(OT) Google: "Somebody knows your password"
Joel Rees
joel.rees at gmail.com
Fri Aug 4 06:05:16 UTC 2017
2017/08/04 14:57 "Xen" <list at xenhideout.nl>:
>
> Volker Wysk schreef op 04-08-2017 7:46:
>
>
>> The links are https://accounts.google.com/... and (enclosed) https://
>> myaccount.google.com/... . I assume that they can't fake a google.com
domain
>> name, right?
>
>
> If you can be sure you didn't actually visit something else, that is
correct.
DNS poisoning.
Or, if you are not using plaintext, the displayed URL can be different from
the actual link.
>> What's more, I've changed the password in my smartphone and my fetchmail
>> configuration, and it works fine with the new password. When the old one
was
>> still in place, I've got error messages for both.
>
>
> If you changed through someone else's service it might still have used
Google to effectuate the change but could have been a simulation around it,
in that case you indeed did change your password but then the hacker would
also know the new one and would keep it for reference.
>
man-in-the-middle
Never visit the link in that mail again, just in case.
Use a different device, preferably on a network you trust, go directly to
Google by typing the address in the browser URL field. Change your
passwords again, to something completely different.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20170804/9c079454/attachment.html>
More information about the ubuntu-users
mailing list