Krista's Coding Corner

03.06.2012

Offtopic: Gmail-account was cracked

I just noticed that my Gmail account, used as spam box, had some strange mails in it. Nothing unusual, as it is my spam box, but now I was the sender and the replies were failure messages. And I hardly ever send any mail from it. Naturally I immediately changed my password although it shouldn't be too easy to guess (for a computer at least).

Gmail luckily has this history of where one can see from where you have logged in. The history was quite interesting: Mexico, Argentina, Venezuela, Bulgaria. Haven't been travelling for a while, so. :)

After some search, I noticed that I did have one huge hole in my security: security question. I didn't even remember I had one. But I did. And the answer was.hhmm.. strange pile of characters but there wasn't so many of them. I don't know if this security question had anything to do with my cracked email but it could have. And the answer was put there when I was younger (and stupider) because this email-address was created when Gmail was first introduced. I think we maybe should emphasize also having hard security question answers, not just passwords :)

One good thing there was thou: hardly any of the recipients actually got the email, as mail servers blocked the mails because it was suspicious. (Not totally sure why the email was view as suspicious but anyhow the filters seem to work!)

Okay, also another: mails were sent via SMTP-protocol, so my web interface wasn't used -> my mails couldn't be read. Although there isn't anything worth reading, but someone might have.

Maybe this incident has something to do with this: http://arstechnica.com/security/2012/05/google-recaptcha-brought-to-its-knees/

But I can't really say. I'm not an expert :/

blog comments powered by Disqus