?
Solved

How to find the culprit who reads my yahoo mail and hotmail?

Posted on 2003-02-25
11
Medium Priority
?
844 Views
Last Modified: 2010-04-11
One  person is cracking my yahoo mail and hotmail regularly, eventhough I assign lengthy password.   I know who the culprit is. But technically I don't have any proof so that I can proof he is the culprit.

Is it possible to find the MAC address, IP address of PC, where my yahoomail/ hotmail previously opened, with login time?

chellam.
0
Comment
Question by:chellam_ma
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
  • 2
  • +3
11 Comments
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 8017097
If you can show $5K in damages (including the value of the time you spent), then you can call in the FBI and have them do the tracking down for you...
0
 
LVL 3

Expert Comment

by:nouellette
ID: 8017702
No it's not possible to track who is opening your mail because Hotmail is a Microsoft system and Yahoo is obviously owned by Yahoo, the logs are kept by their servers.  You should could call Microsoft or Yahoo immediately but I doubt they will do anything more than tell you to be more careful about your passwords.

So my advice is to make sure you don't have any trojans or spyware or malware on your machine.  No one is 'cracking' your passwords, they are simply either watching you type them in or they have a trojan/keylogger installed on your machine and are obtaining them that way.  There really is no other way other than that.  After you lock down your machine simply ignore that person and hopefully your situation will go away.  

By the way most computer crimes are investigated by the Secret Service, not the FBI.
0
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 8017825
> No one is 'cracking' your passwords, they are simply either
> watching you type them in or they have a trojan/keylogger
> installed on your machine and are obtaining them that way

Or sniffing them off the network if you're not using the 'secure' option on Yahoo.

> By the way most computer crimes are investigated by
> the Secret Service, not the FBI.

I'm pretty sure the Secet Service only gets involved if there are banking/finance/credit-card issues involved. At least that's what it says on their web-site.

But either way, I'm sure the Secret Service or FBI can point you to the right place if you contact them.
0
Bringing Advanced Authentication to the SMB Market

WatchGuard announces the acquisition of advanced authentication provider, Datablink, with one mission – to bring secure authentication to SMB, mid-market, and distributed enterprises with a cloud-based solution, ideal for resale via their established channel & MSSP community.

 
LVL 1

Accepted Solution

by:
nisheed earned 150 total points
ID: 8018181
Before I go into any details I would like to support what nouellette and chris_calabrese have already pointed out.

Look out for Keyloggers, torjan horses, etc.

If you have the time I would recommend that you either rebuild your entire machine or spend the time to check and get rid off any malicious code on your machine. Log on to the provider using the secure option.

Another point to note that long passwords are not strong passwords e.g. passwordismypassword is a very long password, but using a password cracker this would take all of 10 min to discover, but pwh08grf569 would be more difficult to discover.

NB! I agree with the previous responses that in your situation the intruder is probably using an alternative method to obtain your password.  

It could be simply the intruder knows were you write down your passwords or as complicated as a network sniffer.

You have a few options if you would like to do some investigation of your own.

The first option is to speak to the technical support at the service provider explaining your situation.
They make be able to assist you or point you in the right direction. Explain that you have changed your password but this still persists. They may put an IP logger on for you – I don’t really know the best is to speak to them.

Option 2 if all else fails:
This would involve crafting an e-mail message that would entice the intruder to click on a link that would direct him to a web site you created to log IP addresses of users visiting your site. You can than log the time, HTTP REFERRER, URL and the IP Address. Remember to put a notice on the WebPages stating that the users IP address is being logged for security reasons – this would be a sort of disclaimer.

You may want to keep a few things in mind:
1). The intruder has probably tried to hide or spoof his IP Address. (In this case this technique would be a waste of effort.)
2). If the user is logging on from behind a firewall you'll get the external firewall address.
3). If the user were using an ISP high speed the ISP would have a log of which IP is issued to whom. If dial-up, logs are kept of who leased the address and the duration, I’m not sure the ISP would be too happy to provide this information and you may need to get the correct authorities involved.

Remember this is not a foolproof method but would be the easiest and requires the least amount of technical ability


0
 

Author Comment

by:chellam_ma
ID: 8018492
thanks mr.nisheed. i will try your instructions.
0
 
LVL 24

Expert Comment

by:SunBow
ID: 8018541
I agree with above comments. I disagree with asker. On this:

> But technically I don't have any proof so that I can proof he is the culprit.

Since you think you know who he is, there is a reason. So follow that. Use language that is interesting, tell stories, but ONLY in mail for those accounts. When the culprit expresses knowledge of the mail content, he's effectively admitteding to be culprit. Don't pull out of closet yet.

Get two or more friends you can trust into scheme. Include them in confidence of your special eMail content. When culprit can repeat the story in front of these friends with no help, then he is exposed as the snooping peeper, and brought out of closet to full shame of community, and your close-nit group can repeat the story and get him ostrasized as deserved.

Note: Many such exploits are mere kids (whatever age) who think they are showing off something like intelligence, when in reality, what they are showing off is their own bad behavior.

Think of it this way. You invite a few neighbors over for, dinner or movie or something. Or rather, put shoe on other foot, you are the one invited. So picture this, you are at other persons house, and everybody is all happy and in one room. You excuse yourself to go to bathroom. While in bathroom, you first open medicine chest to get copies of all prescriptions you can find. You look for other information on purchasing habits. This may be about information gathering and increasing your knowledge, but it has nothing at all to to with demonstrating your intelligence.

Now on your way back to the group you pay a visit to the host's bedroom. You check under pillow to see if gun is there or not. You open every door and drawer. You look under each pile of clothing to see what was tucked there, and locate every item that was squirreled away.

Now, return to the group. Try to brag to the group about everything you learned about the host. What do you think reaction will be? Maybe one person may be impressed like you about this information regarding host. But I submit that not only the host, but the majority will view such actions of snooping as being very improper, bad manners, bad behavior, and possibly they will demean your level of intelligence, which is directly opposite to what you were trying to demonstrate.

I submit that such snooping on internet is similar and should be treated same as snooping in other people's houses. Then main difference is in availability. While most people won't invite you into house 24 hours a day, the internet is really a place that can be viewed as nearly open 24 hours a day.

I submit that since the odds are that your culprit is not using international spy tricks, but tricks that are only applicable to your community, that the best approach is one that addresses the community where you reside. But still, suppose we extend some international spy tricks. Suppose, while you are in other person's house, you install some form of webcam in persons bathroom, and another in the bedroom. Now, invite everyone except people who live there over for party. Turn on PCs to show what all those webcams in that persons house can view. You did drop off some microphones, right? Now as these members of community watch what those people are doing in their own bathroom and bedroom, just what do you think their reaction will be to your newly demonstated ability? I submit that although there may be one that will laugh and applaud your technique, that the majority will denigrate you, ostracize you, and even insult your level of intelligence.

By "outing" a member of your community as a "snoop", you are giving person a better clue on this, on how the community really feels about this, and whether or not it is an issue about intelligence, about behavior, and about whether any knowledge gained by being culprit is something worth bragging about. Not only that, but you can reinforce community ideals about habits and behavior patterns, and about taboos. In this way you can assertively deter others from emulating the bad practises of this culprit.

When you are not at home, there is little you can do to keep the neighbors from finding a way into your house to peep about. Access on internet is same, little you can do to prevent others from snooping in on any mail you send. In fact, it is very easy for one recipient to forward a memo to everyone else in your community, despite any interest you had to keep ino closely held. At home or on internet, you can make things more secure, add locks, hire agents, etc. But act like you can never be 100% safe, for a determined person can really do about anything. Do what you can do, in in this case I think it is more about reinforcing to your community just what are viewed as good vs bad habits.

And to do this, I suggest obtaining some witnesses to corraborate what you already know. How do you suspect culprit already? Likely, either they already started bragging to others, maybe when drunk, and word got back to you, or, the person has already displayed some knowledge of your eMail content that would not be available through other means. So IMO, send some 'special' emails with content not available elsewhere, get witnesses to culprit snooping sufficiently to get the limited info, and expose this to community.

Now, if your community applauds the snooping I'd be surprised and want to know. But I believe humankind is much more interested in maintaining their own privacy rights than in being concerned about what others have been doing in their own perceived privacy. Despite the 'enquirer' tabloids and the 'open' talk shows that tell-all. In those cases, most viewers have hope that the one being exposed is in_on_it and opened up some of their private life to public consumption, and that stories are more about entertainment than veracity.
0
 
LVL 24

Expert Comment

by:SunBow
ID: 8018557
Ooops, done? That'll teach me to type too much at a time.          :-(
0
 
LVL 24

Expert Comment

by:SunBow
ID: 8018800
Actually I'm happy if you are...
                                                                  - Good Fortune -
0
 
LVL 24

Expert Comment

by:SunBow
ID: 8018813
-and, if you explore forensics, also consider NetIce's BlackIce, and do let us know of results one way or another
0
 

Expert Comment

by:YoManilla
ID: 8547998
Hey Chellam_Ma, I think I know you.  Do you live in California Bay Area?  Up north in a little southhampton, or by there?  Goldenhill i believe?
0
 

Expert Comment

by:YoManilla
ID: 8548474
You people have no idea what you're talking about.  You can crack Yahoo! accounts, its just one big pain.  The servers start rejecting your login attempts, and you've gotta use proxies, and those are a pain to scan for.  Also, you gotta cycle thru diff yahoo servers, lukely there are dozens.  And eventually they will stop that user from being able to login for a while.  Believe me, you can crack yahoo accounts, its just really time consuming and stressfull, sorta, if you're trying to get a certain account in particilular.  And also, nobody is gonna click on your ip-logging website.  For one, a server like that, that you get to check logs on, costs money.  Secondly, nobody is gonna click on http://215.32.245.11 or http://eFfd.kdfus.icom.commcast.net whatever, thats the kind of tricks we use!  we wouldn't fall for the same stuff!  And yeah, yahoo! wont give you the ip of a user, assuming they even know, most people wont even go thru proxies to goto yahoo!  And how is putting an ip logger on you gonna do shiz, they are opening your mail!, not direct connecting you!  if they do d/c you, then goto dos prompt and type in netstat -a or -n or whatever.  dont listen to these people, or go ahead and do so, but they dont know what they're talking about in the first place, they just take classes n' shiz on net security, they dont do it.  besides, i make my own trojans, NO virus scanners will pick them up, period. u can still detect them if u really know what ur doing (and people here dont), but anyways, i dont even like using trojans
0

Featured Post

Want to be a Web Developer? Get Certified Today!

Enroll in the Certified Web Development Professional course package to learn HTML, Javascript, and PHP. Build a solid foundation to work toward your dream job!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There is a lot to be said for protecting yourself and your accounts with 2 factor authentication.  I found to my own chagrin, that there is a big downside as well.
The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any more questions? Just ask.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
Suggested Courses

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question