I have a question for all of you software gurus out there. My wife's uncle is currently in the throws of what is going to turn out to be a very messy and ugly divorce. We got a call late last night from him, asking me about a situation he was going through. I couldn't answer his question, so I turn to you. I'm not even sure there is an answer, really...

He wanted to know if there was software out there that would allow someone, from another location, to access his e-mail inbox. I know how POP mail servers and the like work, and I tried to explain what it was, and how it worked. He didn't think that anything like that had been set up on his machine. I got the feeling that he wanted to ask if there was a way someone could spy on his e-mail activity. I should also point out that this isn't a gmail/hotmail/yahoo mail account that can be accessed from anywhere.

So, based on what I've said, can anybody help me out?

Thanks!!

Keith

Yes, anyone with his username and password can access his POP email account from another computer. Most ISP's now have web access to your email account, which requires only a web browser to access. Nothing has to be installed on his computer for this to happen.

If he's paranoid, have him change his email password, or change his address altogether, with a different username.

Keyloggers can also be installed on a computer to record key strokes, revealing just about everything he does on his computer.

EDIT: And if he really thinks someone is accessing his email account, he should contact his ISP and attorney(s) for more help. Accessing others online accounts is unlawful I believe.

Yes, anyone with his username and password can access his POP email account from another computer. Most ISP's now have web access to your email account, which requires only a web browser to access. Nothing has to be installed on his computer for this to happen.


Correct, anyone can go to any computer and once in the internet log onto their ISP and check their e-mail, so if she knows the ID and password she can access it from anywhere. It doesn't have to be one of the free ones.
That's how people check their e-mail when traveling at internet cafes, or hotel business centers.

Yup.. chances are his Ex knows their email account / password, so yes she would be able to read email in that account easily.

He needs to change the password to prevent this.

If he is worried get a good techie to check the PC for keylogging or remote control software, but thats going to get real messy if thats there. Legally it comes under the same sort of situation as bugging someones phone.

99% she is looking at their ISP's webmail page using their original password :rolleyes:

Ian

My understanding of how a POP mail server is set up is that it has to be done on the "home" PC first in order to be able to access it remotely. Is this correct? He doesn't think this was done originally, which is where his concern comes from.

I appreciate all the responses to this point. I'm going to talk to him again and try to get some more information.

- Keith

My understanding of how a POP mail server is set up is that it has to be done on the "home" PC first in order to be able to access it remotely. Is this correct? He doesn't think this was done originally, which is where his concern comes from.
The mailbox doesn't care. Some folks never use a client application on their PC...and most major ISPs support that. You only do setup on the local PC if you want to use software like Outlook Express or similar to access your POP (or IMAP) email account.

My advice is for him to change the password on the account to something completely inane and un-guessable by the soon-to-be ex and also set up an email account somewhere else to use for "important" communication. That will further reduce the chance that he will be "spied" on...unless said soon-to-be ex is a very accomplished computer guru...or has a "friend" that is.

That's how my BIL found out about his ex-wife's uh, shall we say, "side business."

Thanks, guys. The changing of the passwords suggestion was something so basic that I didn't even bother mentioning it to him....until last night, that is. He said, "Huh....didn't even think of that." Ooops.....:o

Anyway, I did some further research for him and found some freeware that would scan his HD for any keylogging log files. I talked him through loading it and running it....and whaduhyaknow? It found some log files. The whole thing suddenly took a turn down a road that I didn't necessarily want to go. I told him to find a local guru to verify what he thought he had there, and then go to his lawyer.

Bad times, for sure.... :eek:

- Keith

Just to throw in my two cents to this topic. As mentioned earlier, most ISP allow for 2 types of mail accounts, POP3 and IMAP. THe difference is that POP3 actually takes your mail from the mail server and delivers it to your PC. IMAP copies your mail from the server to the PC. The difference is that with IMAP the mail is still on the central server. If someone were to know your ID/PW they can configure their PC to view your mail by using the IMAP configuration.

That being said changing the ID/PW is a good idea. Also for what it is worth all email is the equivalent of a postcard in the US mail. So if anyone has access to computer networks at the correct locations they can use software to capture email messages all day long.

Not to make anyone paranoid or anything :eek:

Unless he can prove who installed the keylogging software it probably isn't something that would be prosecuted or help in the divorce settlement. I'd suggest that he change ISP and start over, sending his new e-mail info only to people he can trust.

Easiest thing to do is clean out the current mailboxes and start using a new Yahoo account with new passwords.

Keith, if it is/was a shared computer, the existance of key logging software will be moot...

However, getting that machine to a local expert to have it locked down appropriately and his on monitors put into place is definately a step in the right direction....

Best of luck you you and him during these trying times.


Thanks, guys. The changing of the passwords suggestion was something so basic that I didn't even bother mentioning it to him....until last night, that is. He said, "Huh....didn't even think of that." Ooops.....:o

Anyway, I did some further research for him and found some freeware that would scan his HD for any keylogging log files. I talked him through loading it and running it....and whaduhyaknow? It found some log files. The whole thing suddenly took a turn down a road that I didn't necessarily want to go. I told him to find a local guru to verify what he thought he had there, and then go to his lawyer.

Bad times, for sure.... :eek:

- Keith

Just to throw in my two cents to this topic. As mentioned earlier, most ISP allow for 2 types of mail accounts, POP3 and IMAP. THe difference is that POP3 actually takes your mail from the mail server and delivers it to your PC. IMAP copies your mail from the server to the PC. The difference is that with IMAP the mail is still on the central server. If someone were to know your ID/PW they can configure their PC to view your mail by using the IMAP configuration.

That being said changing the ID/PW is a good idea. Also for what it is worth all email is the equivalent of a postcard in the US mail. So if anyone has access to computer networks at the correct locations they can use software to capture email messages all day long.

Not to make anyone paranoid or anything :eek:

POP3 servers can be "told" to leave a copy of the message on the server as well. It would be easy enough to download his email to another computer, leaving a copy on the server.