# China hacking Gmail...



## ElectricDoodie (Mar 7, 2011)

So, apparently Gmail has been getting straight hacked by China and other Asian countries, in the past couple of months.

My friend just got hacked from China, and I received some spam from him. 
I then got hacked from Vietnam a few days later, I guess because I checked my friend's spam email that I got.

After changing my password and all, I noticed that I couldn't send myself any mail, and that I couldn't receive any mail. Nothing would show up, even when I emailed myself.

After looking around online, I found out about traces the hacker can leave to still get it.
When I checked, the hacker had set my account to forward all my email to him, and to delete it immediately from Gmail, hence why I wasn't able to view messages that I was sending to myself.

So, I went and blocked him, and deleted his forwarding address from my list.
What an ass.


/rant


----------



## r_517 (Mar 7, 2011)

mine works fine. 
but yes there are rumors that Gmail got hacked. otoh, Chinese gov has limited all Google services in China can't live without VPN when going back to China this summer


----------



## amostay2004 (Mar 7, 2011)

Everything you can do, China can do better


----------



## qqwref (Mar 7, 2011)

Is this something we should be worried about? Did you do anything unsafe (like using IE, or having an easy password)?


----------



## ElectricDoodie (Mar 7, 2011)

qqwref said:


> Is this something we should be worried about? Did you do anything unsafe (like using IE, or having an easy password)?


 
Nope. I'm actually internet paranoid.
I don't go on shady websites, or at least try to stay away from them as much as possible. Don't enter my password anywhere, unless it's a site I know, such as this one.

Also, I only use Chrome. 

Like I said, I believe my fault was that I opened my friend's spam email. He was hacked, and then sent me spam. I opened that spam, thinking it was my friend, since we email each other regularly, and have known each other for over 10 years. When I saw the the email was spam, I deleted it, and let him know. And then, a few days later, Gmail showed that I had used my account in Vietnam, and that I should check to make sure it was me. Sure enough, I've never been to Vietnam, but there was an IP Address that had used my account from there.

What anyone should do, is just verify where your account has been used from. All the way on the bottom, it'll tell you the last time your account was active, and then "Details." Just click that, and it'll give you a list of the recent IP Addresses. Make sure it's not something weird. In that same window, you can also choose to log every account out, that is currently logged in, so that they have to re-enter the password to log back on. So, if you change the password, they won't be able to.

Also, go to Email Settings, and check out the "Forwarding and POP/IMPAP" tab, and make sure your emails aren't getting forwarded to something you haven't set up.

The only mistake the hacker made, was to make sure to delete all of my incoming messages, after it being forwarded. I noticed this, and tried to solve the problem, and found out that he had done that. If he had not chosen the option to delete the emails, I would've continued on, without even knowing that he was getting all my emails forwarded to him.

The scary part is that this is the email I use for real things, such as paying bills, etc...
Now, I have to go check and make sure that nothing has been messed with...
Wish he had hacked my spam mail, as that thing is filled with trash.


----------



## Kirjava (Mar 7, 2011)

He thinks that because he got phished or w/e that everyone is vulnerable.


----------



## BC1997 (Mar 7, 2011)

amostay2004 said:


> Everything you can do, China can do better



Well Asia can do better


----------



## Stefan (Mar 7, 2011)

Was that actually Gmail getting hacked, or just your account? And with "opened my friend's email", do you mean just viewing the mail body, or an attachment or following a link or so?


----------



## ElectricDoodie (Mar 7, 2011)

Stefan said:


> Was that actually Gmail getting hacked, or just your account? And with "opened my friend's email", do you mean just viewing the mail body, or an attachment or following a link or so?


 
Gmail has actually been hacked in the past couple of months, by activists in China. Nothing really big happened from it. From there, they've been slowly phishing gmail accounts.
The organized gmail attack had similar actions, such as forwarding all emails and immediate deletion from the account, just as mine had been done. This can be viewed online, through news articles talking about it. Most of this happened in 2010.

