Hacking attempts

Hello All - I'm new to this forum. On to my question: A friend of mine accused me recently of attempting to access her facebook account. She indicated that in her exact words, "I checked my e-mails today & had to 2 e-mails from facebook letting me know that attempts were made to log into my account with invalid passwords. The times on the e-mails were shortly after we briefly chatted. " Now knowing I DIDN'T do this, nor do I have any interest in the persons fb account, is this possible? I've scoured through the security settings, and aside from the one feature that notifies if a "foreign" device has logged on to your account (default set to no), I see no application available fitting what she's described. If it is available, can FB provide her with the IP address of the offender? I offered this suggestion to her as I suspect a particular person in this instance. There is more to this story that I could share, but not appropriate for this forum.

thanks in advance

Hello MojoWinston,

Firstly, welcome to the forum!

It is possible that facebook did email her to notify her of multiple failed login attempts. However, it may just be a case of someone else trying to login to their own account, but misspelled their email address instead. I would suggest your friend to do a throughout scan of their computer for infections, then change their password to another, secure one.

I would also like to point out that the accusation by your friend is all but ridicolous. Unless she has actual proof that it was you (such as an IP address), it could be anybody. Similar times to when she chatted with you and the attempted logins are not proof at all, much less grounds for accusations. I don't think Facebook will release the IP address information, but of course it never hurts to ask.

Since you suspect a particular person, the likely best solution at this point is for her to change her password to something very hard to guess (if that is not the case already), in addition to scanning her computer as mentioned above.

It is possible that facebook did email her to notify her of multiple failed login attempts. However, it may just be a case of someone else trying to login to their own account, but misspelled their email address instead. I would suggest your friend to do a throughout scan of their computer for infections, then change their password to another, secure one

Mod Edit; Staff color removed
Tim -

While her accusation/implied or otherwise is upsetting, I've since had multiple friends try to login under my user name. I told each of them to try at least 10 times, as I'm "testing" new FB security settings. It's been 10 hours, and I've yet to receive any email from fb alerting me to the near 50 attempts. Frankly, I don't see how it's possible or necessary? that is to say, every time a user accidentally types with the caps locked, or misspells their password, their email account is going to get a message? The data that would be generated from the millions upon millions of failed attempts "globally" I believe wouldn't be worth the hassle? Maybe I'm wrong....however, if she fabricated this story (which I suspect) then the issue is far deeper, one perhaps better served for her, on a different forum entirely. [/i][/u][/u]

I'm looking forwarding to this forum!

thanks again!



[i]

You're right - getting the servers to send out email for failed logins would be a waste of resources in my opinion as well. However, I was thinking that maybe FB will send out a notification if there are a mass number of failed attempts, but the experiment you performed seems to prove otherwise. (There could be another aspect that we haven't checked though, and that her story really could be legit about receiving the email).

MojoWinston wrote:however, if she fabricated this story (which I suspect) then the issue is far deeper, one perhaps better served for her, on a different forum entirely.

I'd say that also seems likely . It is also possible that it is a phishing attempt, especially if the email then says something like 'Click here to reset your password'.

If it is possble her computer is/has been infected, for your and our peace of mind for you ....

Please do a check to be sure your computer is not infected with these two scans to check for possible infections ?



DISCLAIMER

Please note that all scans are ,as on any forum, run at your own risk

Run Superantisypware (SAS):
…………………………
Download and scan with [You must be registered and logged in to see this link.] Free for Home Users

• Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  
• An icon will be created on your desktop. Double-click that icon to launch the program.
  
• If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates".
  
  
  
• In the Main Menu, click the Preferences... button.
  
• Click the Scanning Control tab.
  
• Under Scanner Options make sure the following are checked (leave all others unchecked):
  
  
  • Close browsers before scanning.
    
  • Scan for tracking cookies.
    
  • Terminate memory threats before quarantining.
    
  
  
• Click the "Close" button to leave the control center screen.
  
• Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  
• On the left, make sure you check C:\Fixed Drive.
  
• On the right, under "Complete Scan", choose Perform Complete Scan.
  
• Click "Next" to start the scan. Please be patient while it scans your computer.
  
• After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  
• Make sure everything has a checkmark next to it and click "Next".
  
• A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  
• If asked if you want to reboot, click "Yes".
  
• To retrieve the removal information after reboot, launch SUPERAntispyware again.
  
  
  • Click Preferences, then click the Statistics/Logs tab.
    
  • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    
  • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    
  • Please copy and paste the Scan Log results in your next reply.
    
  
  
• Click Close to exit the program.
  

………………………………………………………………………….

Please download Malwarebytes
[You must be registered and logged in to see this link.] and save it to your Desktop.

[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

MBAM may "make changes to your registry" as part of its disinfection routine.

• Make sure you are connected to the Internet.
  
• Double-click on mbam-setup.exe to install the application.
  .
  
• When the installation begins, follow the prompts and do not make any changes to default settings.
  
• When installation has finished, make sure you leave both of these checked:
  
  
  • Update Malwarebytes' Anti-Malware
    
  • Launch Malwarebytes' Anti-Malware
    
  
  
• Then click Finish.
  

MBAM will automatically start and you will be asked to update the program before performing a scan.

• If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  
  

On the Scanner tab:

• Make sure the "Perform Quick Scan" option is selected.
  
• Then click on the Scan button.
  
• If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  
• The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  
• When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  
• Click OK to close the message box and continue with the removal process.
  

Back at the main Scanner screen:

• Click on the Show Results button to see a list of any malware that was found.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When removal is completed, a log report will open in Notepad.
  
• The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  
• Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  
• Exit MBAM when done.
  

Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

Be also advised

it may take you several hours to complete any one of these scans so be patient
If all is well you should have a set of 'clean' reports .

[b]Thank you for the resources Ruby! I really appreciate the assist!

Have a great weekend!

MW