Adam Bell
asked on
Steps to efficiently mitigate exortion/malware demand risk
In receipt of what on the look of it is a typical extortion scam, your systems are infected, pay money etc., verification confirms it is what it looks like, but this latest demand contains the password of a Gmail account which is usually encrypted lending credence to the fact one or more PC may be malware infected.
Before I go and starting scanning PC, any wisdom from EE community, shared experience etc. on effective ways to go about this, particularly when there may be a time element and trying to identify an assumed infected PC may or may not be the first step.. Thanks in advance
Before I go and starting scanning PC, any wisdom from EE community, shared experience etc. on effective ways to go about this, particularly when there may be a time element and trying to identify an assumed infected PC may or may not be the first step.. Thanks in advance
Another to check on GMail account. If you notice any of these signs, someone else may be using your Google Account.
Important: If you think someone else is signed in to your Google Account, change your password immediately for:
- Your Google Account, if you didn’t change it already
- Apps and sites:
- That you use the same password you used for your Google Account
- That contact you through your Google Account email address
- Where you sign in with your Google Account email address
- Where you saved passwords in your Google Account
You can then check for and remove any unfamiliar devices signed in to your account.
Suspicious activity in Google mail you use. Correct the setting immediately if you see unfamiliar changes to:
- Mail delegation: People with access to your Gmail
- Automatic mail forwarding
- Scheduled emails
- Your name in Gmail
- Automatic reply: Vacation responder
- Address on outgoing mail
- Blocked email addresses
- Remote access to your Gmail: IMAP or POP
- Filters that manage your incoming mail
- Labels that organize your incoming mail
- Gmail activity
Your Gmail activity might be suspicious if:
- You no longer receive emails.
- Your friends say they got spam or unusual emails from you.
- Your username has been changed.
- Your emails were deleted from your inbox and aren’t found in "Trash". You can report missing emails and possibly recover them.
- You find "Sent Emails" that you didn’t write.
ASKER
Thanks both, I tightened up on Gmail and the breach records, found accounts which had been involved in mass breach, and identified one weak password compromised too though not clear exactly how the preventive is to tighten up on password enforcement.
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
People are predictable and tend to reuse email address / password combinations.
There are several password dumps available on the internet/darkweb
i.e. the LastPass loss of customer blobs.
https://haveibeenpwned.com is a site to check