Forum Thread

Hacker changed gmail recovery email

1,234 231 July 8, 2019 at 09:57 AM
So somehow a hacker got into one of my side gmail accounts I don't actually use (and has a pretty simple password but changed the recovery email and not the password). I'm not even sure how this account was lost to begin with, it's not one I actively use and the person would need to have known my original recovery email to log in to begin with. The gmail account itself is also forwarding to another email account have which is how I even found out.

Now gmail's locking me out because it's saying I don't know the recovery email. The hacker look like he changed it to ***@yo*****.com. Looking like he kept the same recovery email beginning and just changed the domain, are there any guesses as to what email domain starts with "yo"?

20 Comments

1 2

Sign up for a Slickdeals account to remove this ad.

This comment has been rated as unhelpful by Slickdeals users
Joined Jan 2006
L10: Grand Master
15,139 Posts
1,556 Reputation
#2
email address doesn't have to be a public provider, it can be their own domain. I'd say that would add another level of obfuscation if they've done it right. Sorry.
Reply Helpful Comment? 0 0
Steely blue eyes with no love in them scan the world
And a humourless smile with no warmth within greets the world
This comment has been rated as unhelpful by Slickdeals users
Joined Feb 2006
L6: Expert
1,234 Posts
231 Reputation
Original Poster
#3
Yea, was hoping that there might be some random free email provider that starts with "yo"....I still have no idea how this happened, I haven't even logged into this account for months and only knew cause of the auto forward I set up. Gmail's security is also annoyingly locking myself out, stupidly other accounts I haven'tlogged into for months somehow can log in without this verification of recovery email
Reply Helpful Comment? 0 0
This comment has been rated as unhelpful by Slickdeals users
Joined May 2005
Super Moderator
49,171 Posts
14,800 Reputation
Pro Global Mod
#4
That sucks, OP, I'm sorry Frown

FWIW, I came up with these

yogotemail.com
yopolis.com
youareadork.com
youpy.com
your-house.com
yourinbox.com
yourlover.net
yourname.ddns.org
yourname.freeservers.com
yournightmare.com
yours.com
yourssincerely.com
yoursubdomain.findhere.com
yoursubdomain.zzn.com
yourteacher.net
yourwap.com
youvegotmail.net
Reply Helpful Comment? 0 0
Anthony, Annie Charlie GabbieHelix Ian
Bea and Zeus live at the Rainbow Bridge
http://rainbowsbridge.com
heart Dude & Howard heart
Be the change you wish to see in the world
Help injured wildlife!
http://www.arkofva.org/
Please Adopt! Small Animals in Shelters Need YOU!!
Vet & rescue locator link below

https://shop.smallpetselect.com/a...-locator-2
http://www.rescueme.org/
http://bestfriends.org/resources
This comment has been rated as unhelpful by Slickdeals users
Joined Feb 2006
L6: Expert
1,234 Posts
231 Reputation
Original Poster
#5
Quote from finzz2dlft
:
That sucks, OP, I'm sorry Frown

FWIW, I came up with these

yogotemail.com
yopolis.com
youareadork.com
youpy.com
your-house.com
yourinbox.com
yourlover.net
yourname.ddns.org
yourname.freeservers.com
yournightmare.com
yours.com
yourssincerely.com
yoursubdomain.findhere.com
yoursubdomain.zzn.com
yourteacher.net
yourwap.com
youvegotmail.net
Thanks and repped Smilie tried the first 3 with no success before gmail locked out guess will go through and try the rest. I use this email as part of a company I was starting up a few years ago and managed to switch out the PayPal password that was tied to it at least. My concern is not so much on this email but rather if I somehow dropped my encrypted password file somewhere and it somehow got decrypted so I went and changed a bunch of other passwords as a precaution.

Gmail's "security" is really terrible though, it sends the "your account was just logged in" to your own email instead of your recovery email, then it allows the hacker to change the recovery email. Other people can hopefully learn from this lesson I took.
Reply Helpful Comment? 0 0
Last edited by Shadow Rider July 9, 2019 at 09:32 AM.
This comment has been rated as unhelpful by Slickdeals users
Joined May 2005
Super Moderator
49,171 Posts
14,800 Reputation
Pro Global Mod
#6
Quote from Shadow Rider
:
Thanks and repped Smilie tried the first 3 with no success before gmail locked out guess will go through and try the rest. I use this email as part of a company I was starting up a few years ago and managed to switch out the PayPal password that was tied to it at least. My concern is not so much on this email but rather if I somehow dropped my encrypted password file somewhere and it somehow got decrypted so I went and changed a bunch of other passwords as a precaution.

