Question Stop Foreign access / sign in attempts to email? Build a digital wall to protect email?

Toggle sidebar Toggle sidebar
M

miogpsrocks

Honorable
Dec 6, 2019
60
1
10,535
Over the years, I keep getting foreign countries attempting to gain access to my email. I see sign in attempts from Nigeria, Vietnam, Germany, China, etc..

I live in America and I have never tried to sign into my email from these foreign countries. I would like to know if there is a way to setup like a digital wall or security policy to only allow sign in from IP address in America not in Vietnam, China, etc..

How do I keep these illegal hackers out of my email or even attempting to access it?

I have yahoo mail, AOL mail that I use most.

Thanks.
 
miogpsrocks said:
Over the years, I keep getting foreign countries attempting to gain access to my email. I see sign in attempts from Nigeria, Vietnam, Germany, China, etc..

I live in America and I have never tried to sign into my email from these foreign countries. I would like to know if there is a way to setup like a digital wall or security policy to only allow sign in from IP address in America not in Vietnam, China, etc..

How do I keep these illegal hackers out of my email or even attempting to access it?

Thanks.
Click to expand...
You can't prevent the attempts.

Strong password, and the firewall on your router does the trick.
 
  • Like
Reactions: stuff and nonesense and COLGeek
Ralston18 said:
What I do is allow only contact/address list people into my Inbox. Everything else goes to spam/junk/trash for review without opening and then direct deletion.
Click to expand...

You are talking about receiving spam. I am talking about something trying to hijack my account by gaining access.

Some hacker in a foreign countries working all day to gain access to American email accounts to steal money, identity thief, etc..
 
USAFRet said:
You can't prevent the attempts.

Strong password, and the firewall on your router does the trick.
Click to expand...

Any reason why not? I don't think most Americans are traveling to Nigeria and signing into their email.

100% of foreign attempts into my email are done by hackers. I don't see any technical reason why this could not be done.

Cell phones can be setup to lock unless the camera does facial recognition or finger prints, etc.. but a regular email can't restrict Nigerians from trying signing into your account?

It's my understanding that if they attempt to sign in using a mobile based app, then the same lockouts don't apply as when signing in on a PC.

The IP address can show that its from Nigeria and not from America when signing into an America based email. Also why not just give the user the option to specify which country to allow sign in from instead of allowing these illegal hackers to hijack your email account remotely?
 
miogpsrocks said:
Any reason why not? I don't think most Americans are traveling to Nigeria and signing into their email.

100% of foreign attempts into my email are done by hackers. I don't see any technical reason why this could not be done.

Cell phones can be setup to lock unless the camera does facial recognition or finger prints, etc.. but a regular email can't restrict Nigerians from trying signing into your account?

It's my understanding that if they attempt to sign in using a mobile based app, then the same lockouts don't apply as when signing in on a PC.

The IP address can show that its from Nigeria and not from America when signing into an America based email. Also why not just give the user the option to specify which country to allow sign in from instead of allowing these illegal hackers to hijack your email account remotely?
Click to expand...
This would be like trying to stop people walking down the street, and pressing your doorbell.

And preventing from specific countries is easily defeated, via a VPN. With that, they can appear to be from anywhere.
 
Doorbell - good analogy.

Generally those folks around here leave flyers stuck in the door. Cannot stop that either.

One reason to ensure that we keep our doors locked. All of the doors. including vehicles.

And:

"It's my understanding that if they attempt to sign in using a mobile based app, then the same lockouts don't apply as when signing in on a PC."

Source?
 
the problem is that yahoo/aol/gmail/etc are not a local service to your house on your own server. they are somewhere else and you access it from the web like any other site. therefore anything you do at home has no effect on the service.

those services would have to block ip ranges from specific countries from their security measures. you have nothing to do with it. could they implement a button for you to press that only lets a specific country access your account? sure they could. but as noted, faking a US ip is easy with vpn's and other methods.

they already know it's not going to help, which is why they don't bother. they focus more on DDOS attacks and other attempts to shut the site down completely.
 
USAFRet said:
This would be like trying to stop people walking down the street, and pressing your doorbell.

And preventing from specific countries is easily defeated, via a VPN. With that, they can appear to be from anywhere.
Click to expand...

