Thankfully, they didn't change any of the password recovery info on the secondary Yahoo email, so we were able to recover this account right away--only to discover they'd deleted every single email and all of my contacts (presumably so I couldn't contact my friends to tell them about the scam). I did manage to recover my Facebook as well, but only because they didn't alter my security question. My primary email (gmail), however, was lost to me. As well as everything else linked to my Google account, including...this blog (and my Youtube, Google groups, Google+, all Google documents, and anything that required me to use my email info to log in). You can imagine what a damaging loss this is. Professionally, I was left exposed, turned into a quivering mass of vulnerability. Talk about demoralizing. I had no way to contact Google, no recourse for recovery except a stupid Google form I had to fill out to prove I was the owner of my Google account (which means having to remember the exact date I opened my Google account, who sent me my gmail invite, when I opened my blog and Google groups, etc.). I filled out this form three times before Google finally disabled my blog, pending an investigation.
Friday, I managed to recover my Google account finally. Clearly I'm not the hacker impersonating Carol--you can tell probably by my correct use of "demoralizing" and commas and the absence of begging for money (wait until tomorrow).
Okay, so, what's the deal, right? Why did they do this? Money, of course. After some research, I've discovered this is a really common scam/hackjob. And a very sophisticated one. Poor grammar aside, this email actually gave a number of my contacts pause, worried I was actually hurt and penniless in Spain . Intelligent people do fall for this because of their own big hearts (and end up providing their own info and money), which is why the jackholes keep doing it. Their programs/viruses work really fast in a really invasive way, and the scam emails are much better written and thought out now, urgent and designed to appeal to bleeding hearts.
Why did they attack me? Random probably. I did happen to have a $#!%load of contacts in both my emails, so mega score for the hackers. Chances are, though, I logged into a fake Google page which phished my password, and in a heartbeat, everything was gone.
What can you do to prevent your Google account from getting hacked? Or any email? So many of us have Google accounts which we use to access a load of programs. Get your Google (or Yahoo) account hijacked, and you're seriously SCREWED. But there are steps you can take to prevent this from happening.
1. Provide Password Recovery Info: That means a secondary email, backup phone number(s), and security questions and answers. Obviously, though, this isn't foolproof, as I did this. If they hack your password, they can change all of this. So...
3. DO NOT USE THE SAME PASSWORD for every account, application, and program. I know, I know, who wants to remember a million passwords? So much more convenient to have a single password for everything. But whatever program these hackers used was sophisticated enough to find every account associated with my gmail account and attempt to hack in with the same password. Thus, I also lost my secondary email, my Facebook, and my blog, and every account/program linked to them. Now, I have a list of passwords written down and in a text file I keep on my desktop and on a removable hard drive. Those passwords are also a billion miles long with symbols, numbers, and letters. I merely copy and paste when I need them.
4. EVERY time you prepare to log into an account, just take a quick glance at the URL of the sign-in page. Make sure it looks right and that you haven't just been redirected to a fake URL which mimics the real one. If it has an @ symbol in the URL, be wary. Double check the spelling of words in the address, too (www.gimail.com versus www.gmail.com). Best way to ensure you get a legitimate web address is to type in the URL yourself.
5. You can further protect your Yahoo accounts by creating a special Sign-in Seal for every computer you own. Go to your Yahoo "Account Info" and there you will find a link to create a Sign-in Seal (customized badge) that will appear in the top right corner every time you go to your Yahoo sign-in page. Then if you don't see that badge, you may have landed on a fake sign-in page that could phish your password.
5. Don't be lazy or vain or naive. Don't assume that you're not at risk. Phishing/hacking/hijacking doesn't only happens to stupid people who do dumb stuff like click on obvious spam links and search porn. Anyone can become a victim. Phishing schemes are becoming more and more sophisticated the wiser and more tech savvy we become as online users.
6. You can learn more about phishing schemes and how to prevent this sort of thing by checking out this page from Outlook. It's worth it to stop by, guys, and take a few precautions. It doesn't take long, and can save you serious misery.
What do you do if your account gets hacked/hijacked? Besides break things and curse Google to no end and write majorly gory hacker death scenes?
1. Attempt to do a Password Reset immediately before your password recovery information is deleted. If you're too late, you will need to:
2. Fill out an Account Recovery Form (this is what it's called in Google. Yahoo has something similar, I think). The questions on this are tough. Just answer to the best of your ability, providing as much accurate information as you can remember. If you don't get a response right away, fill out another form. You'll need to be patient as this may be a long wait, but be persistent. Hound their arses. And make it clear that you believe the account has been compromised so that they disable the account while it's being investigated to prevent hackers from using it.
When you recover your account,
1. First, change your passwords and do everything I said that you need to do to prevent this from happening again.
2. Double check to make sure any secondary email accounts and phone numbers that have been added by the hacker for their own password recovery purposes are removed from your account settings. If not, remove them.
3. Also, go into your mail settings (under "Forwarding and POP/IMAP") and double check to make sure that your messages are not getting forwarded to a secondary email that you did not yourself add (this was the case for me!), and then under "Accounts and Import" make sure no third party email still has access to your account.
4. Prepare to work your butt off to recover everything you lost while your account was hijacked, including all your emails and your contacts, which will likely have been deleted.
*********************Hope this doesn't happen to you. Sucks so hard, I can't even tell you.
Anyone else have any good tips on preventing any hacking/hijacking? Stories to share?
I think I finally discovered exactly how my gmail was hacked. I used to have both a Gmail account and a Yahoo account that used to be linked (each account was added to the other account to be used in the event I was unable to access one or the other account); and the accounts also used to have the same password. Occasionally, I would get (and continue to get) an email notification to my Gmail inbox that looks as if it is from Yahoo indicating that my Yahoo account information has been changed. But when I look closely, it is not my actual Yahoo account, but one perhaps similar with my name. There is always a link that I am supposed to click to investigate the changes. Clicking on the link directs me to a fake login page where I'm supposed to insert my Yahoo login information. My login information would then be phished and my Yahoo account immediately hacked. When I fell for this scam before, because my Gmail account also had the same password as my Yahoo account, the hackers were able to hack directly into my Gmail account using the same password, and then both of my accounts were compromised.
If you receive such an email indicating that your account information has been changed, do not click on the link. Rather open up a new window, insert the URL yourself and investigate the issue on your own. You will likely find that nothing has been changed.