We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Hacked/spoofed email
Sapindus
Posts: 703 Forumite
in Techie Stuff
Someone sent out emails to my mum's contacts, looking like they had come from her email address, asking if people used a well known internet shopping site. If people replied, they then got a further email from a similar looking email address asking them to buy a gift card for her.
She has changed her email password with the help of a "computer man" she called in. But in her settings we discovered her emails were being auto forwarded to the address the scammers were using to ask for the gift cards.
She was understandably upset by all this and has gone off to calm down. I'm still very worried because I don't understand how the rule got set up. I thought these spoofing things were just done by someone harvesting her email details and the email didn't actually get hacked. Have we done enough by changing the password or is there more we should do?
She has changed her email password with the help of a "computer man" she called in. But in her settings we discovered her emails were being auto forwarded to the address the scammers were using to ask for the gift cards.
She was understandably upset by all this and has gone off to calm down. I'm still very worried because I don't understand how the rule got set up. I thought these spoofing things were just done by someone harvesting her email details and the email didn't actually get hacked. Have we done enough by changing the password or is there more we should do?
0
Comments
-
Who is her email provider? You want to make sure she is signed out in any other locations, most email providers have a "Sign out everywhere" option. You also need to change the passwords on anything that is connected to that email address, anything that uses that email as a login.Sapindus said:Someone sent out emails to my mum's contacts, looking like they had come from her email address, asking if people used a well known internet shopping site. If people replied, they then got a further email from a similar looking email address asking them to buy a gift card for her.
She has changed her email password with the help of a "computer man" she called in. But in her settings we discovered her emails were being auto forwarded to the address the scammers were using to ask for the gift cards.
She was understandably upset by all this and has gone off to calm down. I'm still very worried because I don't understand how the rule got set up. I thought these spoofing things were just done by someone harvesting her email details and the email didn't actually get hacked. Have we done enough by changing the password or is there more we should do?
I would also find out who the "computer man" was, they could part of the problem, not the solution.
The other is if this is a PC run MalwareBytes.3 -
1. Who is your Mum's Email Provider, Hotmail, Google or someone else?
2. How did she find this computer man?
Is he local & came to the house?
Was it via the internet. If so what is he's web address?
3. Does your Mum use?
(a) Password Manger to generate & store her passwords
(b) 2 FA
(c) Authenticator App
(d) security key
4. (a) What Browser does she use.
(b) Is it a Microsoft computer
5. Have you or your Mum run a full security scan of the computer since this happened.
As already suggested run a scan with. Malwarebytes if its a Windows computer.
1 -
Her email is via her internet service provider. The computer man works for a local firm and physically came to the house, I think she will have found him via the local advertising magazine.
As for what browser she uses etc, we are talking about someone who says things like "I only have Firefox on my emails" and has no smartphone.0 -
Imagine the likes of Gmail does have a sign out of all devices option but have to say that the average ISP or Webhost using basic mail server software wouldnt typically have this option. Most however dont use a persistent connection so simply changing the password hopefully would stop them.MattMattMattUK said:
Who is her email provider? You want to make sure she is signed out in any other locations, most email providers have a "Sign out everywhere" option. You also need to change the passwords on anything that is connected to that email address, anything that uses that email as a login.Sapindus said:Someone sent out emails to my mum's contacts, looking like they had come from her email address, asking if people used a well known internet shopping site. If people replied, they then got a further email from a similar looking email address asking them to buy a gift card for her.
She has changed her email password with the help of a "computer man" she called in. But in her settings we discovered her emails were being auto forwarded to the address the scammers were using to ask for the gift cards.
She was understandably upset by all this and has gone off to calm down. I'm still very worried because I don't understand how the rule got set up. I thought these spoofing things were just done by someone harvesting her email details and the email didn't actually get hacked. Have we done enough by changing the password or is there more we should do?
If I've understood the story it sounds like someone without too much IT skills on the basis that the follow up emails were coming from a different email address rather than continuing to spoof the OPs own email.
Does the OP use webmail or using a desktop application like Outlook/ Mail? If it's webmail then it could all have happened 100% remote and they simply accessed her account. If its a desktop app then its probably more likely access to her computer was compromised (eg malware)0 -
I've seen this problem quite a few times in outlook webmail.
You can check the settings in outlook webmail here
https://outlook.live.com/mail/0/options/mail/rules
https://outlook.live.com/mail/0/options/mail/forwarding
This happens frequently with BT accounts as there are many people still using BT email.
The hacker may also get into a BT account and change your mobile phone number and so if you believe you've been hacked in this way, its worth talking to BT as they may have to help sort it out.
Two-factor authentication should be enabled. BT can help with this too.
1 -
Assuming that your mum is using a Windows computer,
I suggest that either she or you, do a full security scan to check no malware has been downloaded
It really is very easy to do it will take some time to complete.
Watch the video below:
https://www.youtube.com/watch?v=-o1xa_euuD0 0 -
If you copy and paste what you have written above, into an AI chatbot like, perplexity.ai or copilot, you will be given what you need to check.Sapindus said:Someone sent out emails to my mum's contacts, looking like they had come from her email address, asking if people used a well known internet shopping site. If people replied, they then got a further email from a similar looking email address asking them to buy a gift card for her.
She has changed her email password with the help of a "computer man" she called in. But in her settings we discovered her emails were being auto forwarded to the address the scammers were using to ask for the gift cards.
Have we done enough by changing the password or is there more we should do?
This is an expansion on the "grumpycrab" helpful posted above.1 -
Thanks all for the advice.0
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 352.5K Banking & Borrowing
- 253.7K Reduce Debt & Boost Income
- 454.5K Spending & Discounts
- 245.5K Work, Benefits & Business
- 601.5K Mortgages, Homes & Bills
- 177.6K Life & Family
- 259.5K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards