Tech Support Guy banner
Status
Not open for further replies.

Please advise and clarify

1K views 5 replies 3 participants last post by  starwaves77 
#1 ·
I have a question that I have asked a couple of times (not in this fourm) and have been given conflicting answers to and really need clarification, if possible.

Can I tell if my email is being read by someone other than it being marked as read or by looking at it properties? and can someone identify me (physical location and personal information) through my IP address?


Maybe I am getting paranoid but I think this person is accessing my emails somehow and I am worried that he may be learning more about me than I am comfortable with.

Some have told me no to both questions and others have said if the person is computer savy then it is a possibility.

Thanks for the help!
 
#3 ·
Lucy,
Great question~! It covers a lot of 'security' groundwork for everyone. Do you have any evidence or theories of your computer being compromised?
Can I tell if my email is being read by someone other than it being marked as read or by looking at it properties?
It depends how the mail or computer is accessed, most of the time the answer is yes but I have to add > not always. First of all you can check with your ISP and ask them for a log of your mail, to find out 'where' its been read, and or if it is sent to a second location, and thirdly get their log of all calls to them in regard to your account, and find out if some strange questions have been asked by someone other than you? That log is very important.

From your computer, you can run a good keylogger in stealth, even when there is no 'physical access' it will show screen shots of programs being opened,etc, and any and all activity on your computer with dates/times, etc., you can determine if someone is accessing your mail including all your own tracks, but also check to make sure there isn't a 'keylogger' running now in stealth, against you, and or 'modified files' text or jpg that contain covert info, or even a covert hardware, like a keylogger switch attached to your keyboard/usb port,

I don't think your paranoid at all, in fact your covering yourself and the weak link in the chain, which is unknown for now, as you eliminate more of the 'unkowns' your system becomes more secure. For me that is ongoing,

But part II of the answer gets a lot spookier. People that want your mail, usernames, passwords, credit cards, read your IM's, or just monitor that can also very easily do that by sniffing packets, your TCP/IP data streams, retrieving that 'between' your pc and the data's destination, , , and from there they can read or reassemble your emails without ever needing a password, it's like "read my mail, no password required", so from that angle it is possible for someone to read your mail and you never know it, rather than trying to uncover and trace that your better off using 'encrypted mail & attachments' or using a completely different system, like File Courrier, which will securly deliver the attachment portion of an email, where their company naturally assumes the email portion can always be read by someone,

Of course you don't have to go that far, but it's good to know it's available; if you have something sensitive that your putting in an email, than encrypt it, that will at least force the 'sniffer' to decipher it, and if you use a good program like A LOCK ENCRYPTION or Fine Crypt Encryption and use their maximum strength password 444 bit or a KEY, then it will not be read,

can someone identify me (physical location and personal information) through my IP address?
Yes again, , if they get your real IP and the ability to 'hack' , they can enter your {vulnerable} machine to retrieve your personal data, or 'spoof' it from you. With some minimal facts they can contact your ISP and attempt to squeeze info from them. Your ISP is not going to give that information out, they are not supposed to, it's the law,

BUT, they can be duped, suckered, 'socially engineered' into making that mistake easily, and then your info is out, it only has to happen once with a customer rep and 'someone' has what they're looking for & that is the weak link in the chain, the ISP has a thousand customer service reps who have this information, a master social engineer will just keep calling until they get someone who slips up, {not saying this applies to you, just be wary of it} and don't depend on your ISP for that security, always change your passwords,

It's better to actually be 'secure' than have a false sense of security, as long as you 'feel' something is amiss, then pursue every angle you can to cover a possible breach until you can say, I'm secure and I know it, and my computer tech friends know it,

With your IP address they can 'attempt' to hack and, or, setup a backdoor Trojan that will easily get all the information they want, name and address, passwords for all your accounts, everything, or can even control your computer,

There were amazingly simple Trojan programs like 'Back Orifice' and 'Deep Throat' for example that allowed a novice to access a computer remotely and then steal passwords/etc, the programs are available to anyone, so there is always the possibility that someone finds and becomes interested in you at 'random' , meaning they are just looking for a machine they can hack into because it's vulnerable, one that already has the Trojan installed and don't really care who you are, they only become interested in who your are {after the fact} if they go even go that far, most are just playing around,

And even worse, they are a hundred thousand computers out there where those backdoor Trojans are already setup by someone, allowing ANYBODY running 'Back Orifice' etc., to access them whenever they like for fun or malicious activity, and those PC owners never know what happened, , , one could buy a used computer that is already setup with a Trojan scam, and unkowningly give all their private info away,

So, the answer is no one is safe until they prove it to themselves using every resource available, otherwise the 'hacker' will prove it for you, I'm using the word hacker very loosely because there are so many 'scams' to achieve the same results, like 'spoofing', etc,

Speaking of those scams, is it possible that you gave your password away clicking on one of those 'Insta~Kiss' emails? or the phoney E-Bay / AOL site that catches someone off guard when they give up their password & username? check here Spoofed Emails

At the time I'm writing this, I don't consider my system completely safe, I know there is something I may not have covered, so it's a ongoing security experience, I still change passwords regularly as kind of a 'fail safe', simple to do as well,

Here are some things you can do and think about to further protect and investigate your situation:

CHANGE YOUR PASSWORDS: religiously
a) you must have a firewall
b) scan for spyware using a variety of scanners
c) online scans for trojans
d) online scans for port vulnerabilities and stealth
e) downloaded software to scan for backdoor trojans
f) downloaded software to scan for 'open ports' / or hacked ones,
g) software for real time protection, that alerts you to 'registry keys' being added, or malicious script being written,
h) excellent anti-virus software,

and so much more,

I will have to gather my internet links that cover the above so read this again later, and I'll have some good ones that will help 'uncover' vulnerabilities and protect your sytem,

Bottom line: if you sense something is amiss, then assume your computer is compromised and work from there, you have nothing to lose and everything to gain,

Online scans, heavy on trojan detection:
RavantiVirus
BitDefender
Trojan/Pest Scan
TrojanScan

Downloads:
SimplySup Trojan Remover
Tauscan Trojan Scan
TDS-3 Trojan Scan

Port Security:
BlackCode Port scan
TD3-ANTI TROJAN
Trojan Firewall

PortScanner
PortDetective
LanGuard XP
Audit My PC Stealth Scanner

PortMonster
Blue Port Scan
FINGERPRINT

:)
 
#4 ·
thank you so very much. You are so gracious to answer my questions. It will take me some time to thoroughly understand it all, I'm sure. Again, I really appreciate your help.

To answer how my email is accessed, I think someone is accessing my work computer. I am fairly confident that I have a co-worker who is accessing through their home pc. Does this change anything.

Thanks
 
Status
Not open for further replies.
You have insufficient privileges to reply here.
Top