Has my email been compromised? And if so, how do I fix it?

In the last couple of weeks, two friends have reported receiving emails with my name on asking them to click on a URL.
I asked them to forward the emails to me and these are the details from the original emails:

From: Richard Thompson <chong02@students.poly.edu>
Sent: 28 May 2020 19:41
To: you
Subject: Fwd: Note from Richard Thompson
 On Thursday, May 28, 2020 12:34 PM, Richard Thompson wrote:
Is there any chance you know this couple http://wwwdotwcp6dotseoixpiadotinfo/

----Original Message-----
From: Richard Thompson
Sent: Friday, May 22, 2020 7:01 PM
To: you
Subject: FWD: for Richard Thompson
On Friday, May 22, 2020 11:54 AM, Richard Thompson wrote:
Any chance that you could know them both http://wwwdotprj4doteurretodotinfo/

(I've replaced . with "dot" to avoid anyone accidentally clicking on the URL.)  The email address in the header of the first one is NOT mine. 
Can anyone with better technical knowledge than me explain what might be going on, and what might happen if someone was to click on the link? What action should I be taking?
I use Gmail on four devices - desktop PC, laptop PC, Android phone and and Android tablet.  I have McAfee total protection on the PCs but nothing on the others.

"The trouble with quotations on the Internet is that you never know whether they are genuine" - Charles Dickens

Comments

  • Neil_Jones
    Neil_Jones Posts: 9,515 Forumite
    Part of the Furniture 1,000 Posts Name Dropper
    If in doubt change your passwords and set up two factor authentication.
    Far more likely that these have just been spoofed.
  • forgotmyname
    forgotmyname Posts: 32,853 Forumite
    Part of the Furniture 10,000 Posts Name Dropper
    So the actual email received was not from your email account, just had your name and maybe spoofed email. 

    Sender changed the FROM to be your email address. Puzzles me why most email software prefers the FROM option rather than
    showing the true senders ID.

    So MrBobScratchit@SCAMYOU.LOTS changes his FROM to be your name and your friends see your name and not his real email,
    if they look in the email header info they will probably see his real sender ID.


    Censorship Reigns Supreme in Troll City...

  • chrisw
    chrisw Posts: 3,742 Forumite
    Part of the Furniture 1,000 Posts Name Dropper
    They are spoofs but somehow they must have got hold of your contacts list. The chances of two of your friends randomly receiving an email from a Richard Thompson are slight.

    All you can do is change the passwords, add 2 factor authentication and let your contacts know to be wary should they receive a similar email purporting to be from you.
  • JJ_Egan
    JJ_Egan Posts: 20,281 Forumite
    Part of the Furniture 10,000 Posts Name Dropper
    I get them from a dead persons account .
    Judged by the format at some time the dead persons emails to me and others where hijacked .
    But most likely is the old email mistake of sending something to every contact and not using BCC ,
    Result is all get all the contacts the mail is sent to . Worst still some of those emails may be forwarded on to others .
    Not a problem as i set a message rule to delete any with the words  john.nobody .
  • grumpycrab
    grumpycrab Posts: 5,015 Forumite
    Part of the Furniture 1,000 Posts Name Dropper Bake Off Boss!
    edited 6 June 2020 at 11:09AM
    Change password and add 2FA.  If you don't know what 2FA is lookit up. I've known people be defrauded because they didn't know a third party had got into their email accounts (that's what 2FA guards against).  AND many people don't even realise that they have an email password. AND when they do realise they've either forgotten it or created a really simple one.  Rant over.

    And people should be taught at an early age that if an email contains words similar to "Any chance that you could know them both http://wwwdotprj4doteurretodotinfo/"  that they should ignore it.  What happens if you click the link?  That's a good test of your computer's security.  If your're really interested, get Virus Total to have a look at it for you
    https://www.virustotal.com/gui/home/url
    If you put your general location in your Profile, somebody here may be able to come and help you.
  • Hungerdunger
    Hungerdunger Posts: 964 Forumite
    Part of the Furniture 500 Posts Combo Breaker
    edited 6 June 2020 at 12:36PM
    Thanks to everyone for their replies.
    I installed two factor authentication sometime  last year, and I changed my password as soon as I became aware  of the problem.
    Grumpycrab - I tried out the URLs in VirusTotal, and they both came back "clean", but I'm still not going to take any chances!!
    "The trouble with quotations on the Internet is that you never know whether they are genuine" - Charles Dickens
  • If you want to know if your email has been leaked you could try haveibeenpwned.com (or whatever the proper name is), it shows if an email address is in a data breach.
  • tronator
    tronator Posts: 2,859 Forumite
    Part of the Furniture 1,000 Posts Name Dropper
    chrisw said:
    They are spoofs but somehow they must have got hold of your contacts list. The chances of two of your friends randomly receiving an email from a Richard Thompson are slight.
    And even more likely is, that a third person, who had them both in his address book, got hacked and now sends these emails without knowing it.

Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 349.8K Banking & Borrowing
  • 252.6K Reduce Debt & Boost Income
  • 453K Spending & Discounts
  • 242.8K Work, Benefits & Business
  • 619.6K Mortgages, Homes & Bills
  • 176.4K Life & Family
  • 255.7K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16.1K Discuss & Feedback
  • 15.1K Coronavirus Support Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.