I'm not saying that my phishing was related to the organized attack, but that it was similar.

I doubt this is going to happen to most people, but I just wanted to put this out there, and rant about it.
Doesn't hurt for people to check and make sure. Besides, it's a cool feature that some people don't know exist, that you can view where your account has been accessed from.







> And with "opened my friend's email", do you mean just viewing the mail body, or an attachment or following a link or so?


I only remember looking at the body, but maybe I did click on the link.
It was a link to a store that sold electronic goods. 

If it's not possible for anything to happen when just viewing the body, which is what I think I did, then maybe I ended up clicking the link and just don't remember.


----------



## Kirjava (Mar 7, 2011)

ElectricDoodie said:


> Gmail has actually been hacked in the past couple of months, by activists in China. Nothing really big happened from it. From there, they've been slowly phishing gmail accounts.


 
OLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOL


----------



## Stefan (Mar 8, 2011)

ElectricDoodie said:


> Besides, it's a cool feature that some people don't know exist, that you can view where your account has been accessed from.



Agree (and I didn't know it).



ElectricDoodie said:


> I only remember looking at the body, but maybe I did click on the link.
> It was a link to a store that sold electronic goods.



Like this? Got that two days ago. Also from someone I know and I'm sure he didn't actually write that himself.



> Dear friend,
> i would like to introduce a good company who trades mainly in electronic products, They provide the best service to customers,they provide you with original products of good quality,and what is more,the price is a surprising happiness to you!
> The web address: www.theintershoponline.com


----------



## ElectricDoodie (Mar 8, 2011)

Stefan said:


> Like this? Got that two days ago. Also from someone I know and I'm sure he didn't actually write that himself.


 
Yes, that was the exact one. 
This is the only reason I can see to having compromised my account.


----------



## Stefan (Mar 8, 2011)

Looking at the mail's sourcecode, I don't see anything special. Seems to just be spam. Though some spam filter I'm using marked it as such, and might have cleaned it as well. Btw, as some precaution, in this kind of case I don't click the link but copy&paste what I see into a new tab.


----------



## ElectricDoodie (Mar 8, 2011)

Stefan said:


> Looking at the mail's sourcecode, I don't see anything special. Seems to just be spam. Though some spam filter I'm using marked it as such, and might have cleaned it as well. Btw, as some precaution, in this kind of case I don't click the link but copy&paste what I see into a new tab.


 That's a good idea that I've never thought about. Thanks for that.


----------



## EnterPseudonym (Mar 8, 2011)

it's all good. I got a hundred character password.


----------



## IamWEB (Mar 8, 2011)

Funny, after reading this thread I went over to YouTube and found 2 spam messages (obviously not the first time). They were very similar. Normally you can see that they're sent to multiple users at the same time, but both were sent to me separately.
Not exactly related, but still...


----------



## Raffael (Mar 8, 2011)

Thanks for pointing this out.
I actually didn't know about that IP-address feature. I'm going to check on a daily basis from now on.

btw:
Recently I got a strange PM from one of my friends on StudiVZ / MeinVZ (= german social network similar to facebook).
It stated, that she had joined another social network called 'socialchat.biz', her nickname would be 'WOMAN138' and that a lot of people from our university had allready joined the site.

Apart from the fact, that a nick like WOMAN138 does not sound like anything she would choose, i am not in university anymore (which the real person does know) and we have never ever been to the same university (which obviously she knows aswell), her account has been deleted by now.

I'm investigating right now what's been going on there.
Just thought, I'd mention this here.


----------



## antoineccantin (Mar 8, 2011)

Stefan said:


> Looking at the mail's sourcecode, I don't see anything special. Seems to just be spam. Though some spam filter I'm using marked it as such, and might have cleaned it as well. Btw, as some precaution, in this kind of case I don't click the link but copy&paste what I see into a new tab.


 
On my email the links don't work so I need to do that anyway


----------

