ClioSport.net

Register a free account today to become a member!
Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!

  • When you purchase through links on our site, we may earn an affiliate commission. Read more here.

Someone tried accessing Gmail - Suggestions?



As above, I received an email from Google saying that someone from the Ukraine had tried to log in on my Gmail account but they blocked it. I was then told that I would need to reset my password next time I logged in to my Gmail account which I have now done.

What I wanted to know was whether this is a common thing that happens?

I haven't downloaded/been on anything dodgy, and regularly run virus/spyware scans.

Could there be something on my laptop that has sent my log in details to Ukraine? Or is it just one of those things that sometimes happens?

Cheers chaps!
 
  182 Cup
Had someone actuay change my password. Got it sorted out, but no idea how they did it, not had any other problems since!
 
  Rav4
This is sometimes the case, but not always so.

They get email addresses from scanning websites/forums. In this case gmail.

They then email you, telling you that you need to change your password, but the email address it's come from might be "qmail.com" or something similar, with the exact styling as google.

You login, change password, they redirect you to google and you think all is fine and dandy.

Now they have your login details

Make sure you have an alternate email/mobile setup. Additionally, have a look and make sure that you are not forwarding emails to a random address.
 
Last edited:
Thanks for all of the comments guys.

The original email came from an @google.com account. I didn't follow the link that was in the email, I logged in to Gmail direct and changed my password there.

I've now set up the 2-step verification which I didn't know about. Much happier now that all seems to be safe.
 

TheEvilGiraffe

South East - Essex
ClioSport Area Rep
Thanks for all of the comments guys.

The original email came from an @google.com account. I didn't follow the link that was in the email, I logged in to Gmail direct and changed my password there.

I've now set up the 2-step verification which I didn't know about. Much happier now that all seems to be safe.

Glad you did it this way... was about to ask :eek:
 
  FF Clio 182
If there is a link in the email saying "Click here to login" or something along them lines then don't click it. I have a natural habit that if I get asked to go to a site via an email I do it manually by searching the web not links. It may be the email is legit but it always pays well to be vigilant about these things. Best suggestion is to go on gmail.com and change your password and go from there.
 
  Rav4
If there is a link in the email saying "Click here to login" or something along them lines then don't click it. I have a natural habit that if I get asked to go to a site via an email I do it manually by searching the web not links. It may be the email is legit but it always pays well to be vigilant about these things. Best suggestion is to go on gmail.com and change your password and go from there.

That is a brilliant way to go about things. If only more people did it this way.

A guy at work lost either 12 or 15k, because he logged into an HSBC account through an email....... there is only so much I can stop, I do remind everyone from time to time and people still fall under the same fate. I still get the blame ;)
 
  FF Clio 182
That is a brilliant way to go about things. If only more people did it this way.

A guy at work lost either 12 or 15k, because he logged into an HSBC account through an email....... there is only so much I can stop, I do remind everyone from time to time and people still fall under the same fate. I still get the blame ;)

The fact is a bank will never ask you to login to check your security details. They will tell you to go to the website, but won't give a direct link or they will call you.
 

Sam

North East
ClioSport Area Rep
Turn on google 2 step authorization.

Then you'll need to enter the code off your mobile when you login.

Also, you app specific passwords as well so then you never use your gmail password for anything over gmail.com

Like some have said, a basic phishing website is so easy to make and a spam email address could pass a filter in your emails.

Just make sure when you enter your password it always says gmail.com in the url bar!

Someone could of bruted your password!

Search for a password list online. I've got one with about 6 million combinations of words and that.

I searched it and there was none of my passwords where on it.

Its always worth a search as that's what they use to brute!
 
  FF Clio 182
Turn on google 2 step authorization.

Then you'll need to enter the code off your mobile when you login.

Also, you app specific passwords as well so then you never use your gmail password for anything over gmail.com

Like some have said, a basic phishing website is so easy to make and a spam email address could pass a filter in your emails.

Just make sure when you enter your password it always says gmail.com in the url bar!

Someone could of bruted your password!

Search for a password list online. I've got one with about 6 million combinations of words and that.

I searched it and there was none of my passwords where on it.

Its always worth a search as that's what they use to brute!

Not always as it is easy to fake a web address just because it says gmail.com doesn't mean it is legit. One recently was a phishing email going around, the sender was hsbc.co.uk, imitation is easily and widely done.
 
  182/RS2/ Turbo/Mk1
Not always as it is easy to fake a web address just because it says gmail.com doesn't mean it is legit. One recently was a phishing email going around, the sender was hsbc.co.uk, imitation is easily and widely done.

Indeed, log into port 25 of the mail server, quick HELO and then put whatever you want in the from address.

Any request like this the correct way to deal with it is to manually type www.gmail.com into the browser yourself so you know you are at the right site.
 
  FF Clio 182
Indeed, log into port 25 of the mail server, quick HELO and then put whatever you want in the from address.

Any request like this the correct way to deal with it is to manually type www.gmail.com into the browser yourself so you know you are at the right site.

That in my mind is standard protocol got this whole situation. If you get a link in an email then punch it in manually. May take slightly longer but risking fraud and getting your life wiped out makes it so worth the time.
 

Sam

North East
ClioSport Area Rep
Not always as it is easy to fake a web address just because it says gmail.com doesn't mean it is legit. One recently was a phishing email going around, the sender was hsbc.co.uk, imitation is easily and widely done.

Faking an URL bar address is impossible.

I know all about phising emails, but using gmail, they won't get past standard google filters!
 
  FF Clio 182
Faking an URL bar address is impossible.

I know all about phising emails, but using gmail, they won't get past standard google filters!

I talking about clicking on a link and being taken to a site that has a spoofed URL what looks like a bank
 

Sam

North East
ClioSport Area Rep
Ahh I see. If you have some common sense you won't get hacked imo.

2-step has to be the safest way at the moment for logging into google.

Hotmail also offer this service to now.
 
  FF Clio 182
I think the main thing is go just be vigilante, I use none if the 2 step safety features and have never had a problem. People just assume they install an antivirus software so it's all safe. If you use the Internet enough you can spot phishing emails and fake sites a mile off.
 
  182/RS2/ Turbo/Mk1
I talking about clicking on a link and being taken to a site that has a spoofed URL what looks like a bank

It wont look like a bank in the URL bar after you click the link though, it will look like it in the email as you can make a link say anything you want, but once you click it (if you are silly enough to do so) it will be very obvious its not the address you were just presented with in the link.

Like so:

www.yourbank.com
 

Ray Gin

ClioSport Club Member
  Cupra Leon & Impreza
Someone from America tried to log into my Facebook a couple of months ago, changed password and haven't had any issues since.
 


Top