We can't get him out of our lives, but help us get him out of our computers!
December 1, 2009 11:46 AM   Subscribe

We know my ex-brother-in-law has been hacking into my sister and my mother's email. Now what?

We, the entire family, have of course changed all of our passwords. Is there anyway that we can retrieve emails that he deleted? Is there anyway to know if he has installed malicious software on our computers? I have run all my virus checks on mine, but I still don't feel safe. My sister also has a feeling that he may have bugged her house. How can we tell?
Ultimately is there any way that we can stop him?
posted by anonymous to Computers & Internet (16 answers total) 3 users marked this as a favorite
If you are worried about the computer, you could reformat. Backup everything you care about (probably not copying whole drives, but more like individual folders), then reformat and reinstall programs. That would get rid of any keyloggers/malicious software sort of thing.
posted by brainmouse at 11:53 AM on December 1, 2009

You (or at least, your sister) can apply for a protection order. This will at least by a step toward stopping him. A good virus scan should detect any malicious virus or spy bot. Did the email give him access to financial information? Do you think that was even the intent? Because you mentioned deleted emails, it sounds like he was hacking to cover his ass about something specific and perhaps isn't intent on an all-out campaign of harrassment. But...I'm not sure of the whole story.

If there is a serious concern of future safety, however: go to the police. Start the process for a protection order. Even without a protection order, tresspassing is still against the law, as is terrorizing- you can always call to have him arrested if these events occur.
posted by Eicats at 11:54 AM on December 1, 2009 [1 favorite]

Is there anyway to know if he has installed malicious software on our computers?

Did he have physical access to the computers (or some sort of remote login software installed on there), or did he just guess their simple passwords? Because the answer is: it depends.

My sister also has a feeling that he may have bugged her house. How can we tell?

Unlikely if he does not have access to the home any more. does he have access? Did he break in?

Ultimately is there any way that we can stop him?

Stop him from what? You did not provide enough information to answer any of these questions. You are unlikely to get any real answers unless you can get a new account and post in this thread.
posted by Optimus Chyme at 11:54 AM on December 1, 2009 [1 favorite]

This is not a question for AskMefi. This is a question for a qualified professional trained in this type of investigation. Start with your local police or district attorney's office, and work from there.
posted by deadmessenger at 11:56 AM on December 1, 2009 [2 favorites]

IANYL, and this is not legal advice, but this kind of activity is a crime. Here is MA, there is a state criminal statute about knowingly accessing information (or logging on to a computer? or account?--I can't remember). I'm sure there are federal statutes about this as well. You might want to call up the divorce lawyer who helped your sister for her take on this. I'm sure s/he has seen it all.
posted by Admiral Haddock at 11:57 AM on December 1, 2009 [1 favorite]

Also, make sure you change your security questions (the ones they ask you if you click the "I forgot my password" link) on those mail accounts. That is how many people get their accounts compromised, rather than someone guessing or finding their actual password.
posted by burnmp3s at 11:59 AM on December 1, 2009

If you don't want to talk to the police, see a lawyer. Most decent lawyers do not charge for a first visit. Don't depend on amateur advice, this is serious.
posted by charlesminus at 12:08 PM on December 1, 2009

Seconding that you should go to a professional about this: computer security professional, lawyer, police, etc.

It might be helpful to know what the brother was going after. Was he snooping because he thought people were talking about him behind his back? If so, perhaps he went for emails, phones, even bugging, if he's that extreme. Were his intentions sexual? That's another set of places to look. If he is technically savvy, it is probably best to have someone knowledgeable (and trusted) wipe the machines clean.

This is not OK at all, and although I'm not a lawyer, I would be astonished if it were not illegal in many ways. The title says "we can't get him out of our lives"- why not?
posted by aaronbeekay at 12:08 PM on December 1, 2009 [1 favorite]

You could use gmail accounts for your email. Gmail displays the IP address and time that someone logged in at. Unexpected logins from unexpected IPs would be proof. You could create multiple accounts and mention the different passwords in different places; aloud inside her potentially bugged house, in emails typed on various family members computers etc, the accounts that get compromised let you know how he's getting the passwords.

> Is there anyway that we can retrieve emails that he deleted?

Depends on what mail service was used and how the emails were deleted

> Is there anyway to know if he has installed malicious software on our computers?

There is no simple procedure that could convince you of this. Saving your personal documents and reinstalling the operating system from the original disks is probably the best path to peace of mind.

>Ultimately is there any way that we can stop him?

Stop him from trying or doing? Restraining order?
posted by pseudonick at 12:10 PM on December 1, 2009

Oh, and re: retrieving deleted emails- if he deleted them from the webmail interface (Gmail, etc.) and emptied the trash, your chances are probably slim. You should contact your email provider about this. If you use a local email client (Mail.app for OS X, Outlook or the like for Windows), you might be able to use a data-recovery program to find emails on the drive.
posted by aaronbeekay at 12:11 PM on December 1, 2009

It's unfortunate that this question is anonymous because my answer depends heavily on your sister's basis for believing her home has been bugged and you can't answer.

As to the computer question, it depends on what you mean by the word "know". You can run various malware and virus checkers. The more you run, the better. But if he had physical access to the computer even that could be insufficient and you'd be far better off wiping the hard drives and starting fresh. Even that isn't technically sufficient because he could have installed a rootkit or even a physical keylogger. From the context of your question I am guessing you don't have the technical expertise to deal with a rootkit or keylogger.

You might be best off replacing the computer completely for your own peace of mind. But installing rootkits and bugging homes is seriously far beyond run of the mill vindictive ex behavior. It's beyond run of the mill stalking behavior. If you really believe he may have gone to that level of surveillance this is a matter for the police.

Unless the ex is a private detective or undercover cop or something one suspects he has not bugger your sister's home.
posted by Justinian at 12:15 PM on December 1, 2009 [1 favorite]

A similar thing happened in my family (email snooping) and when it did we had some other paranoid fantasies (bugging our phone lines, etc).

Let's start by dismissing the bugging. Small microphones have short range transmitters. Unless you have a van parked outside your house then there are no little microphones hidden in your lamps or other movie-location-of-your-choice. Now could he have hidden small recording devices to later retrieve? Sure. But given what you have found out, if these fears are founded then not letting him in the house again seems reasonable. If you ever DO let him back in, watch him carefully to see if he tries to retrieve anything.

Now to the computer viruses. If he's an experienced hacker/programmer then yes he could have programmed laptops to broadcast audio to him, etc. HIGHLY unlikely, but yes, possible. More likely is something like a key logger on the computers so if you changed the passwords he'll know what you changed them to. Formatting all the computers, as recommended above, is a good step. And then change all your passwords AGAIN after you have formatted all involved computers.

Retrieving deleted e-mails is a trick and very dependent upon what e-mail client is being used, as stated above.
posted by arniec at 12:29 PM on December 1, 2009

Anon, if you want to follow up and answer some of these questions you should e-mail jessamyn, who can post them for you.
posted by Solon and Thanks at 12:33 PM on December 1, 2009

You may want to invest in some security cameras and a security system for the house to see if he is snooping around.

If you have wireless, you should either stop using it for a while or change the WEP key.
You should also change EVERY password you have, including the passwords for your computers, Wireless gateways, etc..

I would also call the police if you think this is something that is going to continue and escalating

document everything
posted by bottlebrushtree at 2:43 PM on December 1, 2009

If your sister wants to be as close to 100% sure her computer and online accounts are safe as she can reasonably be without throwing the computer in the garbage, she should do the following:

- format her hard drive using a program that writes random digits over all the old information. this means she will have to reinstall her operating system and save all her files somewhere else first. She should only save things she can't stand to lose, like pictures, and only then on a a separate drive, CDs, or memory sticks. assume everything is potentially malicious and quarantine it or securely write over it.

- start to ditch the old email accounts if possible; get a new one, and start telling trusted parties to only communicate through the new email.

- do the same with Ebay accounts, Facebook, Myspace, etc. Anything with the same or similar password to the email needs to go.

- reset the home wireless, if she has it, with a new key

- set up new accounts with secure passwords with random digits and special characters. do that on another trusted computer she's sure he's never had access to, that's on a secured network, preferably somewhere he wouldn't expect (i.e. not her work computer or best friend's unsecured wireless if she's that worried)

This is assuming he has a fairly high level of technical knowledge and he's very determined (she must think that if she reasonably thinks the house is bugged). For it to work, he has to have no way of physically getting into the house again. If he's actually not that computer savvy, and he only had the password because it was shared with him at some point, I would just do the last step.
posted by slow graffiti at 2:45 PM on December 1, 2009 [2 favorites]

Depending on your location, private investigators can be pretty good at helping you with your computer issues, as well as sweeping for bugs. Her divorce lawyer probably knows at least one PI, divorces get really nasty (as you know).

If there is any way he has access to her house--and from this question it seems like you think he does--she should make sure that any important documents or important sentimental items should be out of the house, somewhere where he has no access--i.e. a bank safety deposit box, her lawyer's office, a secure storage facility. Not in your house, mom's house, sister's house. That goes for important documents on her computer and important emails, not just physical items. They need to be stored somewhere else where he can't destroy them.

Make sure he can't get her passport, social security card, birth certificate, children's birth certificates, bank account/credit card statements (they have account numbers on them), checkbook, address book, diplomas, etc.

Don't forget to secure any of her sentimental items that he can destroy like photos, videos, family heirlooms, pets (yes, it happens), anything that would make her cry if she lost it.

May sound paranoid, but I've learned from experience (years worth of music, journals, childhood photos, and a bank card, all missing or destroyed)
posted by kathrineg at 12:48 PM on December 2, 2009

« Older Joint pain after treadmill usage   |   Refinance Via a Coupon? Newer »
This thread is closed to new comments.