Hi Helen and all.
Having malware mailed out and APPEARING to come from your account does not _necessarily_ mean your account has been hacked (it can be merely some of your email addresses somehow stolen):
In my experience when a suspicious email appears to be sent by a likely innocent sender)
the sender's email account has NOT been hacked.
At least not in the sense of having been taken control of by
someone other than the intended owner.
It is usually easy for the owner to confirm that their email account has not actually been taken over as follows:
If a person with undesired intentions actually took control of your email account likely the first thing they'd do is lock YOU out by changing your email
password. So if you can still send email and access your email that has not in all probability not happened.
However, not much harm in changing you email password ... though that might require you to go into some of your software and "tell" it your new password.
What likely has happened is this:
Someone HAS gotten access to all, or more likely part of, your email address book -- email addresses that you sometime send email to and addresses that
presumably "know you you are" and would be less suspicious of email coming from you.
Then they forge your return address and send emails to your recipients whose addresses they have.
It's just like someone you don't know and don't trust sending a letter to you and putting as the return address the name and address of someone you know
and trust in the upper left.
In the case of forged email it IS possible to get limited information about where the forged email actually came from.
In the cases where I have bothered to do that it turns out something like
the sender's email account has NOT been hacked.
At least not in the sense of having been taken control of by
someone other than the intended owner.
It is usually easy for the owner to confirm that their email account has not actually been taken over as follows:
If a person with undesired intentions actually took control of your email account likely the first thing they'd do is lock YOU out by changing your email
password. So if you can still send email and access your email that has not in all probability not happened.
However, not much harm in changing you email password ... though that might require you to go into some of your software and "tell" it your new password.
What likely has happened is this:
Someone HAS gotten access to all, or more likely part of, your email address book -- email addresses that you sometime send email to and addresses that
presumably "know you you are" and would be less suspicious of email coming from you.
Then they forge your return address and send emails to your recipients whose addresses they have.
It's just like someone you don't know and don't trust sending a letter to you and putting as the return address the name and address of someone you know
and trust in the upper left.
In the case of forged email it IS possible to get limited information about where the forged email actually came from.
In the cases where I have bothered to do that it turns out something like
"this came from a server/person somewhere in this locality of Turkey" but practically speaking that's a dead end.
As to how folks such as this get a list of your email recipients:
One way is if someone sends you an email (say something interesting) which they
sent to multiple recipients and they expose the email addresses of all
recipients. It is presumed that all these recipients might know/trust each
other. Then one of more forwards that email to 10 contacts, etc., etc., and that
list ends up finally in the hands of one person with less than sterling ethics.
Typically if you are a victim of someone forging emails and sending them out as
if they came from your email, the problem will fade out with time. If it persists you may have to advise all your recipients to ignore
all email from your current email address and create a new one.
As for what we can do as recipients:
Obviously, just delete/ignore any such suspicious looking mail.
As to how folks such as this get a list of your email recipients:
One way is if someone sends you an email (say something interesting) which they
sent to multiple recipients and they expose the email addresses of all
recipients. It is presumed that all these recipients might know/trust each
other. Then one of more forwards that email to 10 contacts, etc., etc., and that
list ends up finally in the hands of one person with less than sterling ethics.
Typically if you are a victim of someone forging emails and sending them out as
if they came from your email, the problem will fade out with time. If it persists you may have to advise all your recipients to ignore
all email from your current email address and create a new one.
As for what we can do as recipients:
Obviously, just delete/ignore any such suspicious looking mail.
If you canNOT access your email account (either unable to receive or unable to send email via your normal email account or your password does not work) that would be a sure sign that your account has been seriously hacked and someone has changed the password. In that case, unless you can reach the ISP that manages your account and deal with a live tech support person there for help most likely all you can do is open a new email account and try to contact all your contacts to tell them not to open any mail from your old account.
Alex (aka locally as "Computer Doctor")
__._,_.___
No comments:
Post a Comment