Gmail's "security" is really terrible though, it sends the "your account was just logged in" to your own email instead of your recovery email, then it allows the hacker to change the recovery email. Other people can hopefully learn from this lesson I took.
I hear ya hug I am so sorry you are dealing with this. I hope you get an answer soon! Keep us posted.
Reply Helpful Comment? 0 0
This comment has been rated as unhelpful by Slickdeals users
Joined Feb 2006
L6: Expert
1,234 Posts
231 Reputation
Original Poster
#7
Quote from finzz2dlft
:
I hear ya hug I am so sorry you are dealing with this. I hope you get an answer soon! Keep us posted.
Hacked it back. This retard n00b was using @yopmail.com. Smart enough to change the domain, too stupid to change the front. As long as I knew the front of the email I was able to get it back with some luck and googling.

Changed out the recovery email and password......I STILL don't know how this happened, there was no link between this email and my recovery email that I know of. Hoping this doesn't happen again and at least my password changes on the others made sense.

I don't understand how he was able to do it the first time. I couldn't log back in even knowing the password because gmail kept kicking me out. But somehow this person was able to log in on an iphone....I just don't understand. Anyone have thoughts please feel free to let post.
Reply Helpful Comment? 0 0
Last edited by Shadow Rider July 14, 2019 at 09:52 PM.
This comment has been rated as unhelpful by Slickdeals users
Joined Nov 2010
Bankruptcy,1 SD at a time
1,232 Posts
3,643 Reputation
#8
Quote from Shadow Rider
:
Hacked it back. This retard n00b was using @yopmail.com. Smart enough to change the domain, too stupid to change the front. As long as I knew the front of the email I was able to get it back with some luck and googling.

Changed out the recovery email and password......I STILL don't know how this happened, there was no link between this email and my recovery email that I know of. Hoping this doesn't happen again and at least my password changes on the others made sense.

I don't understand how he was able to do it the first time. I couldn't log back in even knowing the password because gmail kept kicking me out. But somehow this person was able to log in on an iphone....I just don't understand. Anyone have thoughts please feel free to let post.
Glad you got it back. Out of curiosity, any weird things in "sent" mail?
Reply Helpful Comment? 0 0

Sign up for a Slickdeals account to remove this ad.

This comment has been rated as unhelpful by Slickdeals users
Joined Feb 2006
L6: Expert
1,234 Posts
231 Reputation
Original Poster
#9
Quote from Marcina
:
Glad you got it back. Out of curiosity, any weird things in "sent" mail?
I haven't used this in so long I can't remember, but it looks like he did delete stuff from my send box. There's only 1 message left in sent mail but it's something I sent. Nothing suspicious in "all mail" or "trash". He may have gone through to people's emails to try to download password files or whatever left in there, or send messages then deleted them. This wasn't an account I used, and I'm usually careful about leaving passwords around so I'm pretty comfortable nothing was stolen here...wanted to go back and leave this prick a message in his recovery box but deleted it It's better he stays equally retarded in the future so other people can get their accounts back.

But it still really puzzles me how this happened to begin with and how he guessed my original recovery email. He couldn't have signed into an iphone I have (I couldn't even sign in through my iphone after he changed the recovery email)

Edit:

Checked the sign on locations. This person signed on with an iphone 8 in a city where I signed in before, then immediately went to change the recovery email.....but my own iPhone 8 is with me that night during the hack, and I don't have a second iphone 8. No one else in my family has an iPhone 8. Any thoughts from people? Can you spoof someone's iphone 8?

Google honestly needs to get their act together on security. Their psedo security made stuff worse not better.

Edit 2:
I did click a link from godaddy....but this link look like it is a godaddy link (I realized later this account was linked to a godaddy account) and didn't request me to enter my gmail password....really strange. Even with a password how this person managed to sign on....unless it was through one of those VPN chrome plugins I have installed....which still doesn't explain how the person signed in from what Google says is my iphone 8
Reply Helpful Comment? 0 0
Last edited by Shadow Rider July 15, 2019 at 02:16 PM.
This comment has been rated as unhelpful by Slickdeals users
Joined Jun 2005
L6: Expert
1,173 Posts
447 Reputation
#10
Quote from Shadow Rider
:
Google honestly needs to get their act together on security. Their psedo security made stuff worse not better.
How do you know he didn't have your password. If you used that password anywhere with the same email it was probably hacked. Also Google allows for 2 factor, doesn't get much more secure than that.
Reply Helpful Comment? 0 0
This comment has been rated as unhelpful by Slickdeals users
Joined Feb 2006
L6: Expert
1,234 Posts
231 Reputation
Original Poster
#11
Quote from NYExcuse
:
How do you know he didn't have your password. If you used that password anywhere with the same email it was probably hacked. Also Google allows for 2 factor, doesn't get much more secure than that.
He did have my password. It was a simple password I've used as a kid since literally the beginning of the dial up internet age when it was pretty crazy to see someone with a personal computer at home. What I don't know is how he could've had an iphone that I had in my hand at the time of his sign on.

