My email was compromised, how can I enhance security?

Discussion in 'other security issues & news' started by peto46, Feb 6, 2012.

Thread Status:
Not open for further replies.
  1. peto46

    peto46 Registered Member

    Joined:
    Feb 6, 2012
    Posts:
    3
    Hello, I'm new here. ;-)

    I've been working part-time for one company, and they gave me an email box. It can be accessed with two protocols only, pop3s and https (webmail). I had strong password, and accessed the email using firefox (password stored in LastPass), then with pop3 on my iPhone and I also regularly downloaded my emails with pop3 using portable Thunderbird on my Truecrypted volume (on Windows XP). On Thunderbird and iPhone, the password was permanently stored there.

    The email has an useful feature, that once per day, they send (to that same email box) an email with a list of all IP's who accessed it. Then suddenly, one nice day, there was one successful pop3s access from an IP address I didn't know, it was some unknown-to-me ltd company residing in my country (central Europe) - when I visited their website, they claimed to provide ISP services.

    I wanted to ask you guys if you have some ideas where the point of vulnerability could be in my setup, and what can I do to improve it further. Anyway, it was also a reminder for me to be even more privacy conscious - one really doesn't know who has access to our emails and other stuff. (One more thing - I completely trust the company who gave me the email address - it couldn't be them).

    Regards,
    peto46
     
  2. sdmod

    sdmod Shadow Defender Expert

    Joined:
    Oct 28, 2010
    Posts:
    780
    First thing to do is check your pc for trojans and keyloggers, then if you can access it change your password to another long password, they may just have got lucky.
    or, go to the company, tell them what has happened and ask for a new email account.
     
  3. EncryptedBytes

    EncryptedBytes Registered Member

    Joined:
    Feb 20, 2011
    Posts:
    449
    Location:
    N/A
    I would check the company's TOS (Terms of Service) that provided you with that email. The 3rd party company may have an agreement to access accounts, or may have some connection to the parent company. I would also report the incident to your parent company’s security department if this is a breach they should be notified.

    Next I would change my password. If you access your email in public places make sure you are going through a VPN, or use their webmail service over https://. That will help specifically with protecting you over an untrusted network.

    Do as the user above suggested and also run a scan of your computer for possible baddies. Though there is a good chance this wasn’t anything on your end but your company.
     
  4. HAN

    HAN Registered Member

    Joined:
    Feb 24, 2005
    Posts:
    2,080
    Location:
    USA
    The https (which is encrypted) connection is safer than POP (which is not encrypted.) Given a choice, I'd choose encrypted. And as noted, I'd change the password!
     
  5. peto46

    peto46 Registered Member

    Joined:
    Feb 6, 2012
    Posts:
    3
    @HAN: I use pop3s, which is an encrypted POP3.
     
  6. HAN

    HAN Registered Member

    Joined:
    Feb 24, 2005
    Posts:
    2,080
    Location:
    USA
    Sorry, missed that. :(

    I don't think LastPass would be the issue (although I'd probably change it's master password.)

    As already mentioned, if your computer(s) and phone are clean, my next thought is work. I'd talk to them and see what they recommend.
     
  7. BrandiCandi

    BrandiCandi Guest

    There are so many ways to get your credentials stolen it's hard to pin it down.

    Do you do anything to secure your browsing sessions on the phone & the computer? the phone isn't jailbroken, is it?

    Does the Iphone connect to public wifis? If so I would be very wary of what you do there (don't connect to your email from those points).
     
  8. Searching_ _ _

    Searching_ _ _ Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    1,988
    Location:
    iAnywhere
    So there are 3 areas for gaining access to the emails, Company, PC, IPhone.
    If it is occurring at the Company how would he be able to determine where the access is coming from?
    How can he determine between his company and his devices?
    If the access is the result of compromise on one of his devices, how can he determine which ones?
    If it is on his end would 2 email accounts help to isolate from where?
     
  9. BrandiCandi

    BrandiCandi Guest

    Three places, agreed. IMO two emails would just be twice the opportunity to get cracked.

    If it's coming from your company then there's nothing you can do about it unless you're the company system administrator. (We can bludgeon that moron later if that's where you got cracked...)

    All you can do is secure your own devices.

    As far as the Iphone goes I see these solutions:
    1. don't jailbreak it (i.e. don't run it as root)
    2. beware of public wifi & what you access on it.
    3. secure your browser (see below)
    4. only install apps from apple
    5. if you can be permanently logged in anywhere, I would disable that.
    6. update the phone & apps often

    As far as your pc at home goes:
    1. use a firewall
    2. run an AV
    3. secure your browser (see below)
    4. update your OS often/automatically
    5. update your software often/automatically
    6. keep backups so you can reinstall if everything gets hosed
    7. don't use the admin account except when necessary
    8. use strong & unique passwords for each account
    9. if you've got wifi then secure it! WPA2, disable upnp
    10. if you choose to run another service (like a web server, VPN, etc.) know how to use it & secure it properly.

    On both the PC & the phone you should secure your browser
    1. delete history, cookies & temp files on exit
    2. never remember passwords
    3. open a new browser for each new session
    4. run some kind of script blocker & only allow scripts on trusted sites (although honestly I have no idea if this part is possible on an Iphone)
    5. surf smart. i.e. don't download random stuff & don't click links & type in your credentials in any old place.

    Are you doing all of that? I bet there's something on that list you weren't doing --> voila! your security hole.
     
    Last edited by a moderator: Feb 8, 2012
  10. BrandiCandi

    BrandiCandi Guest

    Oh yeah... don't forget about flash drives. You can run a tight ship but if the neighbor kid comes over & plugs in an infected pen drive, all will be lost.
     
Loading...
Thread Status:
Not open for further replies.