Happy New Decade – into 2010-2020

Happy New Year! I am amazed that I still get emails and posts and that gmail accounts are still being hacked into. We are in curious times. So much possibility and access – yet there are still threats lurking on the web. Safety IS an issue. I have been naive and am now becoming more educated. May the next decade bring us a higher level of conscious awareness and we continue to apply emerging technologies for a better world.

Very grateful for GOOGLE. Steve Vinter, director of Google Boston, has done 2 events for my students – the last being “The Future of Collaboration”. Planning another for the spring semester @ Microsoft New England Research Center. Very exciting decade coming up.

Find a friend at Google

find a friend at Google

GOOD ADVICE from a recent hijackee

Submitted on June 18, 2009

My account has been hijacked and this is my advice: If you use gmail, find some way to make friends with someone who works at Google. I know that sounds insane but it is the only way I was able to get my account immediately disabled; my boyfriend went to uni with a guy who works for Google, so I begged him for help and he was immediately able to email someone and have my account disabled. Of course I am still waiting to hear from the appropriate department in order to get my account reinstated, but in the meantime, at least I know the hacker isn’t doing any more damage.

Go on Facebook and see if you know ANYONE who works for Google, or if any of them look like they might make interesting chat buddies. They have an “in” we mere mortals do not.

Kate Stiteler

Yes, there are folks trying to hack into your account…

I recently received a post that stated that folks are not out there trying to hack into gmail account. Thought it might be helpful to point out the tutorial on the web that gives instructions – what to do to hack in – and it would be informational on how to avoid this. Appeared last year at the Black Hat Security Conference then picked up by the media.

You can read about this at
http://www.tgdaily.com/content/view/33207/108/

video teaching someone how to hack into gmail is at
http://www.tgdaily.com/content/view/34324/108/

Tips from a recent hijackee…

Thanks Joseph!

Joseph Says:
May 21, 2008 at 8:14 pm

Hi everybody. Unfortunately as you probably already know, google customer service is virtually nonexistent. Everything is done through forms. I used the following form to have them ultimately reset my password:

 http://www.google.com/support/accounts/bin/request.py?hl=en&contact_type=ara&ctx=accounts&uses_apps
=no&product=other&submit=Continue

i was forced to use the form because i had no secondary email on file for them to send the password too.

it took about 6 hours for them to reset my password. Once i changed the password and logged into gmail again I accessed the Settings Tab and clicked on filters. Here i had to make sure no filters were in place that i had not set up myself. There were none in my case, but i spoke to others who had this problem. Next i checked the forwarding tab. here is where i saw the hackers footprint. He had set my account to forward all my email to a new email “joemidollo@gmail.com” and subsequently delete those new emails from my account “joemidolo@gmail.com” Once this was disabled I found no other issues.

I went through my trash and found that he had tried to access my paypal account, but that they had sent him a message locking him out.

Other then that, stay on the lookout and change all your passwords.

Good Luck!

still receiving emails – hijacking continues…

Though I have my account back with increased security – I continue to receive emails from folks with the same story as mine. I continue to wonder why GOOGLE is so unresponsive. Again I post the questions – why is GOOGLE so unresponsive to GMAIL clients? Could someone from GOOGLE – GMAIL – or with more knowledge please address this…

Useful links to Gmail for Reporting compromised accounts

If you believe that your account may have been compromised, please
visit:
I believe someone has broken in to my account.
https://services.google.com/inquiry/gmail_security1

report a Gmail user who has sent messages that violate the Gmail
Program Policies and/or Terms of Use.
https://services.google.com/inquiry/gmail_security2

report a Gmail user who is attempting to sell an established account.
https://services.google.com/inquiry/gmail_security3

To report all other security and/or abuse-related issues, please
visit:
report an incident involving a Gmail user.
https://services.google.com/inquiry/gmail_security4

Beyond Fear – Security Expert Barry Schneier

Barry Schneier was the final keynote speaker. Brilliant and down to earth. When I told him about what happened with gmail he said “you’re screwed”. Turns out these vulnerabilities are common knowledge – as well as gmail’s lack of responsiveness.

Barry’s BLOG and his latest book – Beyond Fear.

Not to be missed – instructions re: gmail use

Please read entry in Secure My Wireless Blog: Safest Way to Connect To Gmail in Public

Agency chaos…

It’s been a fascinating experience trying to report this Identity Theft. My account, hijacked at Logan airport, is only one of “thousands of calls” that the different agencies receive each week.

I spoke with the local police – they don’t even take the report since there are issues of jurisdiction.

I tried to report to the state police – suggested by the Boston police. After being grilled as to how this could possibly happen at Logan airport, Trooper D’Ambrose informs me they will need to take a look at my computer. No problem, I agree to bring it in for them to take a look into my cache and history. When I call to arrange a mutually agreeable time, Trooper Noonan, the tech guy, informs me that I am to leave my laptop for some undetermined length of time.

me: I’m a professor and need my computer to teach my classes, I can bring it in and wait for it, I’m happy to wait several hours if that’s what you need.

Trooper Noonan: We need your computer for evidence. If you are reporting this, we will keep your computer.

me: for how long?

Trooper Noonan: undetermined

me: well how long will this take, I need my computer to teach my classes

Trooper Noonan: could take as long as a year – if you want to report this then you MUST bring in your computer for evidence.

Needless to say, forget that. So I call Martha Coakley’s office – Attorney General of MA who has a new initiative against cybercrime. Telling my story, yet again, I’m informed that it’s been reported, could take as long as several weeks and then MAYBE, if the supervisor deems it appropriate, someone will get back to me. Don’t expect a response for several weeks though.

In the meantime, someone continues to hack into accounts “phishing” and sending emails – especially through gmail’s vulnerabilities.

Chaos reigns…

What I did to get my gmail account back…

What I did:
1. after I freaked out and felt helpless – I looked at all of my options
2. I then posted to the gmail discussion board
3. I contacted the police in Seattle and put in a report
4. contacted the FBI in Seattle, DC and Boston
5. left voice mail messages for 6-10 GOOGLE execs
  650-930-3500 or 650-253-0000 I followed the prompts for dial by name/ noone ever seems to pick up the phone except the receptionist and she wouldn’t let me speak to anyone directly no matter how I expressed the urgency my situation (see #8 below)
6. I responded to 110+ phone calls, messages and a couple dozen emails
to alternative emails
7. I filled out forms at Internet Crime Complaint Center, FTC, (this is complaint form for Identity Theft) and a few others
8. I called GOOGLE first thing Monday morning – the receptionist refused to
let me talk to anyone directly
9. I filled out all of the forms requested by GOOGLE and GMAIL – all
listed in this post by others
10. I responded immediately to gmail’s response in great details
11. I contact the IT dept at the college I teach at – many students
received the BOGUS email
12. I contacted many people who actually went to the website and gave
credit card info – they canceled credit cards etc.
13. I have tried to get a contact for the website (so far unsuccessful with
this)
14. I contacted the Atty General’s office first thing this morning – see additional post for this.

Though I have my account back – the website continues to stay up and active and it seems noone can do anything despite many many calls and forms.

Hope this helps – feel free to email me @
my.account.hijacked@gmail.com

Catherine