Comments for Is changing my password enough?

Comment from Gemma Busto on 2012-01-30

2012-01-30T17:53:01Z

thank you very much. i hope it would help me not to be hacked again.

]]>

A comment on: Is changing my password enough?

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Mark J on 2011-12-17

2011-12-17T14:05:15Z

@Bess
If your email has been hacked and the password and alternative email had already been changed, then it may be too late to recover your email account.

]]>

A comment on: Is changing my password enough?

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from bess on 2011-12-17

2011-12-17T09:20:50Z

how can i change the alternative e-mail, who is not mine, my e-mail has been hacked and there is another alternative e-mail. Please tell me how to change it, because when i want to change, the e-mail goes to that another alternative e-mail.

]]>

A comment on: Is changing my password enough?

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Connie on 2011-11-22

2011-11-22T21:05:11Z

@Meenakshi
You've done right to change the security questions and password. Doublecheck those and also make sure your phone number is correct. Keep an eye on that account and make your password really really hard.

Here's another article on Ask Leo! that has some good info on the subject:
Someones sending email that looks like its from me to my contacts what can I do?

]]>

A comment on: Is changing my password enough?

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Meenakshi Sharma on 2011-11-22

2011-11-22T18:14:18Z

Of late my contacts are getting emails from me about weird stuff that I never send them.I have changed my password and all security questions.Is there anything else I need to do? Is my account information safe? Will I have to make a new account?

]]>

A comment on: Is changing my password enough?

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Reva on 2011-11-11

2011-11-11T19:58:57Z

A few months ago my husband had the same problem. We ended up deleting that email and giving him a new one. We had no more problems, until a couple days ago when my att yahoo mail became compromised. I really need to keep this email address. So I am trying to stop this by changing things such as password, a new sign in key, and changing anything in the options on my account that may have allowed this compromise. Then I discovered it would not allow me to access my contacts. I'm still working on that....

]]>

A comment on: Is changing my password enough?

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Mark J on 2011-09-05

2011-09-05T14:38:54Z

@Andrew
This kind of hack usually come from having a virus on your system. Running a program like MalwareBytes should get rid of it.

http://ask-leo.com/what_security_software_do_you_recommend.html

See my note above. In reality what's describved here is rarely a virus.

05-Sep-2011

]]>

A comment on: Is changing my password enough?

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Andrew on 2011-09-05

2011-09-05T11:20:18Z

I just found out my family account was hacked (the "want more pleasure?" link was sent to some of our contacts.) The thing is....does it for sure mean some person in another place was sitting there, going through our account? it's our head account, which is connected to your ATT account, which lists our address and phone number. Should I panic?

Quite possibly yes - someone somewhere was logged into the account going through it. I'm not sure what "connected to your ATT account" might mean, but ultimately you must assume someone was able to login to your account as you.

05-Sep-2011

]]>

A comment on: Is changing my password enough?

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Rebecca on 2011-08-05

2011-08-05T17:44:04Z

My account has been hacked and all of my contacts have been sent a link to a webpage. However of the things you suggested to look for nothing appears to have been changed (i.e. mobile number, back up email) i have changed my password and security question but am doubtful of how much this will help so was wondering if there was anything else you would suggest? My iphone is also linked to my account so i dont know if this could be the problem?

Hackers often don't change anything so that people aren't quite as quick to notice that their account has been hacked. You need to change anything and everything that the hacker might use to force a password reset.

05-Aug-2011

]]>

A comment on: Is changing my password enough?

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Glen on 2011-06-30

2011-06-30T20:23:21Z

I am more worried that my friends are getting spam from "me." If I totally change my email address, delete the old one, will the spam continue?

It depends on how they're getting spam "from" you. If your account has been hacked, the only thing to "stop" it is to regain access to the account. Even then the hackers may not stop as they'll have your friend's addresses. If the spam is not from your account directly, but simply shows you as a spoofed sender, then there's nothing you can do.

01-Jul-2011

]]>

A comment on: Is changing my password enough?

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Chris on 2011-06-04

2011-06-04T12:39:13Z

So, there's nothing that can be done if someone has copied all of your email addresses and you have already changed your password and secret answer many times?

]]>

A comment on: Is changing my password enough?

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Kathleen Simmons on 2011-04-16

2011-04-16T13:42:16Z

Will it do any good to change my EMail address
and password?

