and a very persistent
click to update window appears (ie download some hostile binary or
other). Easy enough to kill from task manager but very confusing for an
ordinary user. It is disgraceful that they seem unable to defend against
it and act as a vector for such malware.

--
Regards,
Martin Brown

amdx
Guest

Tue Jan 08, 2019 3:45 pm   



On 1/8/2019 3:05 AM, Martin Brown wrote:
Quote:
On 08/01/2019 04:36, billbowden12_at_gmail.com wrote:

Recently, I got an email from Google saying someone had tried to log
onto my Google account using my password. They said they blocked it
but I should check out the problem. I'm using a dial-up connection


By clicking on a link in that email? It sounds to me like a phishing
attack to try and get you to give them your login details.


^^^
Ditto, I get those on a regular basis.
Recently I got one for my Amazon account that didn't
have any link to follow. That seemed odd!
So, I phoned Amazon, they put a hold on my account, then
confirmed me through a text and had me change my password.
It took over 3 days to get it corrected. Someone fell short
at Amazon and only took notes no action, I had to call again.
I didn't have any extra Amazon purchases.
My account had a Russian email address attached to it.


Guest

Thu Jan 10, 2019 6:45 pm   



On Tuesday, January 8, 2019 at 1:06:01 AM UTC-8, Martin Brown wrote:
Quote:
On 08/01/2019 04:36, billbowden12_at_gmail.com wrote:

Recently, I got an email from Google saying someone had tried to log
onto my Google account using my password. They said they blocked it
but I should check out the problem. I'm using a dial-up connection

By clicking on a link in that email? It sounds to me like a phishing
attack to try and get you to give them your login details.

If someone signs in as you using your password you would get an email
message telling you what new kit they were using (approximately).

Google fingerprint your machine(s) so that you do get a notification if
you connect with a new piece of hardware like a new tablet Xmas present.
Something along the lines of "Your Google Account was just signed in to
from a new Samsung Galaxy Tab S2 device. You're getting this email to
make sure that it was you.". That is routine and to be expected.

and recently the modem has been downloading about 2 gigabytes of data
and runs all the time. I tried to shut the machine off and I got a
message that the AVG virus program was being updated and I should not
shut off the machine. Earlier, I got a few pop-up messages that said
that some program was slowing down the machine and I had an option to
click on stop or continue. I think I may have made a mistake on
clicking the option to stop the program that was slowing everything
down. That may have granted permission to do bad things. I had a text
file on the machine with various notes about email addresses,
birthdays, and passwords. I deleted all the password data which
included my PayPal account and password. This was on December 18th
and today I checked the PayPal balance and it was OK. But I can't
figure out where someone obtained my Google password. As of now, the
2 gigabytes of data has been deleted and the the disk looks normal. I
looked up the size of the current AVG update and it said about 149
megabytes.

Any ideas?

My advice would be download Malwarebytes from the authors home page (not
from any dodgy advertisements that appear higher up the Google search)
and allow it to run a deep scan. It has a chameleon mode that means it
will usually work even on a malware infected machine. It is my scanner
of choice for people who have clicked on something nasty. Run it twice
with a reboot inbetween. Then reinstall your AV.

There is a good chance your AVG is toast after visiting some dodgy site
or other. Any of the reputable AV products should have a CD image you
can download and boot from to delouse a computer that has been
compromised. You need to download it onto a machine that is clean.

Incidentally I have noticed that on machines running IE11 that are left
with the default MS homepage displayed it is only a matter of time
before a rogue advert pretends there is a virus and a very persistent
click to update window appears (ie download some hostile binary or
other). Easy enough to kill from task manager but very confusing for an
ordinary user. It is disgraceful that they seem unable to defend against
it and act as a vector for such malware.

--
Regards,
Martin Brown


Yes, I thought it might be a phishing attack so I didn't click on the link to "Check Activity". The exact wording of the message was:

"Someone just used your password to try to sign in to your account. Google blocked them, but you should check what happened." And then there is a link to "Check Activity" which I didn't click. I was concerned about the wording of "in to" verses into.

