Expiring Today—Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


Security, hackers

Posted on 2016-07-26
Medium Priority
Last Modified: 2016-07-27
My OS is win 10 pro 64 bit, and I have Avast and malware bytes for the anti virus.  And I guess whatever security programs that comes with win 10 pro.  
1.  During the day whenever the pc is not in use, I usually put it to sleep.
2.  And when I want to use it again, I have to login to my pc.
3.  at night either it is in the sleep mode or completely shut off.

After logging in, I load the MS Edge and go to my email, by loading the portal.office.com.  Since I use this method always, thus my user name and password are already populated, and I just have to hit enter to enter into my Outlook.  My email is msn the free account.

Hope the experts could please study the above scenario and let me know if there Is anyway for anyone to hack into my pc, especially to my email.  

Because recently an email I sent, the receipient swears that it had been compromised.  Thus my concern.
Although I had other thoughts.  Because if someone had logged into my account from a different pc or geo location, I thought MS would either email or text u that your pc was logged in from a different location.  
thank u.
Question by:jegajothy
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
  • +1
LVL 97

Assisted Solution

by:John Hurst
John Hurst earned 500 total points
ID: 41730298
For your physical computer, suspended or turned off, there is not much way to hack into that and do damage.

For web mail, it is ALWAYS possible. Change your password to a very strong password and then change it at least quarterly.

For your actions:  Strange emails you download and open and Websites you visit - Train yourself not to open strange emails, rather just delete them; and, be careful where you visit and never click on any link wanting to help you.

Finally ALL calls from Microsoft about your computer(s) are spam.
LVL 30

Assisted Solution

by:Thomas Zucker-Scharff
Thomas Zucker-Scharff earned 500 total points
ID: 41730441
Never save your password in a browser

Accepted Solution

James Edwards earned 1000 total points
ID: 41730698
There are many, many ways to hack and compromise your computer, far too many to list.  However, as John has said, there aren't really many when a computer is suspended/asleep (perhaps a Wake-on-LAN packet injected somehow, but that's about it).

With regards to 'Because if someone had logged into my account from a different pc or geo location, I thought MS would either email or text u that your pc was logged in from a different location. ' - this seems like Apple you are thinking of.  If your iCloud or iTunes accounts are logged in to from somewhere else, or you use a new browser etc, then you get an e-mail from Apple telling you about it. Microsoft don't do this.

You can only really be hacked via e-mail if you open unknown attachments or click links you really shouldn't be clicking.  Even if the message appears to be from someone you know, bare in mind that THEY could have had their PC compromised and the message may not really be from them.  Would Auntie really be sending you nude pics of a celebrity?  If in doubt, don't click (and be vigilant if you aren't that suspicious).

Also, don't use the same password across multiple accounts.  I.E. don't use the same password for your banking as for your e-mail.  The stories you see in the press of compromised accounts always shows that people who are hacked on one account have used the same password in other places.  The first thing hackers do when breaking in to a low-security, low-impact site (such as a gaming site or social media) is to then try those same credentials on profitable sites such as banks.  You need unique passwords for each, and I then recommend a password vault to store all of these passwords so you don't have to remember them all and are tempted to write them down.
10 Questions to Ask when Buying Backup Software

Choosing the right backup solution for your organization can be a daunting task. To make the selection process easier, ask solution providers these 10 key questions.


Author Comment

ID: 41731042
in response to Thomas, How do u do that.  Eg the portal.office.com the password displays as **** if I had logged in before, but there is no field to check to save the password, only a "Keep me signed in", which I check, thinking that if I am a bit too long on the program, I might be cut off mid stream.  
So how does one do not display the password on any site that I log into regularly? thank u.
LVL 97

Expert Comment

by:John Hurst
ID: 41731044
So how does one do not display the password on any site that I log into regularly?

Most sites now encrypt the password (showing **** for the password). It also encrypts in Credential Manager.
LVL 30

Expert Comment

by:Thomas Zucker-Scharff
ID: 41731048
At one time or another you have allowed the browser to remember your password. The browser will store your login credentials for you and use them on that site.  The first place most malware will check for passwords is in the browser most used (since it needs to do it before being discovered and this is the most likely place  to find login credentials in clear text).  You can make you're browser delete all saved passwords easily, where depends on the browser.

Expert Comment

by:James Edwards
ID: 41731071
Assuming Internet Explorer.  In order to cleared stored/cached passwords, carry out the following:

1) Click Start
2) Type Control Panel (this should automatically start typing in to the search text box) or if you can see Control Panel on the Start Menu, click Control Panel
3) Click User Accounts
4) Click on Manage Web Credentials.
5) Click on the drop down arrow by the web site you want to remove the password for.
6) Click on Remove.

For Firefox:

1) Click the menu button and choose Options.
2) Click the Security panel.
3) Click Saved Logins… and the Password Manager will open.
You can use the search box to find a particular website or username. Click the X in the search bar to clear your search and see the full list again.
4) To remove the username and password for a website, select the site's entry from the list and click Remove.
Or to remove all stored usernames and passwords, click Remove All. After confirming this choice, all of your stored usernames and passwords will be deleted.

And for Chrome:

1) Open the Chrome menu using the button on the far right of the browser toolbar.
2) Choose the Settings menu option (highlighted in blue).
3) Click the Show advanced settings… link located at the bottom of the page.
4) In the “Passwords and forms” section, click the Manage passwords link.
5) Locate the username/password entry you wish to delete and click the X (cross) on the right-hand side to delete the entry.

Author Comment

ID: 41731178
thank u everyone for your advise.  I just have to be more careful I guess, and not a good idea for me to check my email when I return home fully exhausted after a trip.

Author Closing Comment

ID: 41731179
thank u for your advise and suggestions.
LVL 97

Expert Comment

by:John Hurst
ID: 41731182
I am away right now and keep my computer with me to collect email.  Thanks

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The recent Petya-like ransomware attack served a big blow to hundreds of banks, corporations and government offices The Acronis blog takes a closer look at this damaging worm to see what’s behind it – and offers up tips on how you can safeguard your…
Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question