Depends on the situation. No idea since I have no idea what your situation is.

16-Apr-2011

]]>

A comment on: Is changing my password enough?

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Ellen on 2011-02-28

2011-02-28T22:29:43Z

Your articles were THE best of any I was able to find on the web. Most other sources did not provide enough details on what to look for to understand what the hacker actually did. You laid out the nuances of the way an account can be hacked and the signs to look for to tell what they actually did..like do you have emails sent by the hacker in your sent box or not. Very helpful. THANKS!

]]>

A comment on: Is changing my password enough?

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Elle on 2011-02-28

2011-02-28T08:10:01Z

One little trick I read about: in case you have been compromised, and there is a change that a key logger has been installed on your computer. Changing your passwords might be pointless since all your key strokes are being watched.

A temporary way around this a the Ease of Access On Screen Keyboard (don't know if Macs have this). From what I understand, clicking the keys via your mouse doesn't get recorded on the key logger.

I've recently changed all my passwords because my social network account was comprised. I changed my security questions and answers to something you wouldn't know just from looking around my Facebook account.

I'm probably going to reformat my computer anyway, just to be safe. Its annoying, sure, but I'd feel better knowing I've wiped my computer of anything my Norton probably missed. Good thing I have back ups.

That approach is not guaranteed to bypass keyloggers. Please read this article: Is there a way to bypass keyloggers?

28-Feb-2011

]]>

A comment on: Is changing my password enough?

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Michael Horowitz on 2010-12-19

2010-12-20T04:43:04Z

There is yet another problem.

A bad guy could set up a forwarding rule such that all your email is forwarded to him. No need for passwords after that. You still get your email and the bad guy never needs to logon to your account again, after the first time.

Probably a good idea, after a webmail password is stolen, to review ALL the account settings.

This is one thing, at least, that Hotmail is good at - if a forwarding rule has been set there's a big notification at the top of your inbox that tells you so. I'm sure that varies from provider to provider. Next time I update this article I'll include your point - thanks.

20-Dec-2010

]]>

A comment on: Is changing my password enough?

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from BatMan on 2010-12-07

2010-12-08T03:29:51Z

Quick Side Note: do a Google/Bing/Yahoo Search for your Email Address. If any Results POP up with your address... then its guaranteed that SPAMMERS already have your address, and have been causing mischief.

Okay, Moving on:
If you are being Blamed for SPAM'ing People who you do NOT know, and by people that you have NEVER emailed before (aka, 'Strangers').... then its probably NOT you. Your account was 'probably' Never compromised.

However, If you are being Blamed for SPAM'ing People who you Do know, and by people who you DO email (aka, 'Your Friends')... then your account COULD be compromised.
In fact, if almost Everyone who complains is one of your 'Friends'; and they ALL say the Spam came from you, then take it as a Higher & Higher probability it's Your Account thats the source.

Most likely, Your Email account Was hacked at some point in the Past, the hacker exported out your entire AddressBook; and has now finally begun Spamming all your addressbook-friends.
****
Important Note: 10 years ago, the spam came directly from your friend's infected windows pc. once he cleaned the infection, the spamming stopped.
However, this SPAM 2.0 has a new TWIST: the spam is being delivered via someone's open-relay-server. removing the infection on your friend's windows pc will NOT stop the Spam from the Relay server.
***

Let me Over-simplify with this quick analogy:
It is the equivalent to 'Me' Crashing 'Your' Wedding, then Copying down All the Names & Addresses of everyone who signed 'your' GuestBook, then 'me' quietly sneaking out the back door... and then 2 weeks later i start phoning all 'your' Guests asking them to buy this magic Viagra medicine... but i pretend to be YOU on the Phone!!!

if you can Grasp this Analogy... then now you Understand the full problem.

EVERYBODY who signed the Guestbook loses in this scenario. You 'could' Close out your email account and go get a New one (Change teh locks on your doors, change your phone#, and/or move to a new House); but the SPAMMER (me) still has the contact info of ALL your Friends... So they are STILL going to get annoying phone calls from Me.
Thus, no real escape for your friends... Unless they ALL Change their Phone #'s and move to new houses as well (Highly unlikely).

But even if they Did... as soon as i Crash the Next Wedding... the cycle will Start over again!!