I have had paypal deny transaction for because I was ordering out of my normal state for collage. Just for being in another state not even another country. Thrown in as " suspicious activity".

The IP address can identify the country and/or state and the coders can made basic " if this than that" programing because of it.

When I try to login my bank, it will send a code to my email because " it does not recognize my device" How does it know what my device looks like? Some kind of webcam hacking? That is MORE detailed then even just the country of the IP address.

I am certain that yahoo can identify if an IP address is trying to sign into an American account from Nigeria and decide not to allow access especially if they gave the option to the email account owner to set it up like this.

As for VPN, some websites basically treat all VPN users like criminals. In fact, I got a deal on a VPN from Slickdeals.com then when I was using it to login into Slickdeals, they would not let me in the website because I was using the very VPN that was advertised deal on the website. Same for the TIVO forum, I was denied access for using a VPN. When I turn off VPN, it let me on.

I don't why companies don't allow users to made security settings tailored to their situation.

Look at what some streaming services are doing. They are denying entry if you try to access the service from other location from your primary IP address to stop " password sharing"

So this is no way like a doorbell that connects a circuit to ring a doorbell when the button is pushed.
It's more like some wifi doorbell that you can do custom setups using your cell phone I assume. I don't actually have a smart doorbell, just a traditional one.
 
Math Geek said:
the problem is that yahoo/aol/gmail/etc are not a local service to your house on your own server. they are somewhere else and you access it from the web like any other site. therefore anything you do at home has no effect on the service.

those services would have to block ip ranges from specific countries from their security measures. you have nothing to do with it. could they implement a button for you to press that only lets a specific country access your account? sure they could. but as noted, faking a US ip is easy with vpn's and other methods.

they already know it's not going to help, which is why they don't bother. they focus more on DDOS attacks and other attempts to shut the site down completely.
Click to expand...

They could let the email user determine the countries that allow access to their email. Most Americans would probably say " US only access"

When I click on like activity with Gmail or yahoo, it will actually show the connected devices and what country they are from. Gmail or hotmail I think will show a list of attempted logins and the country and IP address trying to login.

You can setup your own password right? Why would setting up a geo-lockout be any different.

They literally show the IP address and say Nigeria attempted Login right on their page.

They also know if you are using a VPN. Many times they might ack for a Capcheck because of using a VPN.

Heck, I have ever had google and aliexpress cause me problems because I guess I typed of clicked too fast.

They had like different options for the same product and I was clicking quickly on the different options to see the different in quality and price very quickly and it had a pop up saying it suspected I was a bot or something.

There is absolutely no reason why they technically would not do this.

I think yahoo is own by some hedge fund and is run by a bunch of Indians in India and maybe they have stop trying to innovate and just about some income source and status quo which is my guess.
 
Ralston18 said:
Doorbell - good analogy.

Generally those folks around here leave flyers stuck in the door. Cannot stop that either.

One reason to ensure that we keep our doors locked. All of the doors. including vehicles.

And:

"It's my understanding that if they attempt to sign in using a mobile based app, then the same lockouts don't apply as when signing in on a PC."

Source?
Click to expand...

When my email was Hijacked, it was always from a mobile app in a foreign country.
When was the last time you were asked for a Capchka when you check your mail on your cell phone using an app? Where is your source that it's not true?
 
have you set up 2 step authentication?
https://help.aol.com/articles/2-step-verification-stronger-than-your-password-alone
help.yahoo.com

Add two-step verification for extra security | Yahoo Help

Take control of your account's security! Require an automatically generated code to login from unrecognized devices or browsers, in addition to your password. Learn how to turn on two-step verification.
help.yahoo.com

it won't stop them trying but it should make it much harder for them to get anywhere. Unless they have your phone they won't get in.
 
  • Like
Reactions: Ralston18
I do not use my phone for email.

I am old and my fingers can get quite stiff. Email via my phone is just not practical. Small, hard to read and type.

Short text messsages at best or Facetime with family and friends.

Email is via my PC where it is easy to read things and type on a full size keyboard.

With AV etc. for protection purposes as well.

For the most part what comes into play for me is that my online services usually text (phone) or email me some sort of confirmation code. Captchas from time to time but not as all as often as in past times. 2FA as well.

