Skip to main content

My unmonitored Gmail account gets compromised

··162 words·1 min

Today seemed like just another day. Little did I know, in a span of about 20 minutes, the resulting set of events would be hugely embarrassing for me. I had barely woken up, when my phone started going bonkers with notifications coming from emails, chats & twitter replies. A glance at the notifications indicated that my email account had been compromised and phishing emails had been sent to every one in my contacts list.

[…]

So, what went wrong? It all boils down to a culmination of the PlayStation Network hacking, some bad habits from my yesteryear and some nice features from Gmail which resulted in the phishing email to look like it came from my current domain account instead of the old Gmail account. Let’s have a look at each vector:

  • PlayStation Network break-in
  • Not monitoring my email account
  • Password Reuse
  • Send mail as and Reply-to set to my domain address

Read a complete account of what happened over at techie-buzz