BetaONE will rise again!


Reply
  #1  
Old 21st Sep 05, 08:35 AM
XPatriot's Avatar
XPatriot XPatriot is offline
Member
 
Join Date: Nov 2001
Location: Canada
Posts: 53
XPatriot
Help please with identity hijacking
Hello folks...

I was wondering if anyone could possibly tell me how someone could have discovered not only the passwords to numerous hotmail accounts when some of them are not only unknown to anyone other than me and when all are unrelated to one another... used in separate identities in Outlook express?

Also if possible is there anyway that I could connect to a ip address (of the suspected hijacker)? I know the IP address as they have sent me an email from one of my accounts..

I have sent numerous emails to Hotmail without any assistance..

Thanks..
Reply With Quote
  #2  
Old 21st Sep 05, 01:05 PM
Dudelive Dudelive is offline
Senior Member
 
Join Date: Oct 2001
Location: USA
Posts: 603
Dudelive is an unknown quantity at this point
If you have their IP number you need to contact the ISP that handles that IP number. There will be a way to report it to the abuse dept. Thatmay be a long shot but about the only one I would attempt.

You will want to do a through scan of your system to check for trojans, viruses and spyware. It is possible there may be a "keylogger" on your system.

Thanks
Dudelive
__________________
Be careful what you ask for, because you might just get it.

Last edited by Dudelive : 21st Sep 05 at 01:18 PM.
Reply With Quote
  #3  
Old 21st Sep 05, 02:29 PM
JacKDynne's Avatar
JacKDynne JacKDynne is offline
Administrator
 
Join Date: Oct 2001
Location: The Past Through Tomorrow
Posts: 1,591
JacKDynne will become famous soon enoughJacKDynne will become famous soon enough
Send a message via MSN to JacKDynne
Yep, I am thinking a keylogger may be there also - you should maybe also back up your critical data then wipe the box; reformat and reinstall

/JD
__________________


Reply With Quote
  #4  
Old 21st Sep 05, 09:38 PM
DoG's Avatar
DoG DoG is offline
Administrator
 
Join Date: Nov 2001
Posts: 2,996
DoG will become famous soon enoughDoG will become famous soon enough
Send a message via ICQ to DoG Send a message via MSN to DoG Send a message via Yahoo to DoG
Contact hotmail and tell them you want to cancell your accounts, tell them that the accounts have been hijacked and that you can no longer access them. If all goes well a hotmail technician will contact you and you can arrange to have the passwords changed. Worked for me a few months back when a trojan slipped through the defenses- they even posted messages on this forum. Thats the quickest way to get them to help you

Get a decent virus scanner and firewall- you can download free trials from most of the big name virus hunters now. Install the firewall and antivirus, use the firewall to kill all traffic and after the antivirus has been updated then run a scan. you can choose to allow only certain applications acess to the internet- start with just internet explorer and check the list of services running in Taskmanager by googleing for them- if anything is suspicious then kill it.

Don't take any ilegal actionagainst the IP addy you have found- it could be a proxy or dynamic IP in wich case it's you that will be up sh*t creek without a paddle. As mentioned above contact the ISP and provide them with all the details you have- a copy of the email sent to you showing the full headers will help.

If all else fails the it's time to wipe the box and start againjust remember to back up only the critical information. It's best if you compress all the files you back up, that way you can scan them for trojans/worms/virus's before you restore them.

And the most important thing are:
Don't open anything you get sent to you in an email before you scan it with AV
Block any suspicious net traffic
Get an Antivirus and prefferably an Internet security suite that contains a firewall.


Good luck!
__________________

Reply With Quote
  #5  
Old 22nd Sep 05, 12:01 AM
Dudelive Dudelive is offline
Senior Member
 
Join Date: Oct 2001
Location: USA
Posts: 603
Dudelive is an unknown quantity at this point
As was stated you most assuredly need a firewall that will ASK do you want this app to access the net or sometimes will only ask if it can contact a certian IP address and depending on which one and the way your system is secured as to allow or not.

