Blocking Hacker

Dell Vista 64-bit, MSE, Windows Firewall, Word2010

The hacker is a neighbour. First, he hacked my Gmail account - proof is in three traps a friend and I set up, and he fell for them each time, police were involved in one incident. I closed the account.

He is now hacking my Webmail account. Yes, I have a lot of proof. Is there a safer email account around? One that would prevent phishing and hacking? I'm not worried abut spam because most is blocked before it gets to me and I don't open unknown-sender mail.

I suspect he is hacking into my computer. A firewall blocked one of his proxy attempts but things are happening to programs and documents that can only be the result of his hacking.

I've read all the threads on hacking on MG. None of it really helps because he knows my IP and cracks my passwords as soon as I change them. All I have are two of his email addresses and the proxy IP.

How can I stop him?

My browser is in Incognito Mode. I run different security and spyware scans every day, and I run CCleaner several times a day. Are there programs you would recommend or programs that should be deleted because they make me vulnerable?

 

Hi Lavender

There is a tried and trusted way of preventing any data on your computer from being read or tampered with by others in any way at all. It's done by creating what is called an encrypted drive, and on which you keep everything you need to keep absolutely private. Have a read HERE to gain a fuller understanding, and read the FAQ on the site too. If, having done that, you want to pursue it then you can download the free TrueCrypt right here at MG.

I don't have the privacy concerns you have but I do use a similar system on which I keep all my most private and sensitive data, including banking logons and so forth. Even if my computer was stolen there is no way the data in the encrypted container could be accessed.

 

I will get one later today or tomorrow. The USBs I have are pretty full from when I switched from my old XP to Vista.

My Webmail is via my ISP And they are aware of the problem. He uses the same company. Although they know what he is doing, recent items have come to light to prove the hacking even though they are watchful. There are also times when I can't log in because my email is in use. It really isn't safe to use.

 

I don't have a router, unfortunately. Can't afford one right now. Documents involving my work are being tampered with and I'm accomplishing nothing, so I have little hope of getting one soon.

 

I've tried TrueCrypt but I can't get it to work properly.

USB purchase tomorrow.

 

Two suggestions- either change your ISP or autoforward your mail to a gmail or hotmail account. With forwarding, your incoming mail is immediately redirected to your forwarding address, so there is never anything there to hack. If you use an email client such as Windows Mail, Outlook etc, you can get your gmail using either POP or IMAP there if that's the way you prefer to work.

TrueCrypt works just fine in Vista x64 btw so if you want to revisit that then tell us exactly what the problem is. TrueCrypt would protect your work documents 100%.

 

OK, just noticed your earlier thread on TrueCrypt. There is a more user friendly but functionally similar program available, Cryptainer LE. Maybe you would get along better with that. The free (LE) version limits the size of each encrypted container to 100MB, but you can have more than one so that should suffice for protecting your sensitive documents.

The point about this is that until the container is opened and allocated a drive letter, and that is impossible for anyone but you, there is no evidence at all that the files even exist. Once the container is opened you can access and use the files within it just as you would normally, but when you close the container, or shut down, all evidence that the files even exist just disappears. I use Cryptainer in conjunction with Word 2007 and it works perfectly, so I'm quite certain it would work with Word 2010.

This unquestionably is the answer to your fears that your files are being tampered with and, as I said earlier, gmail or a change of ISP is the answer to your fears that your email is being hacked.

You have to accept Lavender that the solutions being offered can completely defeat your hacker, or anyone else, and that it is up to you to implement them, with help here if you need it.

 

Additionally, you may like to take it a step further and restrict all net activity ( Web mail etc) to a live (distro) Cd. Kind of painful and irritating. Ubuntu worked well for me- in the sense easy to set up networking OOB. Puppy and Mint were a headache for me.
I'm prolly over thinking...

Cheers..

 

Thanks, I'll bear that in mind.

 

I can set up an account but when I open a Word document to save to the TrueCrypt account, Word refuses to do it. They're mostly Word documents I want to stop from being altered so I thought using Word to open and store them would be the best solution. I can't open the TrueCrypt volume I made.

Going to your next answer.

 

Many thanks, Earthling. I took a look at CryptainerLe. It looks promising and I'll give it a shot. I'll let you know if it works for me.

I'm sure I'm doing something wrong with TrueCrypt but I'm darned if I can find out what. One of those should work.

How the heck do I change my IP address? When a firewall blocked the proxy my "friend" used when he tried to get into my PC it showed this area and server identifier number, only the last two showed a company in the US when I ran a search. He has time on his hands so all he has to do is search the first four numbers until he hits mine. Do I have to change companies? I'd hate to do that because they've always been helpful and their office is right here. I've even taken my computer down to them in the past and they've sorted some things for me.

