I was working on my computer at Atlanta air port. A young girl approached me
and asked if she can send email to her home in Bulgaria as she doesn’t have
telephone card. I stupidly allowed her. She sent email for maybe 3 minutes.
Could she have stolen information from my computer? I am afraid to open it.
Opening it isn’t going to be a problem. Whatever’s happened has
I get the sense that you didn’t watch what she was doing on your computer,
which of course means she could have done anything.
And yes, that includes all manner of nastiness.
Remember the statement that I make here fairly regularly:
If it’s not physically secure, it’s not secure.
By letting someone else use your computer – even for a moment – you’ve given up physical security on that machine.
Unless you were watching her actions closely, she could have done a lot. By “closely” I mean literally watching every move – almost reading her email over her shoulder. Since that’s fairly intrusive, it’s likely that you didn’t do that, so I’m sure she had the time to do whatever she wanted.
What could she have done? Anything from installing a key logger to downloading spyware to quickly grabbing account names and passwords that your browser’s helpfully saved for you. There’s probably much more that I can’t think of.
The real question is: did she?
And that’s where it gets really scary. There’s no way to know with absolute certainty.
It’s possible that this was exactly what she said: a simple send of an email or two. It could be totally innocent. Or not. You just don’t know.
Yes, you could trying checking your browser history for unexpected downloads, or your temporary files or the browser cache or perhaps even your sent mail for things that look suspicious.
If she’s innocent (as she might well be), then there’ll be nothing there.
The problem is, if she’s guilty – and good at this – then there’ll be nothing there.
So, what to do?
This is hard to say. At one extreme you’d do nothing, until or unless some kind of problem showed up. At the other extreme you’d treat it like a serious unfound virus infection: backup, reformat and reinstall everything.
I think a more pragmatic solution is somewhere in between.
In your shoes, I would:
Create and save an image backup.
Perform anti-malware scans with a few different anti-spyware and anti-virus tools (making sure that they, and their databases, are up to date.)
Check your sent mail and your browser cache for “anything suspicious”. Things like outgoing messages that include your username password, “.exe” files that have been downloaded at the time you were in the airport and the like.
Keep a super-close eye on your computer, and your credit card bills, for the weeks to come.
Needless to say, I’d also treat this as a lesson. While it’s actually likely that nothing malicious has happened, we simply don’t know. It’s not worth the risk.
Next time, politely decline.