We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
Has my email been compromised? And if so, how do I fix it?
Hungerdunger
Posts: 964 Forumite
in Techie Stuff
In the last couple of weeks, two friends have reported receiving emails with my name on asking them to click on a URL.
I asked them to forward the emails to me and these are the details from the original emails:
From: Richard Thompson <chong02@students.poly.edu>
Sent: 28 May 2020 19:41To: you
Subject: Fwd: Note from Richard Thompson
On Thursday, May 28, 2020 12:34 PM, Richard Thompson wrote:
Is there any chance you know this couple http://wwwdotwcp6dotseoixpiadotinfo/
----Original Message-----
From: Richard Thompson
Sent: Friday, May 22, 2020 7:01 PM
To: you
Subject: FWD: for Richard Thompson
On Friday, May 22, 2020 11:54 AM, Richard Thompson wrote:
Any chance that you could know them both http://wwwdotprj4doteurretodotinfo/
(I've replaced . with "dot" to avoid anyone accidentally clicking on the URL.) The email address in the header of the first one is NOT mine.
Can anyone with better technical knowledge than me explain what might be going on, and what might happen if someone was to click on the link? What action should I be taking?
I use Gmail on four devices - desktop PC, laptop PC, Android phone and and Android tablet. I have McAfee total protection on the PCs but nothing on the others.
"The trouble with quotations on the Internet is that you never know whether they are genuine" - Charles Dickens
0
Comments
-
If in doubt change your passwords and set up two factor authentication.Far more likely that these have just been spoofed.3
-
So the actual email received was not from your email account, just had your name and maybe spoofed email.
Sender changed the FROM to be your email address. Puzzles me why most email software prefers the FROM option rather than
showing the true senders ID.
So MrBobScratchit@SCAMYOU.LOTS changes his FROM to be your name and your friends see your name and not his real email,
if they look in the email header info they will probably see his real sender ID.
Censorship Reigns Supreme in Troll City...2 -
They are spoofs but somehow they must have got hold of your contacts list. The chances of two of your friends randomly receiving an email from a Richard Thompson are slight.
All you can do is change the passwords, add 2 factor authentication and let your contacts know to be wary should they receive a similar email purporting to be from you.1 -
I get them from a dead persons account .Judged by the format at some time the dead persons emails to me and others where hijacked .But most likely is the old email mistake of sending something to every contact and not using BCC ,Result is all get all the contacts the mail is sent to . Worst still some of those emails may be forwarded on to others .Not a problem as i set a message rule to delete any with the words john.nobody .1
-
Change password and add 2FA. If you don't know what 2FA is lookit up. I've known people be defrauded because they didn't know a third party had got into their email accounts (that's what 2FA guards against). AND many people don't even realise that they have an email password. AND when they do realise they've either forgotten it or created a really simple one. Rant over.
And people should be taught at an early age that if an email contains words similar to "Any chance that you could know them both http://wwwdotprj4doteurretodotinfo/" that they should ignore it. What happens if you click the link? That's a good test of your computer's security. If your're really interested, get Virus Total to have a look at it for you
https://www.virustotal.com/gui/home/url
If you put your general location in your Profile, somebody here may be able to come and help you.1 -
Thanks to everyone for their replies.I installed two factor authentication sometime last year, and I changed my password as soon as I became aware of the problem.Grumpycrab - I tried out the URLs in VirusTotal, and they both came back "clean", but I'm still not going to take any chances!!"The trouble with quotations on the Internet is that you never know whether they are genuine" - Charles Dickens0
-
If you want to know if your email has been leaked you could try haveibeenpwned.com (or whatever the proper name is), it shows if an email address is in a data breach.
1 -
And even more likely is, that a third person, who had them both in his address book, got hacked and now sends these emails without knowing it.chrisw said:They are spoofs but somehow they must have got hold of your contacts list. The chances of two of your friends randomly receiving an email from a Richard Thompson are slight.
1
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 350.1K Banking & Borrowing
- 252.8K Reduce Debt & Boost Income
- 453.1K Spending & Discounts
- 243.1K Work, Benefits & Business
- 597.4K Mortgages, Homes & Bills
- 176.5K Life & Family
- 256K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards