Has my gmail been hacked?
May 24, 2008 2:29 PM   Subscribe

Has my gmail been hacked?

Twice I have had the same person attempt to add me on gchat. I do not believe that I know this person, but immediately after they try to add me, a window pops up saying that I have been logged out of this account and once I click ok it returns to the gmail login screen. Each time I have been able to immediately log back in and each time I have immediately changed my password just because it seemed so odd and I did it as a precaution. Is this something I need to worry about?
posted by whoaali to Computers & Internet (8 answers total)
If your not sure, make sure you do a fresh scan with you anti-virus software, and and ad/spy-ware scanner you might have installed - you are using protection right?

That aside, if I were feeling paranoid I'd log in from another computer, change my password from there, and reinstall my suspect machine just to be sure. Generally I go with my gut on such things with my own systems and always play on the safe side.
posted by paulfreeman at 3:03 PM on May 24, 2008

Isn't that what's recommended for locally installed software, as opposed to web-based programs?
posted by theredpen at 3:09 PM on May 24, 2008

You are having to click something to say, "go away", right? Have a friend try to add to you their gchat and see if that doesn't log you out as well. It might be a gmail security feature doing what it is supposed to do.
posted by Kid Charlemagne at 3:12 PM on May 24, 2008

Best answer: It does seems odd. If it happened twice in a row I'd be a little wierded out too. Either:
1. It is a strange but harmless error on Google's part.
2. Google's security is compromised. (and the people who compromised it are interested in your email)
3. Your computer has a keystroke logger or your passwords are otherwise intercepted. (Though if they had your passwords why would they be clumsily be trying to add people to your gchat?)

I think you're probably safe. Two seems very unlikely. Three seems unlikely although possible. If you wanted to reassure yourself no one was reading your email you could send yourself something interesting looking and use Email Tracking. There are free services that let you put HTML links in email and then track how many times the link has been followed back to their servers. Make a point of only opening it once, or never, and check to how many hits it got.
posted by pseudonick at 3:15 PM on May 24, 2008 [1 favorite]

(Although for obvious reasons when you set up the tracking service, register it from a different email address, a different computer too ideally)

I wanted to restate that I think this step is probably unnecessary from a security standpoint, but it provided much reassurance to me in a similar situation.
posted by pseudonick at 3:22 PM on May 24, 2008

Best answer: Also be aware that email tracking that works by checking hits on HTML-embedded items doesn't reveal how many times your mail has been opened using clients that specifically avoid doing that, like Thunderbird (or Gmail, come to that). This is what that whole "remote images blocked for your privacy" business is about.

In other words, treat the access count from one of those services as some kind of minimum. You can't use it to prove that nobody is reading your mails.

If you're running Windows, and the Windows user account you generally use is a Computer Administrator type rather than a Limited User, then you may well be looking at the effects of malware here. If your primary web browser is Internet Explorer, increase likelihood x10.
posted by flabdablet at 5:33 PM on May 24, 2008

Response by poster: Thanks for everyone's help. I use firefox and AVG anti-virus free, I've run a scan (and do daily) and only come up with a lot of cookies. I've downloaded spysweeper and hopefully I'll catch whatever might be on my computer. Thanks!
posted by whoaali at 11:12 PM on May 24, 2008

The recently released AVG 8.0 Free includes AVG's antispyware scanner, which works well. Worth upgrading if you're still using 7.5.

You might also care to give SysInternals' RootkitRevealer a spin.
posted by flabdablet at 2:43 AM on May 25, 2008

« Older Why won't Norton Ghost make a recovery point for...   |   removing modPodge'd art Newer »
This thread is closed to new comments.