If you follow what DoG stated you will be in good shape to start with. Above all do NOT destroy all files with formatting till you find the source of the problem. If you don't find the source it just may be back. Go slow and think things through and ask questions. Good Luck

Thanks
Dudelive
__________________
Be careful what you ask for, because you might just get it.
Reply With Quote
  #6  
Old 23rd Sep 05, 07:34 AM
XPatriot's Avatar
XPatriot XPatriot is offline
Member
 
Join Date: Nov 2001
Location: Canada
Posts: 53
XPatriot
Thank you all for your advice... Microsoft has finally got back to me and it looks like i will likely get my email back... As for keylogging? Can someone send a trojan to my IP address or gain access through my an IP portal??
Reply With Quote
  #7  
Old 23rd Sep 05, 01:23 PM
Dudelive Dudelive is offline
Senior Member
 
Join Date: Oct 2001
Location: USA
Posts: 603
Dudelive is an unknown quantity at this point
There are many ways for that exact thing to happen. The most likely is you accidently downloaded something that had it inside. Warez sites are very famous for these things happening when downloading compressed files. The other way involves port scanners which act as tattle tales reporting back to the owner letting the owner know it found a certain type of port number at a specified location to be open.

There are several methods in which you can use to secure your system.
The first thing you need is a firewall that will report what is going OUT from your computer while at the same time letting you know what is trying to come in. The methods that work for me may not work for you, depemnding on your setup.

Thanks
Dudelive
__________________
Be careful what you ask for, because you might just get it.
Reply With Quote
  #8  
Old 28th Sep 05, 07:26 AM
XPatriot's Avatar
XPatriot XPatriot is offline
Member
 
Join Date: Nov 2001
Location: Canada
Posts: 53
XPatriot
Ok... I retrieved the hijacked email account with Microsofts help. A few days before that I recieved an email from this person that at least gave me an impression of how and why they would be interested in attacking my personal information..

The situation... Armed with only an IP address from one email that was sent to this person (from a Yahoo account not using O.E), this person was able to figure out my wifes email address and content on O.E., my personal email address and content in separate XP login using O.E. and a very, very personal email and content using O.E. but using a separate O.E. identity with a O.E. password to access it?

So three emails, within three very distinct separate places on my computer?? All from I assume from an IP addy in my original Yahoo email sent to this person ?

First off...does this sound possible? with IP keyloggers?, or am I dreaming?

If its possible how do I find a IP keylogger??, and prevent it when i'm using a software and hardware based firewall. What is the name of such a keylogger?

Any explaination would be greatly appreciated?
Reply With Quote
  #9  
Old 11th Oct 05, 09:53 AM
BearCat's Avatar
BearCat BearCat is offline
Administrator
 
Join Date: Jul 2001
Location: Oslo, Norway
Posts: 1,146
BearCat will become famous soon enoughBearCat will become famous soon enough
@XPatriot:
A quick Q: How do you connect to the internet ?
Wired ?
Wireless ?
Dialup ?
__________________
\|||/
(o o)

----ooO-(_)-Ooo----
Oh, people can come up with statistics to prove anything. 14% of people know that.

Reply With Quote
  #10  
Old 12th Oct 05, 10:50 AM
XPatriot's Avatar
XPatriot XPatriot is offline
Member
 
Join Date: Nov 2001
Location: Canada
Posts: 53
XPatriot
Adsl wireless/wired..started using it in Oct, 2004, before that ADSL only.

As an update I have been able to better identify the offending person, but I'm still confused as to their ability to find out so much with just my IP address. I sent an email to this person back in January of 2004 with my Yahoo account (I know this because they sent me a copy of that a few weeks ago from their hotmail acount, luckily with an Telus IP address attached). I'm positive I didn't open up any attachments from them via that account, in fact I don't remember sending them or recieving another email after that one, and their is zero chance that this person knew my id, my wife, from one anonymous email from my yahoo account.

The absolute only way I can think of that this person was able to find out so much about our email usage was via a keylogger of sorts, I scoured the internet and no such luck.

I've been able to convince my IP provider to send them a "Stop harrassment" notice. I don't know if that will put an end to the hassles, or the know hassles. It doesn't mean that they can't keep attempting to guess at my passwords on the accounts that she/he is aware of.

Does anyone know of an IP keylogger?, such as I've suspected? I can't seem to find anything.
Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT +1. The time now is 06:47 PM.


Design by Vjacheslav Trushkin for phpBBStyles.com.
Powered by vBulletin® Version 3.6.5
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.