Help please with identity hijacking

[JacKDynne]

http://www.google.com/search?hl=en&q...oogle+Sear ch



/JD

[BearCat]

Quote:

Originally Posted by XPatriot

I was wondering if anyone could possibly tell me how someone could have discovered
not only the passwords to numerous hotmail accounts when some of them are not only
unknown to anyone other than me and when all are unrelated to one another... used in separate identities in Outlook express?

Actually, this is relatively easy with packet sniffing.
You don't need to "lsten" directely to the computer, as long as you have access to parts of the network involved.
A wiretap, or wireless listening (with unencrypted or weakly encrypted wireless)
will reveal the passwords used when checking the e-mail.
And as a "side effect" also your username... so it's all available to be stolen.


More on the subject.

[XPatriot]

Hello again and thanks,

I've did the research via Google on keylogging and only found programs that you would have to open (via email attachments) for them to work and send info to their users. I've read the info on packet sniffers (thanks btw) and it seems to be a local network spy concept. I can assure you that this person found out this information about me before I started using a wireless router, and even so he/she was never connected to my network...since a promiscuous sniffer as you know can only sniff the data traffic being shared on its local network segment...the offending person does not live in my house..

About keyloggers via email attachements; I mentioned earlier that I only sent one email to this person, they only sent one back. It was to my Yahoo account and the only thing that they would have recieved from that is an IP address...I only used that email address a few times and the communication with this person was to an unknown person and the original conversation was solicited by me...

Ok then, If keyloggers need the host computer to have the Keylogger running on it, and would have had to been executed by me (which I know it wasn't)then a Keylogger is out of the question, and if packet sniffers only work on local networks then that too is out of the question???

Am I wrong??

[Dudelive]

Go here first and read:
http://www.betaone.net/forum/article.php?a=3

If you have not always been using a firewall that rerports which apps are trying to connect to the internet, then you may have had a keylogger and trojan combination for quite sometime and never knew it. At the same time you need to have been scanning your system for such nasties as those all along.

Just scanning with a virus scanner is not enough anymore as new ones are made daily just to get around someones security programs.

All that you can do now since that all mail is back to normal is clean all computers of all bad things there. This is what I would do.......
1 Format all computers there by writing 1's and 0's to the drive, check the drive
makers direction as to the correct way for each type of drive.
2 Get a firewall that will tell you when an app is connecting out.
3 Get a trojan scanner that will have constant updates
4 A scanner for malware, example...AdAware and there are others

Now that you have a machine with all of the above plus other protection that others here can name, connect the computer to the internet just long enough to get all the things installed from GOOD sources and updated. Then disconnect from the internet.
Then spend several hours scanning your previous backups as well as ALL programs you may have burnt to cd or dvd as a backup....be sure to scan these for problems. When all cd's are scanned you can then install to the other computers.

Watch the firewall and when a program ask for a connection be sure you know what the program is first before allowing it.

If you have a router there is a log file in there that will tell about incoming and out going connections.

Thanks
Dudelive