Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 865
  • Last Modified:

How to find the culprit who reads my yahoo mail and hotmail?

One  person is cracking my yahoo mail and hotmail regularly, eventhough I assign lengthy password.   I know who the culprit is. But technically I don't have any proof so that I can proof he is the culprit.

Is it possible to find the MAC address, IP address of PC, where my yahoomail/ hotmail previously opened, with login time?

  • 4
  • 2
  • 2
  • +3
1 Solution
If you can show $5K in damages (including the value of the time you spent), then you can call in the FBI and have them do the tracking down for you...
No it's not possible to track who is opening your mail because Hotmail is a Microsoft system and Yahoo is obviously owned by Yahoo, the logs are kept by their servers.  You should could call Microsoft or Yahoo immediately but I doubt they will do anything more than tell you to be more careful about your passwords.

So my advice is to make sure you don't have any trojans or spyware or malware on your machine.  No one is 'cracking' your passwords, they are simply either watching you type them in or they have a trojan/keylogger installed on your machine and are obtaining them that way.  There really is no other way other than that.  After you lock down your machine simply ignore that person and hopefully your situation will go away.  

By the way most computer crimes are investigated by the Secret Service, not the FBI.
> No one is 'cracking' your passwords, they are simply either
> watching you type them in or they have a trojan/keylogger
> installed on your machine and are obtaining them that way

Or sniffing them off the network if you're not using the 'secure' option on Yahoo.

> By the way most computer crimes are investigated by
> the Secret Service, not the FBI.

I'm pretty sure the Secet Service only gets involved if there are banking/finance/credit-card issues involved. At least that's what it says on their web-site.

But either way, I'm sure the Secret Service or FBI can point you to the right place if you contact them.
Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

Before I go into any details I would like to support what nouellette and chris_calabrese have already pointed out.

Look out for Keyloggers, torjan horses, etc.

If you have the time I would recommend that you either rebuild your entire machine or spend the time to check and get rid off any malicious code on your machine. Log on to the provider using the secure option.

Another point to note that long passwords are not strong passwords e.g. passwordismypassword is a very long password, but using a password cracker this would take all of 10 min to discover, but pwh08grf569 would be more difficult to discover.

NB! I agree with the previous responses that in your situation the intruder is probably using an alternative method to obtain your password.  

It could be simply the intruder knows were you write down your passwords or as complicated as a network sniffer.

You have a few options if you would like to do some investigation of your own.

The first option is to speak to the technical support at the service provider explaining your situation.
They make be able to assist you or point you in the right direction. Explain that you have changed your password but this still persists. They may put an IP logger on for you – I don’t really know the best is to speak to them.

Option 2 if all else fails:
This would involve crafting an e-mail message that would entice the intruder to click on a link that would direct him to a web site you created to log IP addresses of users visiting your site. You can than log the time, HTTP REFERRER, URL and the IP Address. Remember to put a notice on the WebPages stating that the users IP address is being logged for security reasons – this would be a sort of disclaimer.

You may want to keep a few things in mind:
1). The intruder has probably tried to hide or spoof his IP Address. (In this case this technique would be a waste of effort.)
2). If the user is logging on from behind a firewall you'll get the external firewall address.
3). If the user were using an ISP high speed the ISP would have a log of which IP is issued to whom. If dial-up, logs are kept of who leased the address and the duration, I’m not sure the ISP would be too happy to provide this information and you may need to get the correct authorities involved.

Remember this is not a foolproof method but would be the easiest and requires the least amount of technical ability

chellam_maAuthor Commented:
thanks mr.nisheed. i will try your instructions.
I agree with above comments. I disagree with asker. On this:

> But technically I don't have any proof so that I can proof he is the culprit.

Since you think you know who he is, there is a reason. So follow that. Use language that is interesting, tell stories, but ONLY in mail for those accounts. When the culprit expresses knowledge of the mail content, he's effectively admitteding to be culprit. Don't pull out of closet yet.

Get two or more friends you can trust into scheme. Include them in confidence of your special eMail content. When culprit can repeat the story in front of these friends with no help, then he is exposed as the snooping peeper, and brought out of closet to full shame of community, and your close-nit group can repeat the story and get him ostrasized as deserved.

Note: Many such exploits are mere kids (whatever age) who think they are showing off something like intelligence, when in reality, what they are showing off is their own bad behavior.

Think of it this way. You invite a few neighbors over for, dinner or movie or something. Or rather, put shoe on other foot, you are the one invited. So picture this, you are at other persons house, and everybody is all happy and in one room. You excuse yourself to go to bathroom. While in bathroom, you first open medicine chest to get copies of all prescriptions you can find. You look for other information on purchasing habits. This may be about information gathering and increasing your knowledge, but it has nothing at all to to with demonstrating your intelligence.