I still get junk/spam emails (one pretending to be my elderly 90+ old aunt) but those emails get reported and immediately deleted.

I do not "unsubscribe" to unknown emails. Why let the senders know that the email was actually received by a "live" person/address?

Overall, I still get unwanted ("foreign"?) emails just as we get unwanted junk mail in the mailbox. That junk mail gets shredded and recycled.

Point being that just do what you can to protect yourself and reduce the nuisance of it all.

As above - it won't stop the bad types from continuing to try.....
 
Ralston18 said:
I do not use my phone for email.

I am old and my fingers can get quite stiff. Email via my phone is just not practical. Small, hard to read and type.

Short text messsages at best or Facetime with family and friends.

Email is via my PC where it is easy to read things and type on a full size keyboard.
Click to expand...
I only mentioned phone as that is where my Google Authenticator app is. Its also a common place that 2 step verification systems will send the confirmation code as well. Not all of them rely on an app, some will send an sms.

I mainly use PC for email as well, but phone isn't that bad provided you just sending. There are times its easier to use the phone than the PC. I know better than to open any links in emails on my phone, mainly as that sort of thing is easier on my phone. Safer too.
 
miogpsrocks said:
They could let the email user determine the countries that allow access to their email. Most Americans would probably say " US only access"

When I click on like activity with Gmail or yahoo, it will actually show the connected devices and what country they are from. Gmail or hotmail I think will show a list of attempted logins and the country and IP address trying to login.

You can setup your own password right? Why would setting up a geo-lockout be any different.

They literally show the IP address and say Nigeria attempted Login right on their page.

They also know if you are using a VPN. Many times they might ack for a Capcheck because of using a VPN.

Heck, I have ever had google and aliexpress cause me problems because I guess I typed of clicked too fast.

They had like different options for the same product and I was clicking quickly on the different options to see the different in quality and price very quickly and it had a pop up saying it suspected I was a bot or something.

There is absolutely no reason why they technically would not do this.

I think yahoo is own by some hedge fund and is run by a bunch of Indians in India and maybe they have stop trying to innovate and just about some income source and status quo which is my guess.
Click to expand...
“They also know if you are using a VPN” is wrong, there isn't a totally technically reliable way to do this.
Even if you blocked all non-US IPs and tried every non-fully-reliable way to block VPNs, hackers can use a hijacked US citizen's PC/phone/breadmaker to do this brute-force attempt.

The ONLY way TO KEEP YOUR EMAIL SAFE IS TO USE A STRONG PASSWORD, DON'T RECORD IT AT ANYWHERE EXCEPT YOUR MIND AND CHANGE IT IN ROUTINE. Additionally, enable 2FA can increase the safety of your email.
 
Though I am sure it has been suggested before you probably have to move to a mail server that supports 2FA or higher security protocols.

Like Very long/complex password, Plus 2FA Plus account access restrictions from only specific IP's/MAC addresses.

Something if the email is from your Internet Service Provider you can ask them. Though typically only for business/corporate accounts.
 
miogpsrocks said:
Any reason why not? I don't think most Americans are traveling to Nigeria and signing into their email.

100% of foreign attempts into my email are done by hackers. I don't see any technical reason why this could not be done.

Cell phones can be setup to lock unless the camera does facial recognition or finger prints, etc.. but a regular email can't restrict Nigerians from trying signing into your account?

It's my understanding that if they attempt to sign in using a mobile based app, then the same lockouts don't apply as when signing in on a PC.

The IP address can show that its from Nigeria and not from America when signing into an America based email. Also why not just give the user the option to specify which country to allow sign in from instead of allowing these illegal hackers to hijack your email account remotely?
Click to expand...
Strong passwords, 2fa on your email account, then pray they hackers don’t sim swap you…
 
As was said, TURN ON 2 factor authentication. Also, turn on 2 factor for your cell phone account and turn on options for notifications if someone tries to change your account, have a strong obscure security key they must ask you for etc to make it harder for folks to hijack your cell account. I saw something recently where people were doing the cell phone hijacks, then getting access to your bank.
 
  • Like
Reactions: SteJBorchard
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom