Should I start to worry about identity-theft/phishing?
February 24, 2013 3:25 AM Subscribe
I recently started in a new job and got a used laptop for my desk. I have utilized this with my Chrome/ Google account. Then, after a few weeks, I got a warning in gmail, telling me that a foreign state might be trying to hack my account or computer. My question is, should I start to worry about being tageted by hackers? Or is the alert from google and the phishing attempts a coincidence?
After a few days, the same message appeared when I logged into gmail from my home computer (both running Win 7 and synched on my google account). So I have now turned on two-step confirmation for my gmail-account.
I also have my own company with its own non-google email. Here I was shocked to see how many phishing emails I've been getting lately. Often two of the same kind with a small time interval of a few minutes.
I also use a Windows Phone 8 synched with my google account, but I have now utilized secondary passwords for apps.
My question is, should I start to worry about being tageted by hackers? Or is the alert from google and the phishing attempts a coincidence?
After a few days, the same message appeared when I logged into gmail from my home computer (both running Win 7 and synched on my google account). So I have now turned on two-step confirmation for my gmail-account.
I also have my own company with its own non-google email. Here I was shocked to see how many phishing emails I've been getting lately. Often two of the same kind with a small time interval of a few minutes.
I also use a Windows Phone 8 synched with my google account, but I have now utilized secondary passwords for apps.
My question is, should I start to worry about being tageted by hackers? Or is the alert from google and the phishing attempts a coincidence?
I have never seen that warning.
If I had started working on a used computer and began seeing that warning I would consider my mail account compromised, and begin changing passwords on everything that ever received a reset through it, or which I logged into on the new computer. I would also wipe the work computer.
I don't think you need to assume you are now a High Value Target, just someone who could have been the low hanging fruit.
posted by gensubuser at 6:38 AM on February 24, 2013
If I had started working on a used computer and began seeing that warning I would consider my mail account compromised, and begin changing passwords on everything that ever received a reset through it, or which I logged into on the new computer. I would also wipe the work computer.
I don't think you need to assume you are now a High Value Target, just someone who could have been the low hanging fruit.
posted by gensubuser at 6:38 AM on February 24, 2013
Here's an interesting article on those Google messages. Strange that your private email has also started receiving phishing attempts. Is your personal email similar in any way to your work email? Perhaps the same name, but different domain? I agree that wiping the work laptop would be a good move. I would also ask around to see if anyone else at your work has gotten these same messages.
posted by orme at 7:10 AM on February 24, 2013
posted by orme at 7:10 AM on February 24, 2013
My question is, should I start to worry about being tageted by hackers?
Yes.
I work for a non-profit with government/military contracts in DC. We are targets of hacking, and its not because we're a particularly juicy target. If China wants to know about lab supplies being shipped to do HIV research in Africa, they could find that out by compromising our network. Does that have immediate strategic value? No. But it could play into a larger game. One big target can be the sum of 50 small pieces they've picked out. Paranoia is appropriate. China is going for a baleen approach.
You should talk to your IT department.
Is this a work google/gmail account? And a personal non-google account? It can be fairly easy to link the two together. Just googling your name could find your personal account. If they can compromise your personal account, then say one day your co-worker gets an email from your personal account saying "Hey, I couldn't send this attachment from my work email, so here's a report I thought you'd be interested in." and thats an in to your company's network.
posted by fontophilic at 9:13 AM on February 24, 2013
Yes.
I work for a non-profit with government/military contracts in DC. We are targets of hacking, and its not because we're a particularly juicy target. If China wants to know about lab supplies being shipped to do HIV research in Africa, they could find that out by compromising our network. Does that have immediate strategic value? No. But it could play into a larger game. One big target can be the sum of 50 small pieces they've picked out. Paranoia is appropriate. China is going for a baleen approach.
You should talk to your IT department.
Is this a work google/gmail account? And a personal non-google account? It can be fairly easy to link the two together. Just googling your name could find your personal account. If they can compromise your personal account, then say one day your co-worker gets an email from your personal account saying "Hey, I couldn't send this attachment from my work email, so here's a report I thought you'd be interested in." and thats an in to your company's network.
posted by fontophilic at 9:13 AM on February 24, 2013
« Older How do I deal with a recalcitrant Internet radio? | What's that "blerk!" sound the BBC uses in their... Newer »
This thread is closed to new comments.
Assuming you're not being personally/organizationally targeted, the phishing emails on your non-google email may be a sign that your email address was included in data that got stolen from a third party. The more information the criminals have about you or your account, the more specific (and thus effective) the phishing emails can be.
posted by maxim0512 at 4:35 AM on February 24, 2013