Solved

Security, hackers

Posted on 2016-07-26
10
128 Views
Last Modified: 2016-07-27
My OS is win 10 pro 64 bit, and I have Avast and malware bytes for the anti virus.  And I guess whatever security programs that comes with win 10 pro.  
1.  During the day whenever the pc is not in use, I usually put it to sleep.
2.  And when I want to use it again, I have to login to my pc.
3.  at night either it is in the sleep mode or completely shut off.

After logging in, I load the MS Edge and go to my email, by loading the portal.office.com.  Since I use this method always, thus my user name and password are already populated, and I just have to hit enter to enter into my Outlook.  My email is msn the free account.

Hope the experts could please study the above scenario and let me know if there Is anyway for anyone to hack into my pc, especially to my email.  

Because recently an email I sent, the receipient swears that it had been compromised.  Thus my concern.
Although I had other thoughts.  Because if someone had logged into my account from a different pc or geo location, I thought MS would either email or text u that your pc was logged in from a different location.  
thank u.
0
Comment
Question by:jegajothy
  • 3
  • 3
  • 2
  • +1
10 Comments
 
LVL 94

Assisted Solution

by:John Hurst
John Hurst earned 125 total points
ID: 41730298
For your physical computer, suspended or turned off, there is not much way to hack into that and do damage.

For web mail, it is ALWAYS possible. Change your password to a very strong password and then change it at least quarterly.

For your actions:  Strange emails you download and open and Websites you visit - Train yourself not to open strange emails, rather just delete them; and, be careful where you visit and never click on any link wanting to help you.

Finally ALL calls from Microsoft about your computer(s) are spam.
1
 
LVL 27

Assisted Solution

by:Thomas Zucker-Scharff
Thomas Zucker-Scharff earned 125 total points
ID: 41730441
Never save your password in a browser
1
 
LVL 3

Accepted Solution

by:
James Edwards earned 250 total points
ID: 41730698
There are many, many ways to hack and compromise your computer, far too many to list.  However, as John has said, there aren't really many when a computer is suspended/asleep (perhaps a Wake-on-LAN packet injected somehow, but that's about it).

With regards to 'Because if someone had logged into my account from a different pc or geo location, I thought MS would either email or text u that your pc was logged in from a different location. ' - this seems like Apple you are thinking of.  If your iCloud or iTunes accounts are logged in to from somewhere else, or you use a new browser etc, then you get an e-mail from Apple telling you about it. Microsoft don't do this.

You can only really be hacked via e-mail if you open unknown attachments or click links you really shouldn't be clicking.  Even if the message appears to be from someone you know, bare in mind that THEY could have had their PC compromised and the message may not really be from them.  Would Auntie really be sending you nude pics of a celebrity?  If in doubt, don't click (and be vigilant if you aren't that suspicious).

Also, don't use the same password across multiple accounts.  I.E. don't use the same password for your banking as for your e-mail.  The stories you see in the press of compromised accounts always shows that people who are hacked on one account have used the same password in other places.  The first thing hackers do when breaking in to a low-security, low-impact site (such as a gaming site or social media) is to then try those same credentials on profitable sites such as banks.  You need unique passwords for each, and I then recommend a password vault to store all of these passwords so you don't have to remember them all and are tempted to write them down.
0
Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

 

Author Comment

by:jegajothy
ID: 41731042
in response to Thomas, How do u do that.  Eg the portal.office.com the password displays as **** if I had logged in before, but there is no field to check to save the password, only a "Keep me signed in", which I check, thinking that if I am a bit too long on the program, I might be cut off mid stream.  
So how does one do not display the password on any site that I log into regularly? thank u.
0
 
LVL 94

Expert Comment

by:John Hurst
ID: 41731044
So how does one do not display the password on any site that I log into regularly?

Most sites now encrypt the password (showing **** for the password). It also encrypts in Credential Manager.
0
 
LVL 27

Expert Comment

by:Thomas Zucker-Scharff
ID: 41731048
At one time or another you have allowed the browser to remember your password. The browser will store your login credentials for you and use them on that site.  The first place most malware will check for passwords is in the browser most used (since it needs to do it before being discovered and this is the most likely place  to find login credentials in clear text).  You can make you're browser delete all saved passwords easily, where depends on the browser.
1
 
LVL 3

Expert Comment

by:James Edwards
ID: 41731071
Assuming Internet Explorer.  In order to cleared stored/cached passwords, carry out the following:

1) Click Start
2) Type Control Panel (this should automatically start typing in to the search text box) or if you can see Control Panel on the Start Menu, click Control Panel
3) Click User Accounts
4) Click on Manage Web Credentials.
5) Click on the drop down arrow by the web site you want to remove the password for.
6) Click on Remove.

For Firefox:

1) Click the menu button and choose Options.
2) Click the Security panel.
3) Click Saved Logins… and the Password Manager will open.
You can use the search box to find a particular website or username. Click the X in the search bar to clear your search and see the full list again.
4) To remove the username and password for a website, select the site's entry from the list and click Remove.
Or to remove all stored usernames and passwords, click Remove All. After confirming this choice, all of your stored usernames and passwords will be deleted.

And for Chrome:

1) Open the Chrome menu using the button on the far right of the browser toolbar.
2) Choose the Settings menu option (highlighted in blue).
3) Click the Show advanced settings… link located at the bottom of the page.
4) In the “Passwords and forms” section, click the Manage passwords link.
5) Locate the username/password entry you wish to delete and click the X (cross) on the right-hand side to delete the entry.
0
 

Author Comment

by:jegajothy
ID: 41731178
thank u everyone for your advise.  I just have to be more careful I guess, and not a good idea for me to check my email when I return home fully exhausted after a trip.
0
 

Author Closing Comment

by:jegajothy
ID: 41731179
thank u for your advise and suggestions.
0
 
LVL 94

Expert Comment

by:John Hurst
ID: 41731182
I am away right now and keep my computer with me to collect email.  Thanks
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
In this video I am going to show you how to back up and restore Office 365 mailboxes using CodeTwo Backup for Office 365. Learn more about the tool used in this video here: http://www.codetwo.com/backup-for-office-365/ (http://www.codetwo.com/ba…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question