Ransomware and a compromised email password
July 21, 2013 11:28 AM   Subscribe

My Dad received a spam email purporting to be from his email provider (BT Yahoo, fwiw) asking him to verify his account. In a moment of utter stupidity, I fell for the scam and entered his email password into a bogus website (I know, I know: STUPID). I was using his iPad at the time, and a ransomware website opened in safari, however the browser didn't lock, and I was able to close it straight away. I immediately logged into his email account and successfully changed his password to something completely different. Google tells me that there is currently no ransomware which can successfully hijack Apple devices, which my experience seems to bear out. I am a bit worried about the risk that I've accidentally compromised his email, though. Is there anything else I should do beyond what I've already done, ie changing the password? Should I contact BT Yahoo about it?
posted by meronym to Computers & Internet (5 answers total)
 
I think you're relatively safe here. One other thing to check for is to make sure that there were no forwarding rules added to the account: how to add forwarding rules. These could be used by a cybercriminal to still receive messages (like password reset mails, or anything else really) even after you change the password.
posted by kaytwo at 11:46 AM on July 21, 2013 [1 favorite]


I think you are likely ok as well, but I would make him change his other passwords as well, especially if he reuses them across sites.
posted by procrastination at 11:51 AM on July 21, 2013


Set up 2-factor identification on his Gmail if you haven't already.
posted by amaire at 3:07 PM on July 21, 2013


When this happened to my Dad, the bad guys had also changed his alternate emergency access account (where the password goes when we forget it) to their own email.
We called yahoo immediately. They were very helpful and resolved his issue with the email quickly.
posted by NorthernAutumn at 11:20 PM on July 21, 2013


Is the password re-used on any other sites? If so, then I would recommend changing them too.

I wouldn't be surprised that, after the bad guys collect an email address and password, they then test out this combination on a number of other sites. PayPal being an obvious first target.
posted by mr_silver at 3:35 AM on July 22, 2013


« Older Fostering Pets in an Apartment   |   where can I buy a standing desk in the UK? Newer »
This thread is closed to new comments.