Best Solution:
Go get a Drink!

]]>

A comment on: Is changing my password enough?

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from dennis isaacs on 2010-09-12

2010-09-12T11:37:23Z

I've changed my email password and security question answer to something that is not recognizable. I also also deleted my alternate email. Ads are still being sent to my contacts. What else can I do?

Thank you

]]>

A comment on: Is changing my password enough?

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Jennifer on 2010-08-27

2010-08-27T19:46:39Z

This was helpful and to let everyone know what to do,Thanks,Jennifer B.

]]>

A comment on: Is changing my password enough?

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Christy on 2010-08-11

2010-08-11T16:59:36Z

I just read your article and found it incredibly helpful! I changed my password, changed my secret question answer to one that is hopefully hard to guess and checked all of my other information. Thankfully I started this email address when I was 17 and was too busy to add a lot of info on the account page so all it really has is my email address that they already know, my secret question and that I live in the USA. My question is: do you think that since there isn't really any other information on there and I changed what was on there, should I be safe now or should I do something else? I really hate to have to change my email address, I've had it for ten years and everyone knows it :/

]]>

A comment on: Is changing my password enough?

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from HESHAM KHATTAB on 2010-07-15

2010-07-15T20:03:21Z

TODAY ONE STEAL MY EMAIL AND ASK ALL MY CONTACT LIST TO SEND MONEY TO ME IN LONDON I AM AT HOME IN EGYPT IHAVE CHANGED MY PASSWORD DO YOU NEED DETAILS TO FOLLOW .YESTERDAY I HAVE RECEIVED EMAIL FROM YOU ASKING INFORMATION AND PASSWORD IT IS FROM YOU ??DO YOU NEED COPY GIVE ME YOUR EMAIL TO SEND .HESHAM KHATTAB

]]>

A comment on: Is changing my password enough?

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Cassie on 2010-06-21

2010-06-21T16:15:41Z

I had to go to the "site permissions" page on my AOL account and found there were three sites I had "given permission" to access my account, I deleted them all and changed password and security question. Hope this does it. I was unaware there was a site permissions page.

]]>

A comment on: Is changing my password enough?

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Jennifer Wolford on 2010-05-06

2010-05-06T18:48:49Z

I have always added a contact to my e-mail contact lists. I add: aaaaaaaaaaaaa@aa.com
Since this does not exsist, and will be the first email address to be used (alphabetically) anytime mail is sent from me (bulk, all included) I get a notice that it could not be delivered to that account. Since I know I would not have sent to that contact, I know something is wront.

The usefulness of that approach (having a bogus address early on in the address book) has been highly overrated. I wouldn't bother.

07-May-2010

]]>

A comment on: Is changing my password enough?

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Faith on 2010-04-14

2010-04-14T16:54:24Z

Thank you so much for this. My gmail account was hacked just this morning, and although I logged the hacker out and changed my password to a much stronger one, I hadn't thought about any of these other possibilities until I read this article, and I'm so glad I did.

]]>

A comment on: Is changing my password enough?

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from kate on 2010-03-26

2010-03-26T11:24:30Z

Leo, I have read a few of your articles. I have had the 'free email - hotmail problem' where my hotmail is sending spam email (always the same email, copied below - hope that's ok... but the link is in it). I have changed my password. I have tried to contact hotmail on windows help, but no reply. http://windowslivehelp.com/thread.aspx?postid=7B1464C2-0DA5-4A0B-85A3-C6BF19B4DF4A#7B1464C2-0DA5-4A0B-85A3-C6BF19B4DF4A.
I have used my hotmail account for some time and would hate to give it up and lose touch. Do I have any choice but to close it? I can't seem to get any help from hotmail / answers on the windows forum.
Thank you for your good articles and links to more of your articles... I found it good to know that really there isn't much I can do... but I thought I would ask: Is there anyway to report this email to an authority?
Thanks.
SPAM email below

Hi,my friend,
I find a good website,I would like to introduce it to you It will give you big surprise:excellent products,high quality competitive price.If you are free, please visit it: [link removed] have a nice day! ~--b

As the article you're commenting on states, changing your password is not enough. If you can cover everything else outlined, and have attempted to get help at the support forum, then I know of nothing else left for you to do.

26-Mar-2010

]]>

A comment on: Is changing my password enough?

