1. Lazer_Master's Avatar
    Let me say first, that I did NOT connect to the coffee shop's WIFI network, or any other open network, that night. I never even took my phone out of my pocket!

    I went to a new coffee shop last night, woke up this morning, and saw that G-Mail had sent me mails from four of my accounts (that I do access from my phone), asking me if I "used an [unfamiliar] Android device to connect to my e-mail". (The message said the connection was being made from the town where the shop was, which is just the next town over from me. Very often my IP will locate itself in this same town, because it's a big network hub. So that confuses things a little.)

    I got the same e-mails repeated later that same day.

    I immediately changed the passwords on all four accounts, via my PC at home.

    My question is, is it possible for someone to intercept data from my phone, steal passwords, and log into my g-mails from their own phone?

    I do keep the "connect to open networks" turned OFF. But, for a while I had turned ON the "let Google and other apps connect to WIFI networks, even when WIFI is turned off".

    This is all on a rooted Nexus 5.
    04-30-2015 07:29 PM
  2. Raptor007's Avatar
    Yes they can though its usually done over wifi, but that isn't to say it doesn't happen on cellular networks. It's called a "Man in the Middle Attack" Man-in-the-middle attack - Wikipedia, the free encyclopedia . Typically you would get that on a WiFi network that is unsecured or someone spoofing a WiFi signal to make people think its a Hotspot when its their network stealing data. So if you didn't connect to the network and this happened twice, I would highly recommend you turn on 2 Factor Authentication on Google and any other apps you can turn it on with.

    I don't use Google Authenticator, I prefer to use Authy, which offers plugins for web browsers, Android and your desktop, this allows you to more securely protect your authorized devices, wipe and restore your devices without having to reset your 2 Factor Authentication all over again.

    Plus here is a good site https://twofactorauth.org/ that will tell you what sites support 2FA and if they don't urge them to do so especially banks etc. So an ounce of prevention goes a long way.
    Laura Knotek and Lazer_Master like this.
    04-30-2015 08:41 PM
  3. Lazer_Master's Avatar
    Thanks for the reply.

    Will this work over a third=party email app? I use Inomail. Also, does using a third-party app make a phone more vulnerable?
    04-30-2015 10:25 PM

Similar Threads

  1. Why have all my files gone invisible?
    By AC Question in forum Moto X
    Replies: 6
    Last Post: 05-03-2015, 07:27 PM
  2. Replies: 1
    Last Post: 04-30-2015, 07:55 PM
  3. Why did a backup not save my calendar?
    By AC Question in forum General Help and How To
    Replies: 1
    Last Post: 04-30-2015, 07:49 PM
  4. Replies: 1
    Last Post: 04-30-2015, 07:10 PM
  5. Replies: 1
    Last Post: 04-30-2015, 06:44 PM