That’s right. I hate to tell you folks, but if you give me 10 seconds alone with your computer I’ll not only get your user name and passwords to every mail box you have set up in Outlook and Outlook Express, but I’ll also be able to see every single login you have saved in your Internet Explorer auto-complete settings.
And I’ll do it all with this tiny little application. Don’t believe it? Fine, download it, unzip it and launch it. You’ll be instantly staring at all of the passwords you’ve ever told Microsoft to remember for you.
If that doesn’t make you paranoid… well, you just aren’t alive. So, what can you do about it?
- Take my previously stated advice of using RoboForm to remember all your passwords.
- Don’t ever, ever, ever allow Internet Explorer to save a password. You also can’t allow Outlook to save a password.
- Immediately download and use a system cleaning utility to erase all that data.
- Strengthen all of your passwords!
- Switch to FireFox or Opera as your main Web browser.
- Switch to Thunderbird for mail reading.
I know I’m beginning to sound like a broken record to my regular readers when it comes to security paranoia, but I’d rather you be safe than sorry. And hey… at least One Man is looking out for you. :-)
Is killing me not been able to log back into my outlook account have tried everything and to top it off my lap top is now broken. Could someone help me please if I give the email address thanks xx
I suspect my husband is cheating. I know his gmail password but see that he has created an outlook.com email address now. I think he has created it from his windows phone. Is there anyway I can learn his password without him knowing. I do not have access to his phone. Would appreciate if you could help please!!
I have a saved hot mail account in outlook and no one knows the password, but its saved in outlook. We cant recall enough info to get the automated system to let us change the password Live Tech Sup will not help. Any idea how to retrieve the Hotmail password from outlook?
your downloading file is flagged as malicious file??? any explanation?
plus it doesn’t work!!!
I was breaking my head over lost outlook password, but with that small app I got that in a jiffy.
Great Help dude !!
I’m actually breaking my head right now as I’m typing for my outlook password, I’ve downloaded the application but it’s not retrieving any passwords, can you help me out with steps to import as in the file location I should import from?
I’d really appreciate your help
Dear Sir one man,
I read your blogs regularly and i am a big fan of yours. I have one question echoing in my mind. I would be grateful if you could answer me on that.
Can some one hack my outlook from a remote terminal and monitor my emails. Point to note is I am not using gmail,yahoo,hotmail, AOL etc for my official mails but a domain address provided by my employer.
The hacker doesnt know any thing except for my email address e.g if my employer is ABC Inc. then my e mail ID is Atique@ABCinc.com. A friend of mne told me that I should be alert to this. Now i dont even know that is it possible or not. Or if the hacker is gonna do this how can he?
Awaiting your response and thanking you in anticipation.
Best Regards,
Atique
@Rasool
I think a hacker can not predict when the victim is going to sent a mail..So he have to capture(sniff) all the packets that is being send from victims computer and then reconstruct it to view the mails or any other data..
Hi ONE MAN…..
my self Rasool, working as a system admin, and i have a lot’s of ideas and plans to do in computing world, and lot’s of doubts too…. i tried to search in the google search engine but i didn’t get any proper answer…… is this right place to ask my doubt……. if yes…. i have one simple question (doubt), how the hacker will try to hack the mails of outlook over internet, means a sender has sent a mail to the second person, the mail which is on the way of internet, at that time how the hacker will got to know this is the mail which he want to hack….. like that….. hope you got my point….. please send me a message as soon as possible… Thanks in ADVANCE…
http://www.stevengould.org has this which he coded himself. Doesnt show up as virii under NOD32 either. I’d like to see the source code.
Damian,
Your Anti Virus or Anti Spyware program is right to disable this app because it is known to be used maliciously. However, the dangerous form is when this application is installed as payload from a piece of malware.
In other words. It is not dangerous for you to download and run it yourself, but it is dangerous if someone else sneaks it onto your computer (the point I was making exactly). And since your AV program doesn’t know who’s running it, it disables by default.
For more detail see the Computer Associates site here or here.
Still, the larger point is that this is a MAJOR flaw in the password security of the Microsoft product line.
John
Should I not be concerned that my AV had to delete the program, as it classed it as a virus? anyone else had this problem??
That Mac comment shows the very weakness that Hackers will exploit when they turn their beady eyes to the Mac…arrogance. The reason Mac users haven’t had to worry about security as much is because there were fewer Mac users around. But with their growth in popularity, they will begin to suffer the same attacks that PC users have suffered. With my Mac friends I use the analogy that it’s like a guy not wearing a condom during sex because he’s never caught any disease in the past. Past experience does not determine future experience. But as long a Mac users keep their noses in the air, they’ll never see the pit they are about to fall into.
Scary stuff.
How can Microsoft get so much wrong, when much smaller, poorer firms apparently have no such issues?
MS is much more popular than “small firms”. Therefore, their products are more available for the public to poke around. More opportunity to interfere and by sharing ideas online, will lead to more vulnerabilities uncovered.
That’s odd…no mac version. :)