January 17th, 2003, 06:01 AM
Email Security Problem
About a year ago I discovered someone was tracking my movements by reading my email, so I began installing protective software: OnTrack, Pest Patrol and Zone Alarm Pro. PP caught and deleted one worm. However, the problem persists. I have both MS Outlook Express and Hotmail.
I'm wondering if it's worth upgrading my worm /Trojan horse detection software to catch more sophisticated worms, or if this person is now using some other approach to reading email. Can you hack email by some other means, crack the password? How can I identify who is doing this?
Your expertise will be most appreciated.
January 17th, 2003, 06:10 AM
it is quite possible the user has your username and password information, I would change passwords on all your accounts, and make them a bit tougher to guess.... also be sure that you are logging out of your accounts when done sending/reading email
as far as upgrading your scanning software, a current antivirus should do the trick and yes constantly keep it updated. if the problems continue, I would change accounts and go from there
I\'ll preach my pessimism right out loud to anyone that listens!
I\'m not afraid to be alive.... I\'m afraid to be alone.
January 17th, 2003, 01:24 PM
It is quite possible that someone could be listening in on your conversations at the network level with the use of a sniffer. Are you on a broadband connection, specifically cable modem?
One other thing I would suggest is providing encryption for email you don't want people to read. You could use something like PGP.
A firewall or antivirus will not help you in this situation!!!
January 17th, 2003, 01:36 PM
It would go a long way to helping determine what to do if you could give details of how and what led you to believe that someone is tracking your movements/reading your email
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
January 17th, 2003, 02:06 PM
I completely agree with Tiger Shark.
My last post was obviously a very high level suggestion and was based on a certain level of assumption. More detail would be very helpful, and I am sure we can come up with a solution to your problem.
January 18th, 2003, 12:57 AM
You said PP found a worm?? so there might be more then just a worm.... well if you caused a trojan to Activate there may be a good chance he was once in your system. If so, he might have thrown an "key logger" in your system. Im assuming after the first time he cracked you, that you changed your passcodes. But if the problem keeps going there might be a good chance that there is a key logger on your system. Im not sure how to loacted a key logger on any given system. (I would like to know myself actully) ill hit up google.com and see what i can find, but till then could someone explain how you could find a key logger on your system?
Im Chris Bartholomew - 18 Years old
January 18th, 2003, 02:19 AM
your not making any sense except that you think someone is reading your email.
mail your sending? Mail sent to you? And why do you say this to begin with? you say you caught a worm but that dosn't say anything. what kind of worm...a name would be nice.
but if you want to see who's reading your mail theres only one thing that you need a friend with a web server that willing to store one graphic file and grep his/her logs for you.
compose a letter with a graphic that loads off your friends server. one that is not used for anything else. use a very unique name for the graphic. you could even make it 1 pixel transparant gif. when someone opens the mail and a request is made for the image to load it is recorded in the web log. doing a search for the name of the graphic will reveil the ip address of the computer that requested it. just dont go downloading the message yourself and deleting it from the mail server
heres another idea using the same principle. compose and send a message to yourself. name the message "personal info" and put links in it of url,s for those smart enough not to allow third party bugs to load or are using text only in their client. this way it'll look like you sent it to yourself to retreive at another location.
make it irresistable
of if you think its your spouse or lover:
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
January 18th, 2003, 05:46 AM
Reply to Posts Above
R is an individual dedicated to harassing me on the telephone anytime anywhere, and reads my email to follow my movements. By reading my outgoing message, R learned where I was staying this past Christmas, looked up that number and zinged me there. R knows where I work and zings me there as well.
The current form of these calls is one ring, which does not show up on caller ID but can be traced, at odd hours in the morning, to disturb my sleep. Furthermore, R has developed the capability in the last two years of ringing the phone even when it is physically disconnected from everything. I don't know how this is possible, but it is. It's a different sound, sometimes weak like a flutter, sometimes stong like cell phone ring.
This became a police matter when I took traced calls to my local precinct. However, they were more concerned with recovering stolen squad cars than my complaint, and refused to followup on it. I haven't been able to find a lawyer or any legal entity willing to receive these traces from the Annoyance Call Bureau. By law, they cannot come to me. I have no defense against these calls, since unplugging the phone does not stop them. The only thing that does is when I'm on the Net - I have single line dialup.
I have been around the block with this matter trying to discover what kind of device can do this thing to my phone: from the Annoyance Call Bureau to makers of spy equipment to this board (see previous posts) to the FBI. No one either knows or will tell me. Once you dig below a certain level of the phone network everything gets gray and quiet.
I met R years ago and do not know last name or phone number, so things like Online Detective would be useless. If I can find someone to go to bat for me legally, I might get the phone records opened - it's really tough to do thanks to the 1996 Telecommunications Act. In this country, you can't even use the Freedom of Information Act to find out who is calling you. Imagine that, folks, in the land of the free.
I'm trying to avoid the hassle the encoding my messages. If some sort of bug is buried in my hard drive, and R is reading my keystrokes, even as I type this, what good would encoding my email do? Newbie that I am, I trying to figure out how to send a message to myself that will snoop R. Of course, I can use other means of communicating sensitive info, and I do this. I deliberately used email over Xmas to see if R was still able to read email after removal of worm, which I didn't not take the time to analyze, and yes R was still on the job, carrying on this this ridiculous obsession after so many years.
I'm hoping for a quick fix - download this software and catch R - but will try anything as I can understand how to do it one step at a time.
Thanks all for your input. This is a late nite post; hope it makes some kind of sense.
January 18th, 2003, 06:36 AM
You say he's monitoring you? First off I want to make it clear that I believe you are quite paranoid and should calm down. Now an answer... Format your computer if you think "R" has got bugs on it, then change your e-mail and make the password as long as the maximum allowed, alphanumeric + special characters (£, etc.), then install the latest AV protection, and finally a good firewall... and if "R" is taping your phone calls, then I recommend a personal investigator or a complain to the local police department everyday... it works for me when I need something.