He's also cyber stalking so he'll see anything written here. He can decipher my passwords in a blink. He even changed my password on here. To do that, he had to know my original password. He did the same thing at another site. Lucky for me, I'm "known" at both sites and contacted those who run them. On MG, I contacted TimW. Since then he hasn't changed passwords on me again. It's more valuable for him to know what I say, especially on Webmail.

I tried one of the "password finders" on a site where I hadn't visited for over a year. I didn't remember the p/w but they sent it to my email address. Unless he signed in as me on here and the other site, there is no way he could change my password. Isn't that called Identity Theft?

What about what Sikvik suggested? Sounds hellishly complicated and I don't see how it would stop email going through my computer. There are times, when I'm on Webmail, that the whole page jumps. I take that to be a sign that he's just linked in.

 

I'm hard wired. The plug goes directly into a wall outlet and isn't shared with another item, i.e., no splitter.

I believe the hacker uses Wifi but I can't be sure because we're both with the same server and I don't think you need one with Wifi.

 

I don't know. I'll call my supplier and let you know.

 

Hi,

You need to harden your Windows setup. If backing up/reinstalling Windows is an option, then I'd do it: It's the only way to be sure, really.

However, if that isn't possible, here's what you should do.

Turn off your computer. Once it is off, disconnect it from the ISP. Now, turn it back on. You won't have Internet access, but that's OK for now.

Verify your account name: Click Start - your current login name should be listed on the Start menu. If you are logged in as Administrator, then you should create a new account, but for now I'm going to assume that you're logged in with the username Lavender, just to have a means of reference. Replace any instances of that you see from now on with your real login name as you read this.

The very first thing you need to do is to change ALL of your passwords on your computer, or create passwords if there are none. Start your computer, and then login to your normal/daily use account with the current password.

Once logged in, press Ctr-Alt-Del and select "Change Password" from the resulting menu.

Use a difficult to guess password, with a combination of upper and lowercase letters, special characters (such as!@#$%^&*), numbers, at least 8 characters in length.

Logout, and log back in, leaving the computer disconnected from the Internet.

Now, you need to verify that he hasn't set up any accounts for himself. Click Start, and then right-click on Computer from the menu. Select Manage.

Open Users and Groups, and then left-click Users: A list of currently defined users will be displayed in the right-hand pane.

Now here's where it gets a little tricky. By default, Windows Vista should show your account (the one that was created when Vista was installed, which you probably use every day), e.g., Lavender, an Administrator account (which is disabled by default) and a Guest account (which is also disabled by default). There may be others: Some AV software create them for their own use. Make a list of any you do not recognize and post them here.

Right-click on the Administrator account, and select "Set Password". DO NOT USE THE SAME PASSWORD AS THE ONE YOU CHOSE FOR YOUR NORMAL USER ACCOUNT! Make it complex, and make a note of it.

Verify that it is disabled: Right-click on it, select Properties. Verify that "Password never expires" is selected, and that "Account is disabled" is selected as well.

Repeat this for any other accounts listed that you know: For example, many people have separate login accounts for themselves and their children.

For the Guest account, simply ensuring that it is disabled should suffice.

Is this a laptop? If so, can you take it to another location to get Internet access? I'm assuming that he knows your IP, and knows the subnet range that the ISP has assigned to your area, and so it's best to do the rest of this elsewhere, if you can.

Connect to the Internet, and verify that there's no keyloggers or other malware installed. Use the posts in the Malware Removal forum to do that.

Once that's done, run Windows Update and make sure that all current service packs (Vista is at SP2) and security updates are installed.

Update Adobe Flash, Acrobat/Acrobat Reader and Java to current.

Once that's done, consider installing a third-party firewall program - many people here use Comodo, I've seen, so if you have issues with it they can help.

Now, you need to change all of your passwords for any email accounts or online services that you use. Again, choose complex passwords, and DO NOT re-use any that you've used elsewhere!

At this point, the computer will be as secure as any directly-connected Windows computer can be on the Internet. Consider getting a hardware router/firewall at some point, and make sure that it is secured when installed.

With regards to work documents/product: You really shouldn't be keeping them on a personally-owned computer at all, and I'm surprised that your employer allows this. At the very least, store them on an encrypted USB flash drive and edit them from there.

Ideally, your employer should provide you with a work laptop, properly set up and secured, and VPN access to the company network, and you would access any work-related documents from a file server there and never have local copies at all.

If they won't provide a laptop, then ask about installing whatever VPN client that they use onto your home computer, so that you can securely access the company's network from your computer.

Consider switching service providers, if this is an option.

Also, if he is changing work documents, then you should talk to your employer and apprise them of the situation, and request their help. If they have an MIS/IT department, they should be able to assist you with all of this as well.

I hope this helps!

Regards,

dj

 

Wow! I've copied your suggestion into Word and will print it out.

On my travels through MG, I've seen hardening programs listed but I haven't tried them. My computer is locked under a password but he can get at those easily.

