You might like

17 Responses to How to report a computer crime: Unauthorised email account access

  1. Jill · 629 days ago

    Authorize is misspelled.

    • Craig · 627 days ago

      Not if the author is English (which they are).

    • Jim Jones Jameson Sr. · 46 days ago

      Authorise is the original and correct spelling of the original English language. AuthoriZe is americanism, slang, barbarism, recent misspelling that became "correct" in the USA.

    • Jim · 46 days ago

      Dog is a misspelling too. The correct spelling is dawg. :-)

  2. One thing that I discovered when I discovered one of accounts had been hacked. That Microsoft IWindows Live) will do nothing to help you correct the problem. Buried underneath your Windows Live Account are all your other Microsoft Accounts including email and others. Once someone is into your Windows Live Acoount, they are also into all your other Microsoft Accounts. The access to my Windows Live Account was granted by someone at Microsoft, not me. Upon discovery that this had happend, I attempted to retake control of the Windows Live account and was not able to. I was able to get back one of the underlying accouts but I am still trying to correct the mess that this caused. I have also read in one the other Security feeds that one in five Microsoft Accounts is comprmised.

  3. Brett Greisen · 629 days ago

    The Windows Live comment above has electronic health records (EHR) ramifications now.

    Many hospitals use Microsoft Vault (accessed by Hotmail acct info) for their patient-accessed medical records/online bill paying/general info sites.

  4. kums · 629 days ago

    then few antivirus programs should be punished for this offense who where stealing user's system file without his permission.

  5. My GMail account got hacked a while ago and I actually reported it to the local police but I don't think anything at all was done about it. The attacker's IP address was located in China and might have been a part of a botnet. At the time I couldn't find a way to inform Google, I did post the incident on the Google forums. luckily the two-step authentication was implemented not long after that so that made me sleep a little easier.

  6. Harry pollard · 629 days ago

    My account was compromised when a list of passwords for I site I used was posted on a website. Two months later a person contacted me and said this list had my email and password and when I logged in to my account on my computer, I was suspended and was required to go through a procces and verify my account. I then changed all my passwords.

  7. That rather depends on whether you speak English English or American English. :)

    Bob is EE.

  8. Guest · 629 days ago

    I didn't bother to report the person (whom I've known only electronically) who'd hacked my Hotmail account recently - the same person who (unbeknownst to me, until 2 years after the fact) had remotely installed keylogger spyware on my computer. Why not? The FBI won't help you unless you give them all the evidence that they need to prosecute the hacker. Moreover, the FBI won't help you unless you can prove that the hacker had caused you financial or physical harm. Recently I spoke with a self-described expert on criminal psychopaths, who acts as a liaison between FBI agents and prosecuting attorneys, regarding the hacker in question. The expert's response? "I don't see a crime here." If I couldn't get the expert on my side, how could I get the FBI on my side? The authorities won't help and you can't reason with a psychopath, so what's the point of reporting internet crimes? The FBI would probably tell me that had I scanned every email attachment that the hacker had sent me and checked every link (before clicking) that he'd sent me, the hacker would not have been able to install spyware on my computer - in which case, they would be correct; I should have updated my antivirus program daily, scan everything before opening, and paid attention to the seemingly insignificant red flags that I'd noticed from time to time. Shame on the psychopathic hacker for being shameless and shame on me for being too careless and trusting.

    Two problems: Internet crimes are hard and expensive to prosecute. Secondly, if the (presumed) psychopath hacked my computer and. more recently. used brute force to crack my Hotmail password, who else is he hacking?

    I've learned the hard way that the psychopathic hacker is a dab hand at plagiarism, hacking, and telling strangers lies about you that actually apply to him. Learn from my example and don't trust anyone with whom you have only electronic communications - regardless of how friendly they might sound. And if an unknown hack claims to be writing a biography about an obscure, long-dead entertainer about whom little is known, run for the hills!

  9. njorl · 628 days ago

    "searches her diary" - I'm struck by how, in the letter of the law, and in the typical reaction of citizens, information attains specific importance when it's on and used/abused from a computer system.

    We might have had a briefer version of the tale (though not in NS), in which Barry had been caught satisfying his curiosity by reading Abigail's (personal) diary. Would Bob still have advised, "Abigail should go to her local police station" etc?

    I'm not condoning the actions attributed to Barry, but I'm not surprised by the reluctance of the authorities, as noted in other comments, to take up such cases.

  10. DaveM · 627 days ago

    This story amuses me, notably as it does not mention whether "Abigail" got any help. If it is illegal to read someone else's e-mail, surely it is illegal to make repeated death threats online, publish someone's personal information on various web pages, and make harassing phone calls to that person. There were also false accusations of multiple felony crimes, and online stalking over several online forums and other pages.

    That happened to me during a two-month period this past summer. Local authorities stated it was not a crime. State and Federal authorities never responded to my complaint. The Federal complaint, conversely, was made directly through the ic3 site created specifically for that purpose.

    There is little point in having laws and elaborate means of reporting offenses if nothing is done about said offenses. I am reminded of the "push for walk signal" buttons on traffic lights which in practice seem to do nothing but keep a pedestrian occupied while the light changes.

  11. roy jones jr · 624 days ago

    That is kind of messed up that there wouldn't be a followup investigation. Its also messed up that companies hide the issue (Microsoft letting hackers steal email passwords) and then its too late for us the end user to do anything.

  12. The game plays a little bit like clue, but with more elements of random chance. You will have to use your deductive reasoning and skills to build a case and catch the bad guys before your opposing players do. Thanks.

  13. John · 232 days ago

    A friend gave me his password so that, at his request, I could monitor his emails for a period while he was unable to do so. I sought his consent to send an email from his account to a 3rd party albeit in my friend’s name, because I wanted to remain anonymous. Now my friend has complained that I have illegally impersonated him by sending an email in his name to a 3rd party! Have I broken any law?

  14. Trunk Treeson · 46 days ago

    Accessing criminal's (scammer's, fraudster's, thief's) email accounts may disclose a lot to the victim of crime and help them proptect themselves from further crime and collect important evidence against the criminal (fraudster, scammer, thief).

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Bob Burls is a UK-based IT Security consultant who has extensive experience in Computer Incident Response, the investigation of malicious code and other aspects of internet abuse following over a decade of serving as a Detective on the Metropolitan Police Computer Crime Unit, the NHTCU and the PCeU.