: Advice Urgently Needed - Security Issue?
Jul 16th, 2008, 11:30 PM
Any advice would be greatly appreciated. During the course of my work I have to use yahoo instant messenger. I also have to access chat rooms and write blogs. None of this is done under my own name. However, someone has "discovered" my real name. My employers cannot determine how this has happened but have suggested that I have spyware somewhere on my system. On a Mac? I'm very concerned about what information this person might have access to. What can I do? This is on my (almost) brand new MacBook. Sorry if I'm not being very clear but I'm just ever so slightly rattled.
Thanks in advance.
Jul 16th, 2008, 11:47 PM
Do you write blogs on your own website that you have registered?
Jul 16th, 2008, 11:50 PM
No, you don't have spyware (in the PC sense of the term), but it's possible there's a keystroke logger installed on your system (this would have been done by someone with physical access to your machine.
Apart from that, I suppose someone could figure this sort of info out by comparing the IP addresses of posts made elsewhere under your real name to posts made under an alias, or by doing a trace on the IP address of your posting machine and then consulting publicly-available records about who uses that IP address.
In any event, you apparently have someone determined to find out more about you, so you may want to look into using a proxy server from now on (and of course changing that alias).
Jul 16th, 2008, 11:53 PM
Are any of the above associated with or linked to a gmail account that you signed up for using your real name?
SecuriTeam Blogs ŧ Finding the name behind the gmail address (http://blogs.securiteam.com/index.php/archives/1113)
I guess if you are using yahoo you probably aren't...
btw I'm no security expert. I just happened to see that article and passing it along for interest's sake.
Jul 17th, 2008, 12:44 AM
The blog in question, is it registered on it's own domain name and possibly under your real name? Looking up the registration information on domain names can reveal a great deal of information.
Jul 17th, 2008, 02:05 AM
I concur with others, it's very doubtful that they got your name or other information directly from your computer, but instead they did some sleuthing around to find the info. It's amazing how much information is out there if you know how and where to look.
Jul 17th, 2008, 10:33 AM
Thank you all for your responses - I feel bit better. I must admit I was a bit shaken last night - not so much because this guy knows my real name but because the next question is, what else does he know?
The blog and the yahoo account were opened by my employee and my real name appears nowhere on either of them - there's no reason for it to. The chat room is members-only, also operated by my employers. This is all very puzzling because I just can't see any link to my real name. No one else has access to my computer. I suppose I wanted to know how I could ensure this guy gets no more information about me, i.e. bank info.
Proxy server, chas_m? Could you please expand a bit on that? Thanks.
Thanks again for responding. I feel a bit better now than I did at 3:30 this morning!
Jul 17th, 2008, 10:47 AM
Proxy servers are used to give you a "fake" IP address. You can be connected in Canada and have an IP address from Spain letīs say. There are programmes to trace back your actual IP address. As far as I know they are expensive and police use them to track down online pedophiles and the sort.
I am interested in using a proxy server just for the hell of it. I have no idea how though.
Jul 17th, 2008, 10:58 AM
How about going the other direction - do you know who the person online is that knows your real name?
Specifically, do you know for sure that they are not someone that already knows your real name, and knows what you do online for a living?
Or else is your first name Warren, Wayne, or Wilbur, or maybe William? Is your last name Olfshead? Hmmmm, Mr. Olfshead?
Jul 17th, 2008, 11:35 AM
No, I don't know who the person is. It appears to be one person using three different aliases - my employers are looking into that end of things. A couple of people do know what I do but no specifics - they don't know my alias or who I work for, for instance. The name part is not really the issue - it's what else does he know and how did he get the info? And, by the way, that's Ms Olfshead to you!
Jul 17th, 2008, 12:25 PM
I agree it sounds like someone has simply done some cyber sleuthing... If you care to post some of the resources that you have written to, published, etc... I'm sure some one could point you to where your details have been discovered...
Jul 17th, 2008, 01:07 PM
Maybe you accidentally sent an email using your email address that has your real name instead of the other email address. :) Or maybe some signature in your email.
Jul 17th, 2008, 01:09 PM
Or maybe your email client has included in the email header your computer name which in mac is also your name.