dspjm They stole my gmail account for spam.Why? Isn't Linux and firefox safe? I don't know how did they do that? Through a background virus or through steeling the information in my network? I don't understand how. Any body can tell me why?
lolafuertes 145 I can't tell you wy, but is very simple the how.
For example, you send some one a mail from your account. This people forwards your email address to the spammer without cleanig it, so your email account appears in the body.
The spammer uses your account in the FROM clause of a SMTP message.
No matter if you have Linux or Firefox or both. Anyway, there are antivirus programs for Linux, and I suggest to use them.
I suggest to read about SMPT here.
Hope this helps
Edited by lolafuertes: n/a
dspjm I can't tell you wy, but is very simple the how.
For example, you send some one a mail from your account. This people forwards your email address to the spammer without cleanig it, so your email account appears in the body.
The spammer uses your account in the FROM clause of a SMTP message.
No matter if you have Linux or Firefox or both. Anyway, there are antivirus programs for Linux, and I suggest to use them.
I suggest to read about SMPT here.
Hope this helps
Thanks for your answer, but it seems not the fake sender
Because, I found the email in the sent folder of my Gmail account, so these emails must be sent from my email account.
lolafuertes 145 I would sugest:
First, install an antivirus, antispam, antiads and verify if you have any in your system.
Second, when you are sure your system is clear, change the password to a strong one (ie. 16 digits containing uppr and lower case letters, some digits and a couple of special signs)
Third, you can try (as in some TV series) to searach the source of the logins into your gmail account. And act according.
Hope this helps
rubberman 1,299 There are many ways someone can hijack your gmail account. If they managed to install a keylogger on your system, then they have not only your gmail password, but just about all the others as well. Also, they may have cracked your password if it was the same or similar to that used for some other compromised site, such as happened with The Linux Foundation earlier this year.
1. Do a clean reinstall of the operating system, including a total wipe of the hard drive in case your boot loader has been infected. Note that some new trojans also infect the recovery partition if you have a Windows or dual-boot system, so you really need to wipe the entire disc.
2. Scan ALL of your USB drives - they are a common infection vector.
3. Change ALL of your online passwords, and use new ones for your local system accounts (especially the Administrator/root account).
4. Scan any archived data for viruses and rootkits before you reinstall it on the system.
For Linux systems, you can download the open source AV tool, ClamAV. There are also free Linux versions of commercial products such McAfee.
wpeckham 14 There are many ways someone can hijack your gmail account. If they managed to install a keylogger on your system, then they have not only your gmail password, but just about all the others as well. Also, they may have cracked your password if it was the same or similar to that used for some other compromised site, such as happened with The Linux Foundation earlier this year.
1. Do a clean reinstall of the operating system, including a total wipe of the hard drive in case your boot loader has been infected. Note that some new trojans also infect the recovery partition if you have a Windows or dual-boot system, so you really need to wipe the entire disc.
2. Scan ALL of your USB drives - they are a common infection vector.
3. Change ALL of your online passwords, and use new ones for your local system accounts (especially the Administrator/root account).
4. Scan any archived data for viruses and rootkits before you reinstall it on the system.For Linux systems, you can download the open source AV tool, ClamAV. There are also free Linux versions of commercial products such McAfee.
Perhaps it has not been made plain to you, but the compromise was on the GMAIL server where someone logged in as you (personally or using a configured tool, but in any case using your credentials). It is clear that someone learned your credentials, but it is NOT clear how or where they obtained your information.
What I am saying here is that there is nothing in what you have posted to implicate your PC or Linux any more than any other machine. Could you have been compromised? Yes, that would explain things, but it is not the only way this could happen. You may have been careless (was anyone looking over your shoulder during a gmail logon session?), or they may have successfully cracked Google's authentication database, or any of several other possible.
You could even have a hidden camera aimed at your keyboard, though I think that unlikely.
The lesson here is that it will not help you to secure one possible opening if you leave the REAL window wide open. Secure wherever you reasonably can, and suspect that you may still have missed the real problem. BE aware and careful, but do not let paranoia become your life style.
Your first goal is to have a life and enjoy yourself. Not letting the bad guys access to your resources is an important secondary goal, but should never become your primary.
There are many ways someone can hijack your gmail account. If they managed to install a keylogger on your system, then they have not only your gmail password, but just about all the others as well. Also, they may have cracked your password if it was the same or similar to that used for some other compromised site, such as happened with The Linux Foundation earlier this year.
1. Do a clean reinstall of the operating system, including a total wipe of the hard drive in case your boot loader has been infected. Note that some new trojans also infect the recovery partition if you have a Windows or dual-boot system, so you really need to wipe the entire disc.
2. Scan ALL of your USB drives - they are a common infection vector.
3. Change ALL of your online passwords, and use new ones for your local system accounts (especially the Administrator/root account).
4. Scan any archived data for viruses and rootkits before you reinstall it on the system.For Linux systems, you can download the open source AV tool, ClamAV. There are also free Linux versions of commercial products such McAfee.
Thanks for the share Rubberman. This is really the helping one.
My suggestion to you is, always change your password within 2-3 weeks. It will always effective and don't use same passwords for different accounts. These precautions will save your accounts.