Now on your way back to the group you pay a visit to the host's bedroom. You check under pillow to see if gun is there or not. You open every door and drawer. You look under each pile of clothing to see what was tucked there, and locate every item that was squirreled away.

Now, return to the group. Try to brag to the group about everything you learned about the host. What do you think reaction will be? Maybe one person may be impressed like you about this information regarding host. But I submit that not only the host, but the majority will view such actions of snooping as being very improper, bad manners, bad behavior, and possibly they will demean your level of intelligence, which is directly opposite to what you were trying to demonstrate.

I submit that such snooping on internet is similar and should be treated same as snooping in other people's houses. Then main difference is in availability. While most people won't invite you into house 24 hours a day, the internet is really a place that can be viewed as nearly open 24 hours a day.

I submit that since the odds are that your culprit is not using international spy tricks, but tricks that are only applicable to your community, that the best approach is one that addresses the community where you reside. But still, suppose we extend some international spy tricks. Suppose, while you are in other person's house, you install some form of webcam in persons bathroom, and another in the bedroom. Now, invite everyone except people who live there over for party. Turn on PCs to show what all those webcams in that persons house can view. You did drop off some microphones, right? Now as these members of community watch what those people are doing in their own bathroom and bedroom, just what do you think their reaction will be to your newly demonstated ability? I submit that although there may be one that will laugh and applaud your technique, that the majority will denigrate you, ostracize you, and even insult your level of intelligence.

By "outing" a member of your community as a "snoop", you are giving person a better clue on this, on how the community really feels about this, and whether or not it is an issue about intelligence, about behavior, and about whether any knowledge gained by being culprit is something worth bragging about. Not only that, but you can reinforce community ideals about habits and behavior patterns, and about taboos. In this way you can assertively deter others from emulating the bad practises of this culprit.

When you are not at home, there is little you can do to keep the neighbors from finding a way into your house to peep about. Access on internet is same, little you can do to prevent others from snooping in on any mail you send. In fact, it is very easy for one recipient to forward a memo to everyone else in your community, despite any interest you had to keep ino closely held. At home or on internet, you can make things more secure, add locks, hire agents, etc. But act like you can never be 100% safe, for a determined person can really do about anything. Do what you can do, in in this case I think it is more about reinforcing to your community just what are viewed as good vs bad habits.

And to do this, I suggest obtaining some witnesses to corraborate what you already know. How do you suspect culprit already? Likely, either they already started bragging to others, maybe when drunk, and word got back to you, or, the person has already displayed some knowledge of your eMail content that would not be available through other means. So IMO, send some 'special' emails with content not available elsewhere, get witnesses to culprit snooping sufficiently to get the limited info, and expose this to community.

Now, if your community applauds the snooping I'd be surprised and want to know. But I believe humankind is much more interested in maintaining their own privacy rights than in being concerned about what others have been doing in their own perceived privacy. Despite the 'enquirer' tabloids and the 'open' talk shows that tell-all. In those cases, most viewers have hope that the one being exposed is in_on_it and opened up some of their private life to public consumption, and that stories are more about entertainment than veracity.
Ooops, done? That'll teach me to type too much at a time.          :-(
Actually I'm happy if you are...
                                                                  - Good Fortune -
-and, if you explore forensics, also consider NetIce's BlackIce, and do let us know of results one way or another
Hey Chellam_Ma, I think I know you.  Do you live in California Bay Area?  Up north in a little southhampton, or by there?  Goldenhill i believe?
You people have no idea what you're talking about.  You can crack Yahoo! accounts, its just one big pain.  The servers start rejecting your login attempts, and you've gotta use proxies, and those are a pain to scan for.  Also, you gotta cycle thru diff yahoo servers, lukely there are dozens.  And eventually they will stop that user from being able to login for a while.  Believe me, you can crack yahoo accounts, its just really time consuming and stressfull, sorta, if you're trying to get a certain account in particilular.  And also, nobody is gonna click on your ip-logging website.  For one, a server like that, that you get to check logs on, costs money.  Secondly, nobody is gonna click on or http://eFfd.kdfus.icom.commcast.net whatever, thats the kind of tricks we use!  we wouldn't fall for the same stuff!  And yeah, yahoo! wont give you the ip of a user, assuming they even know, most people wont even go thru proxies to goto yahoo!  And how is putting an ip logger on you gonna do shiz, they are opening your mail!, not direct connecting you!  if they do d/c you, then goto dos prompt and type in netstat -a or -n or whatever.  dont listen to these people, or go ahead and do so, but they dont know what they're talking about in the first place, they just take classes n' shiz on net security, they dont do it.  besides, i make my own trojans, NO virus scanners will pick them up, period. u can still detect them if u really know what ur doing (and people here dont), but anyways, i dont even like using trojans

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

  • 4
  • 2
  • 2
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now