May 31, 2018 at 10:14 am #477
I’ve had a friend phone me to say that she has received 5 emails from ‘me’, which weren’t from me. She says my email account must have been hacked. I’ve never had this happen before. Could someone explain exactly what I should do? If I set up a new email for example, what do I do with the old account? How do I make sure all friends/contacts/organisations get my new email safely. Thanks.
May 31, 2018 at 10:15 am #478
Be aware you may not have been hacked at this point, but a similar email address with your name attached is being used and sent to your contacts. I saw quite a bit of this a few years ago. However it may be a hack – you need to look carefully at the headers of the message your friend has received. Regardless as a precaution change your password for your current email account immediately and if possible set up 2 part authentication (using a trusted device or phone) and you should be able to continue using it.
May 31, 2018 at 10:16 am #479
It’s a very old and simple trick to ‘spoof’ email. One can easily send mail that, on first glance, appears to be from email@example.com or similar. Some spammers will forge the From: field, as it may get them through a spam filter and it has more chance of being opened by the victim.
As has been mentioned above, get a geek to look at the headers to trace the path the mail took. (Received: from example.com by example2.com <date> <time>). There may be an X-Originiating-IP header giving the senders IP.
If it’s a webmail account, you can check your sent mail folder. Change your webmail and / or mail server password. Turn on two factor authentication. Change the passwords of any other accounts if they use the same or similar passwords. Make sure your antivirus is from a well known brand and up to date.
Look at the message content. It may just say “Buy this product”. Or, it could be part of a more elaborate con: “This is Mandy, My wallet has been stolen and I’m stuck in <some remote country>. Can you send me $$$ via Western Union money transfer to account 1234”. If it’s the latter, it may be worth texting people, saying your account has been hacked and to ignore any such requests.
May 31, 2018 at 10:17 am #481
Thanks all. My gmail account doesn’t think anything is wrong, but I have changed the password. My Avast antivirus has given me a clean bill of health.
May 31, 2018 at 10:17 am #482
She says my email account must have been hacked.
“Must have been”, no. Anyone with a modicum of programming skills can send email purporting to be from anyone.
You must be logged in to reply to this topic.