Sunday, July 21, 2013

being cracked on gmail

it's not pretty. I experienced this today, and the frustration is exactly the same as I discovered my car has been broken into, several years ago. 

It was a matter of minutes. Actually, when I received the SMS [we "prevented" a suspicious login], I actually had a browser tab opened to the emails ! When I refreshed, ups ! enter your password ! I think it only took 4 minutes to regain total control of the account, however: imagine my embarrassment when a friend SMSed me: hey you have a virus, you've mailed the entire gmail list of emails !

Whaaaaat ? no mail in the send folder, instead I started to receive tons of OOF and several "Mail Delivery Subsystem" informing that those addresses no longer exist. Doh .... the damage was done, the bot that cracked my account scanned the entire list and send a crap mail with a link to a phishing site, probably. I hope you've not opened it !

No other damage done and information loss on my side. Except for my reputation :)

So, more 30 minutes of frustration later [and some curses, we Romanians excel at that, English is really poor ... ] I thought I had to drop keeping contacts with Google and syncing with Android, pretty much the only commodity really useful on the smartphone for me.

Then I remember I have to check the Google's two factor authentication. This is not a new concept for me. We used it in at least two projects, I use it all the time working online with the bank, I'm rather familiar with it. But, I would have never thought I might need to get into it for private mails ! C'mon ! Two factor authentication is way too geeky ! I use gmail to register on sites and to exchange mails occasionally !

So here you have it, even if you think it doesn't matter, being cracked can be embarrassing, so get on the two-factor authentication. Times are truly changing.

No comments: