This weekend I will regain my Gmail account, read the outstanding messages during the week and then take the decision whether to turn it off for good, I will be doing the same for my other web-based mail accounts.
Over the past week my Gmail account has spammed, phished and generally caused a nuisance to thousands of my friends and contacts who have had to put up with constant hassle from whoever has taken control of it.
What is worse, it has taken until this morning over 160 hours after the hacker changed my password and locked me out, to get any communication from google. What arrived this morning appears to be a pro forma which start cheerily “good news” and ends “we’re glad to have you back as a Google Accounts user again”.
In the middle there are a bunch of URL‘s but not a word about how or why things went wrong.
Over the past seven days, we’ve come across friends who like me have been hacked and like me have had messages sent to their contacts requesting money. I’m not sure whether it’s the same hacker but that it took Google seven times their services standard of 24 hours to send a simple pro forma suggests that either they don’t give a damn or this problem is a lot wider than we think.
Experts tell me that these accounts are inherently vulnerable and that I should stick to secure messaging services, my work mail and the internal mail services of the social websites (with security from these sites reverting to the more secure outlook based mail supported by my company’s servers and IT team),
If , as I suspect, the incidence and result of hacking are so widespread and potentially dangerous, we need to issue wake up calls not just to the likes of google. MSN and yahoo, but to the many users for whom a hack is just around the corner.
As a result of my experience and what I have learned , I do not believe that there is an adequate level of security – or support – for these email services. You can strengthen the security procedures that protect your account (by using services such as google’s double verification) and we all should do. But even with a strong password (which I am told I had), you should not be putting your trust in a service that simply cannot help you put things right.
I’m really sorry about all the hassle that this episode has caused. If you’ve been a victim of my “stranded in Valencia” e-mail or have been awaiting a reply to a mail you’ve sent to my account, accept my (and I hope Google’s ) apologies.
Hmmm Henry, I do get what you mean, and have heard many say the same, especially from the legal, professional, tech and security industries. And I was pleased that our spam filters caught your phishing email, though sorry to say it’s unlikely I would have wired you the money even if I had got it 😉 . But I guess I come from a different standpoint on the whole new world order thing, which is that this is simply (or complicatedly) a whole new society that we are needing to learn to negotiate. These are not reasons to reject these incredibly open systems that are connecting the world in new, dynamic and amazing ways, but to learn to live with them and the risks that they carry and find the best way through. There are new dangers and new anxieties, and I am not saying we don’t need to put pressure on the corporates, and be dismayed when they behave unethically or in an amoral way. On the whole I think many of these companies, Google included, try very hard to make these things right, and offer a whole lot of outstanding functionality too. I’ll be keeping my gmail account, and trying to keep vaguely abreast of these things, and like you, be sorry if my account is used by bad people for bad things.
A very useful comment to read! I was considering moving to gmail, I guess I’ll rethink this!
At the other end of the spectrum i have had to migrate to gmail from yahoo – not due to spam – but instead due to yahoo unilaterally deciding to delete emails from my folders and having no way of recovering them.
their defence is reasonable. that it is free and we get a lot of functionality without paying. trouble is i am not sure who you can pay for such a service that woud increase security and back up your data? they will charge for more space but if one has enough space and just wants to up security and have a back up its not clear where to go (to me at least).