Page 1
Page 1
Started By
Message

Email hacked solutions

Posted on 7/1/26 at 8:46 am
Posted by rattlebucket
SELA
Member since Feb 2009
12910 posts
Posted on 7/1/26 at 8:46 am
Friends email hacked. Yes they clicked a link, in their defense it was pretty clever.

Regardless, Got email all changed back with sending in photo id etc, 2 factor auth set up then they just changed it all again. Its tug o war of constantly changing the password, 2 factor and recovery email.

Do we wipe the device and start over?

How are they able to keep doing this? Are they in the device?
Posted by Cimarron
Member since Jun 2024
1059 posts
Posted on 7/1/26 at 8:50 am to
Does your friend have a good backup?
Posted by rattlebucket
SELA
Member since Feb 2009
12910 posts
Posted on 7/1/26 at 8:56 am to
She says no. I want to get in the device but not sure I have that access being I would get to see all her info. Just trying to point her in a starting direction since she was able to do enough to change it back.

Should she do a back up now and then wipe it or should she just let them have the email account at this point and create a new one? Just sucks for her because its tied to her banking, private small business etc
Posted by Ricardo
Member since Sep 2016
6570 posts
Posted on 7/1/26 at 9:03 am to
My guess is that when they clicked the link they installed a program that sends screenshots to the hacker.

What kind of phone/device is it?

The first thing she should do is put the phone in offline mode, disconnect any wifi, etc, and check permissions. People tend to grant access to everything. It sucks, but she needs to go through her phone with a fine tooth comb.

If it's auto-backed up to the cloud she needs to make sure there aren't suspicious apps/contacts there too.

This post was edited on 7/1/26 at 9:08 am
Posted by Cimarron
Member since Jun 2024
1059 posts
Posted on 7/1/26 at 9:18 am to
^^^^^^
Good advice.
This sounds like a wipe and restore to factory mode.
It it's a laptop, make sure you have a good DNS tool that will check all links you click on. Open DNS has long been the defacto standard in that area. The Cisco version isn't available to consumers (Cisco owns it now), but there is a consumer version for consumers.
Posted by rattlebucket
SELA
Member since Feb 2009
12910 posts
Posted on 7/1/26 at 9:36 am to
The factory wipe is looking more like what she’ll need to do. Just learned she clicked on the link on apple laptop too.

She was able to reset pswrd, add 2FA, recovery email etc and they reversed all that. Theres got to be an active session still somewhere right?
Posted by XanderCrews
Member since Mar 2009
812 posts
Posted on 7/1/26 at 9:56 am to
They usually put a filter on your inbox so any new recovery emails that come in go back to the threat actor and they get all the resets codes etc. friend needs to sign out of everything electronic and change passwords everywhere to something new. Also get try and use password managers with auto generated passwords. Get password app on every device you use so that friend does not go back to bad password management.

If you dont change your password every so often they get leaked into DB's on the dark web. If it was stale password its easy to get into an account.

Also there is no defense, they fricked up. Learn the lesson or repeat it.
Posted by Cimarron
Member since Jun 2024
1059 posts
Posted on 7/1/26 at 11:12 am to
A factory reset should solve it, but if they loaded the payload on her laptop and she uses iCloud, they'll still be in both devices.
I'm a network guy. Someone with more desktop knowledge might be of more help.
Posted by Ricardo
Member since Sep 2016
6570 posts
Posted on 7/1/26 at 11:59 am to
Can also check contacts in icloud and sort by date added. She may have a new one that she doesn't recognize.

Basically, she needs to go over everything and delete anything that looks suspicious. Any "shared" logins, etc.
first pageprev pagePage 1 of 1Next pagelast page
refresh

Back to top
logoFollow TigerDroppings for LSU Football News
Follow us on X, Facebook and Instagram to get the latest updates on LSU Football and Recruiting.

FacebookXInstagram