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from craig on 2010-02-02

2010-02-02T21:54:51Z

In regard to 'secret' questions; if you have a set question there are limited 'truthful' answers. Try using one or two universal answers for all secret questions on all your web-based security. Like, Mothers maiden name? Venus, or blue whale, or Mitsubishi, or River Phoenix, and First pet you had? River Phoenix, Mitsubishi... etc.
This makes guessing the answers nearly impossible and we've now made the answers endless, rather than the limited truthfull stock - AND it makes ur answers easy to remember IF you stick to the same ones all the time.
FYI - Some profile setting areas in some web sites will show you your 'secret answers' which make the secret viod if you account is hacked.

]]>

A comment on: Is changing my password enough?

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Ron Inabinet on 2010-01-06

2010-01-06T11:50:02Z

I believe that my computer has been compromised to a degree. Several months ago,I don`t even remember when, I checked to see if I was the only name logged into my computer. To my amazement I was NOT the only person logged in. I kinda freaked and shut my computer down without writing down the "other" name.I have checked back often but found no one else logged in; this might be due to the fact that I have gotten a router.Just a couple of weeks ago I was going to log into my yahoo email account but I saw my computer password already typed into the space provided. I still get those stew-pid nigerian scams about money but, I always just delete them. I believe the unsolicitated emails of offers to view womens` private photos and chat sessions with unknown women,supposedly are nothing but hacking or spoofing scams. My yahoo email account hasn`t been hacked but I have suspicions that my computer is watched by parties unknown.

]]>

A comment on: Is changing my password enough?

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Evan B Merz on 2009-12-15

2009-12-16T03:25:27Z

While I have had no difficulties in this area (knock on wood), I remain concerned. I check credit card charges at least twice a month and my credit card and debit card likewise, so I think I'm on top of this problem. Incidentally, my ISP has withheld emails because they are questionable and appear to be complete strangers to me.

]]>

A comment on: Is changing my password enough?

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Rick on 2009-11-11

2009-11-11T16:26:01Z

A bigger problem is that the major webmail players have password recovery mechanisms that do not even rely of 'secret' questions, but rather a recollection or best guess of how you have used the service.

For example, GMail's Password Recovery page starts with, "If you've already tried to reset your password and you're still unable to access your Google Account, fill out the form below. Please answer each question as thoroughly and accurately as possible; the strength of your answers will determine if we can return your account. If you're not certain about some of the dates, provide your closest estimate."

The problem here is that a hacker gets to offer an alternate 'alternative' email address and answer a few questions about what other Google services the user might have used (along with estimates of dates) . . . and a few other tidbits that are not super difficult to work out. If the mix seems probable to Google they sent a reset email to the proferred alternate email address.

In other words, if a hacker can work out what other Google services this user has and the approximate creation dates, he or she had a pretty good chance of taking control of the account.

]]>

A comment on: Is changing my password enough?

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Digby Lowe on 2009-11-11

2009-11-11T09:43:46Z

The 2nd email address could be used to break the hacker's stranglehold on the primary account if the primary mail provider were to automatically refer to the 2nd mail address all changes made to password and proposed changes to 2nd mail addess - i.e. effectively pass master control of the primary account to the 2nd account. Do I get a prize for that idea?!!

]]>

A comment on: Is changing my password enough?

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from MmeMoxie on 2009-11-10

2009-11-11T07:23:10Z

I fully agree with Tony M. Leo, you are 'right on' with your information.

Only one note, the good ISP's will tell you to close down the 'hacked' account and create a complete new one. New user name, password, secret questions, the whole nine yards.

]]>

A comment on: Is changing my password enough?

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

Comment from Tony M. on 2009-11-10

2009-11-11T00:17:58Z

This may be the most valuable information regarding personal cyber security that I have ever seen. All the anti-virus programs and firewalls in the world will do little good if you're blabbing your "secret" information to the world via social networking sites.

This is precisely how Sarah Palin's e-mail account was hacked. A malicious individual, seeing publicly-available details about her, was successfully able to provide the correct answers to the security questions Mrs. Palin used for one of her e-mail accounts. Through this vulnerability, the hacker obtained access to the governor's personal e-mail.

Thank you, Leo, for such thorough coverage of this personal security problem.

]]>

A comment on: Is changing my password enough?

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.