Martin Brown
Guest

Thu Jan 10, 2019 6:45 pm   



On 10/01/2019 16:46, billbowden12_at_gmail.com wrote:
Quote:

On Tuesday, January 8, 2019 at 1:06:01 AM UTC-8, Martin Brown wrote:
On 08/01/2019 04:36, billbowden12_at_gmail.com wrote:

Recently, I got an email from Google saying someone had tried to
log onto my Google account using my password. They said they
blocked it but I should check out the problem. I'm using a
dial-up connection

By clicking on a link in that email? It sounds to me like a
phishing attack to try and get you to give them your login
details.

If someone signs in as you using your password you would get an
email message telling you what new kit they were using
(approximately).

Google fingerprint your machine(s) so that you do get a
notification if you connect with a new piece of hardware like a new
tablet Xmas present. Something along the lines of "Your Google
Account was just signed in to from a new Samsung Galaxy Tab S2
device. You're getting this email to make sure that it was you.".
That is routine and to be expected.
[snip]


Quote:
Yes, I thought it might be a phishing attack so I didn't click on the
link to "Check Activity". The exact wording of the message was:

"Someone just used your password to try to sign in to your account.
Google blocked them, but you should check what happened." And then
there is a link to "Check Activity" which I didn't click. I was
concerned about the wording of "in to" verses into.


Pure phishing attack. If someone tried to login to your account using
your password they would get in and it would send you an email telling
you approximately what hardware it thought they were using and asking if
it was indeed you. Did you get a new tablet for Xmas?

Some web clients do lie about who they are. The clickbait scammers fake
being run on iPhones because they get more advertising revenue that way.
Advertisers pay more for clicks from iPhones!

--
Regards,
Martin Brown

John Doe
Guest

Thu Jan 10, 2019 10:45 pm   



billbowden12_at_gmail.com wrote:

Quote:
Recently, I got an email from Google saying someone had tried to
log onto my Google account using my password. They said they
blocked it but I should check out the problem.


Google blurts out that nonsense. Google has a setting for turning
off that nonsense, but that nonsense continues even if you turn it
off.

In other words... That warning means little. It's just Google trying
to cover itself against every little potential legal problem.

LOOK AT YOUR INBOX, LOWER RIGHT-HAND, AND CLICK ON "DETAILS ". THERE
YOU WILL SEE RECENT LOGINS.

Quote:
I'm using a dial-up connection and recently the modem has been
downloading about 2 gigabytes of data and runs all the time. I
tried to shut the machine off and I got a message that the AVG
virus program was being updated and I should not shut off the
machine. Earlier, I got a few pop-up messages that said that
some program was slowing down the machine and I had an option to
click on stop or continue. I think I may have made a mistake on
clicking the option to stop the program that was slowing
everything down. That may have granted permission to do bad
things. I had a text file on the machine with various notes
about email addresses, birthdays, and passwords. I deleted all
the password data which included my PayPal account and password.
This was on December 18th and today I checked the PayPal balance
and it was OK. But I can't figure out where someone obtained my
Google password. As of now, the 2 gigabytes of data has been
deleted and the the disk looks normal. I looked up the size of
the current AVG update and it said about 149 megabytes.


Do not use Windows 10. I have nothing against Windows 10, I obey,
but using Windows 10 with a (56K?) Dial-up modem sounds like a
disaster waiting to happen.

John Doe
Guest

Thu Jan 10, 2019 10:45 pm   



billbowden12_at_gmail.com wrote:

> I was concerned about the wording of "in to" verses into.

Very good! That's one dilemma suffered by non-English speaking hackers
from America-hating countries. Learning our lingo is counter to their
objectives Smile

elektroda.net NewsGroups Forum Index - Electronics Design - Security Problem

Ask a question - edaboard.com

Arabic version Bulgarian version Catalan version Czech version Danish version German version Greek version English version Spanish version Finnish version French version Hindi version Croatian version Indonesian version Italian version Hebrew version Japanese version Korean version Lithuanian version Latvian version Dutch version Norwegian version Polish version Portuguese version Romanian version Russian version Slovak version Slovenian version Serbian version Swedish version Tagalog version Ukrainian version Vietnamese version Chinese version Turkish version
EDAboard.com map