About 3-4 weeks ago I got an email. I knew the sender’s name but couldn’t place it at first. Finally I realized who it was from, someone I hadn’t seen or talked to in two to three years (the group that we were a part of broke up; no hard feelings between the two of us.)
Hmmm, someone I was friendly-but-not-friends with suddenly sends me an email out of the blue after a few years. Further, when I hover over her name, the sender’s email address doesn’t match hers. It’s also one simple sentence & a link.
Uhh, I’m sure it’s legitimate & not a virus; let me click on that link right away. :rolleyes:
I [del]immediately deleted[/del] forwarded it to her, basically stating; Don’t click on the below link but it looks like your email was hacked; I suggest you change your password(s) & then I deleted it. BTW, how the 'ell have you been?
I didn’t hear back from her, but not a big deal; I did my good deed & it’s not like we were best of friends back when we were friendly.
Today I got another one from ‘her’; this makes eight or 10 in the last couple of weeks. My question is do you think ‘they’ harvested her email address book & are sending them out from wherever they are or is there still a virus sitting on her computer sending all of these out?
If the former, well sucks for me & I’ll just keep deleting them; however, if they’re the later I’ll bitch her out about not running a virus scan & stopping this $#!t.
From what you’ve written, there’s no need to have actually hacked her email account, let alone compromised her computer to do what you are seeing. Since those two are harder and more involved, most likely they just got a list of connected email addresses by compromising someone’s account and are using that information.
Somebody got enough information to know her name and know that you know her. They didn’t need to hack her machine to find that out. This happens all the time and there is nothing you can do except put that email address on your spam list.
This has happened to me–a while back some spammer got my name and email address and was using it to send to people, some of whom I didn’t even know. I know this because it was before the average person had ever heard of spoofing and I got a handful of “quit spamming me” responses.
It’s a random name that just happens to correspond to someone I know; doubtful as it’s not the most common name. It’s not her email address, it’s just her name on some random email address. Unfortunately, I deleted all of the previous ones so I can’t tell if they’re all coming from the same fake email address or from different ones.
Meetup (where we were in a group together some time ago) was hacked. This group disbanded twoish years ago; does Meetup even save info of the old groups you were a part of?
Someone hacked me - I know this is not the case because in my contact I have the common diminutive for her name (think Sue for Susan) where the from email ‘name’ is her full name.
She was hacked.
The someone’s account who was compromised could be hers as easily as anyone else’s & I don’t think anyone else had both of our emails from that Meetup group (but I don’t remember full details from a few years ago).
I’ve received spam ostensibly from my eldest brother. The name before the @ was one he’s been using for decades but after the @ told me it wasn’t really him. I forwarded the email to him and his wife to let them know some Swede was pretending to be him.
That’s right, the email came from a domain ending in .se.
I get some that look like they’re from a couple of friends I’ve not really had any contact with for years. The return email address is completely wrong though, I don’t bother to do anything apart from block the sender. Most of the time, the original email account probably hasn’t been hacked, but replying to means you’re letting someone else know that your address is legitimate and active.
I don’t know how you can say this, do you mean the “gmail” type account. If so, I agree with that, but someone was obviously “hacked”, either @Spiderman or her. How else would the spammer know to match Spidey up with a sender who has personally sent them an email in the past?
The only way to figure it out is talking to her and finding out if it was only Spidey who happened to get this email from her or if everyone in her address book received it.
I got an email from a friend last year, exact same situation. Mine was “Here’s those pictures you wanted, click here to download them”. I informed her (by forwarding the message back to the address I knew to be correct), her immediately response was “no way, I’m super careful”, then within a day she’d received about 20 emails from others in her address book telling her the same thing.
At some point she’d clicked on something and downloaded code onto her PC which at some point harvested her address book’s emails. Every single address she had in her book received the same phishing email.
So yes, her “email” wasn’t hacked, but her computer was hacked.
As a side note - she immediately took her PC in and had it virus checked professionally. They removed Spyware and she then changed all her passwords for everything she accessed on her PC. She also had to go through every account etc and verify that there were no unknown transactions for the last year (she had no idea how long the spyware had been on her PC) If this happens you have to assume that the spyware doesn’t begin and end with sending bullshit phishing to your contact list.
I got another email from ‘her name’ today. It is a different email address than the one I got from her name last week. I’d bet (if we were allowed to) that her email or computer was hacked. She probably clicked on something that installed spyware that then scrolled thru her address book looking for other suckers. My guess is the next DDOS attack is coming from anyone’s computer that clicked on that link at some point.
The spam almost certainly didn’t come from the system of Spiderman’s friend.
What usually happens is that someone’s system or account is compromised, and the contents of that person’s address book is stolen. The spammer spoofs the address of one entry in the address book to make it look like the email was coming from that person, and sends the spam to every other entry in the address book (except for the one that was compromised). The spoofed From address is different from the address of the account the info was stolen from. This makes it very hard to track down which account has been compromised, which of course is deliberate.
For example, let’s say there are six different users: Andy, Bruce, Carol, Dave, Elizabeth, and Frank. The last five are all in Andy’s address book. Andy’s account or machine is compromised, and a spammer steals his address book. The spammer sends email to Bruce, Carol, Elizabeth, and Frank using Dave’s address as the From address. Everyone thinks Dave’s account or machine has been compromised because it looks like the spam came from him. It didn’t. It was Andy’s account that was compromised, but he doesn’t know anything is wrong because he didn’t get the spam.
You are close but not exactly on as to what is occurring.
Let’s say her name is Jennifer Jones. In my address book I have her as Jen Jones <JJones (@) aol/gmail//hotmail/yahoo/whatever.com>. Nowhere in my address book do I have “Jennifer”, not in her name, nor in her email address; therefore, I’m pretty certain, the compromise wasn’t on my side. The email I got today is from Jennifer Jones <(person’s name) (@) uniandes.edu.co>. I don’t know anyone in Columbia, let alone anyone Univesidad de los Andes in Columbia. The one from last week was Jennifer Jones <(person’s name) (@) (Kansas TV station).com> I know one Doper in KS & she doesn’t work at a TV station. Because they’re appearing to come from her name but not her email address, I’m thinking it was her machine/address book that was hacked. In your scenario she knows someone at a Columbian University & in KS; possible but how likely is that?
So back to my original question, do you think there’s malware on her machine sending these out or did they just harvest her address book & they are really originating from {evildoers foreign country}? If the former then she can do something (virus scan) to make them stop but if the latter, well, I have the inconvenience of deleting some extra spam.