That's my point, what happens if you lose your phone? What if a person's phone was a prepaid number and you use two factor authentication? A lot of the seemingly "secure" features are more prone to locking yourself out on user error. When the people designing this is paid $300K a year, they end up being designed without consideration for people in lower income levels.
Reply Helpful Comment? 0 0
Last edited by Shadow Rider July 15, 2019 at 08:23 PM.
This comment has been rated as unhelpful by Slickdeals users
Joined Jun 2005
L6: Expert
1,173 Posts
447 Reputation
#12
Quote from Shadow Rider
:
He did have my password. It was a simple password I've used as a kid since literally the beginning of the dial up internet age when it was pretty crazy to see someone with a personal computer at home. What I don't know is how he could've had an iphone that I had in my hand at the time of his sign on.

That's my point, what happens if you lose your phone? What if a person's phone was a prepaid number and you use two factor authentication? A lot of the seemingly "secure" features are more prone to locking yourself out on user error. When the people designing this is paid $300K a year, they end up being designed without consideration for people in lower income levels.
Where do you see that it was your iPhone? The only details I see are that sign ins are from mobile or a browser. When I get a security alert it will show the phone model but that's it. How do you know it was your specific phone?

LOL, trying to make this about income levels. You don't have to use two factor, and if you choose not to then you'll need to deal with getting hacked. If you lose your phone you can just get another one, it will still have the same number. Or use a house phone for 2 factor.
Reply Helpful Comment? 0 0
This comment has been rated as unhelpful by Slickdeals users
Joined Feb 2007
L10: Grand Master
7,146 Posts
#13
I used a hotel computer once. Opened Chrome and someone else had logged in and left the remember me box checked. I was nice enough to log them out and un-check it for my session. And to log off and reopen to make sure
Reply Helpful Comment? 0 0
for those that hate spelling mistakes www.walmarts.comCool

bulb save money by checking your insurance every 2 years (and not every 20) Thanks Liberty Mutual for reminding me to shop. The $842 increase this year sums it up. Across the board increase for Ohio....whatever
This comment has been rated as unhelpful by Slickdeals users
Joined Dec 2004
Boston Strong moderator
12,179 Posts
3,598 Reputation
Global Mod
#14
Quote from Shadow Rider
:
He did have my password. It was a simple password I've used as a kid since literally the beginning of the dial up internet age when it was pretty crazy to see someone with a personal computer at home. What I don't know is how he could've had an iphone that I had in my hand at the time of his sign on.

That's my point, what happens if you lose your phone? What if a person's phone was a prepaid number and you use two factor authentication? A lot of the seemingly "secure" features are more prone to locking yourself out on user error. When the people designing this is paid $300K a year, they end up being designed without consideration for people in lower income levels.
fwiw they do allow you to generate backup codes that don't require the use of a phone when you set up the 2FA (and any time after that)
https://support.google.com/accoun...0457?hl=en
Reply Helpful Comment? 0 0
If you spot a repost, please click on the ModAlert button and include the link to the repost. Please do not bump the thread by saying it is a repost. shake head

Deal Alert Search String FAQ | other FAQ | Supported BB code | SD Email settings | Looking for a mod? | VQ's Unofficial Insiders Guide to SD

This comment has been rated as unhelpful by Slickdeals users
Joined Feb 2006
L6: Expert
1,234 Posts
231 Reputation
Original Poster
#15
Quote from NYExcuse
:
Where do you see that it was your iPhone? The only details I see are that sign ins are from mobile or a browser. When I get a security alert it will show the phone model but that's it. How do you know it was your specific phone?

LOL, trying to make this about income levels. You don't have to use two factor, and if you choose not to then you'll need to deal with getting hacked. If you lose your phone you can just get another one, it will still have the same number. Or use a house phone for 2 factor.
Didn't lose my phone. You can check security log in.
Reply Helpful Comment? 0 0
Page 1 of 2
1 2
Join the Conversation
Add a Comment
 
Link Copied to Clipboard