Thanks for your help.

 

Hi TimW. My supplier says my modem isn't capable of Wifi. I hate to give details on here because he would have one more thing he knows about my computer.

So the only way he is getting in is by breaking my password and entering as me?

 

This has long been at the heart of this topic. I don't know about US ISPs but here in the UK the norm is for users to get a dynamically allocated IP address each time they login. It is possible of course to arrange to get a fixed IP address, but that isn't the norm. If it's the same with Lavender's ISP then this hacker does not know her IP address, however convinced she may be that he does.

 

I don't know either and most people don't believe me that he is hacking in. When he quotes word-for-word things mentioned in Webmail (and earlier on Gmail) it's impossible not to draw the conclusion that he's hacking my emails. With things disappearing from my PC or being altered to delay documents for submission (and being paid) it's hard not to draw the same conclusion. I spend most of my time running different scans.

A few weeks ago, I had to have my OS replaced. Two friends I had on Gmail also had to have their OS systems replaced. He's also been sending me emails supposedly from people I lost contact with years ago with links to sex sites. No, I didn't click on the mail and deleted it. So he is somehow using their names to send me emails. Once again, identity theft rears its ugly head.

My biggest fight so far has been to get people to believe me that he is hacking. I am not delusional - I have hard proof of what he is doing, at least via Webmail.

 

Thanks. Things in Canada are probably the same as in the US, so I don't know. I'll have to check with my server to know if my IP changes every time. When I search, my IP address comes up right away.

See my answer to Tim - it isn't my imagination that this is happening. How would you like to have to repeatedly read a 400-page document to find out what's been changed and which words are replaced with things like &*!$#?

 

No one doubts your account of WHAT is happening Lavender, but we are having a problem trying to figure out HOW it may be happening.

 

Thank you for that, Earthling. I appreciate it.

All I can tell you is that he's very clever and sneaky. Fortunately, he has a big mouth and gives himself away. I have solid proof. I suppose I should get in touch with our government's cyber stalking people but I'm sure they'll have trouble believing me, too.

 

Just so you know - I don't visit sites like Twitter or Facebook. I have an account at Facebook but I haven't used it in over two years. Just not my thing.

I use different names and passwords for every site where I am a member. It's only on here that I'm known as Lavender. The hacker has put in writing that I use many different names on the internet. The comment is misleading because it is only user names that are different. Unless he is cyber stalking, how would he know that?

As I said, I have hard proof of what he's doing. You can't beat written proof.

 

Do I have the answer? http://www.examiner.com/cyber-safety-in-calgary/calgary-cyber-safety-desk-prevent-hacking

I have file sharing open. I hope I can change that.

 

File sharing isn't quite the open invitation it sounds, it doesn't of itself leave your files exposed, but as you don't have a home network, and so have no need for it, turn it off. You can do that through Control Panel > Network and Sharing Center. On the left you will see Manage Network Connections, so right click that > Properties, and uncheck File and Printer Sharing.

You recently switched to MSE but I have no recollection of you telling us what firewall you are using. As you don't have a router (routers incorporate a hardware firewall), you absolutely have to have a software firewall running. The Vista firewall in its default state is quite sufficient to stop any uninvited attempts to access your computer, but as ever, there are other more sophisticated options available. I'm not advocating you use them - just trying to be sure there is a firewall in place.

 

I went through and disabled all file sharing and have Peer Block in place.

I have two firewalls, both Windows. Windows Firewall and Windows Firewall with advanced security. Earlier on this site, I asked which one I should keep. Search doesn't show me any other firewalls activated.

 

For what it's worth. On Windows firewalls. I have XP and bought a new computer for the wife. XP also. Had 2 ppl hack the computer when I tryed to get it online. Made shure the Xp firewall was turned on. Windows 7 has a better set-up on protection. Prior versions were horse-poop on the firewall. MHO. Comodo firewall was mentioned and I have no experience with it. I use the free firewall from Zonelabs. Nothing on your computer needs to be a server. -> http://www.majorgeeks.com/ZoneAlarm_Free_d388.html

2 firewalls is not a good thing. Just like using 2 viruse checkers on a conflict. Both want to be the I caught it and end result is, no one caught it. Disable or un-install both and install ither Zonelabs or Comodo firewall.

Only thing I can think of on your troubles is if he installed a key logger on it.

Have you run Malware-bytes 1st and Superanti-spyware 2nd along with, found in top downloads here along with CCleaner 3rd? Cleaner 1st and registry 2nd. Look in add-remove programs to un-install the older Java versions also.

 

I asked weeks ago about the two Windows Firewalls and no one answered to tell me which I should delete.

I've run every scan I can think of but it doesn't stop a hacker. And there are no scans I know of that work with an email or webmail program.

Comodo works best in the US. Some of its programs don't work elsewhere.