Dodgy email... possibly hacked?

Forums › Off topic › Dodgy email... possibly hacked?

euanandrews

1528 posts

Uber Geek

Trusted

#62131 30-May-2010 22:49

I got a message from a mate recently, asking me about a product I brought...I was like, WTF?

He apparently recieved an email from me, which was also sent to every one of my contacts....this is what it says:

Hey，
I ordered one BlackBerry 9700 from this website peak-trade.com.
one weeks ago, today I got it . Amazing,beyond my imagination, it's genuine and as good as expected,but much cheaper. I'm pleased to share this good news with you! May all goes well for you.
Regards！
5-29-2010

Now I never sent that....

So I checked my email, and looked in the sent box...nothing there....
I then checked the deleted folder....and there it was!

I also noticed there was another one in my inbox as well, but rather than emailed to everyone in my inbox, it says it was emailed from myself?!?, and sent to my work email only?!?

So the obvious question is, has my email account been hacked?
I changed my password immediatley
But I never open emails I dont know...delete instantly...so how could I get infected?

I have noticed these type dodgy spam emails in works email...so it makes me wonder if I have got something from work?

Anyone know anything about this?

johnr

19282 posts

Uber Geek
Inactive user

#336410 30-May-2010 22:54

Your email account has been hacked change your password ASAP

Samsung

Shop now on Samsung phones, tablets, TVs and more (affiliate link).

euanandrews

1528 posts

Uber Geek

Trusted

#336411 30-May-2010 22:56

Already dont that...first thing I did as soon as I found out.

But I want to know how they did it...did I do something wrong or stupid...or have they found a new crafty way of infiltrating email accounts?

Dulouz

877 posts

Ultimate Geek

#336441 31-May-2010 06:12

My hotmail account was hacked on Friday, and sent out spam emails to everyone i'd ever communicated with.

It had been five years since I'd last used it so a warning to anyone with old email accounts laying around.

Amanon

vinnieg

2260 posts

Uber Geek

Trusted

#336450 31-May-2010 08:24

Yeah if its a hotmail, I get these daily from mates who's accounts have been hacked, maybe move to gmail? or even an ISP email account?

I have moved across the ditch. Now residing in Melbourne as a VOIP/Video Technical Trainer/Engineer.

kontonnz

137 posts

Master Geek

#336451 31-May-2010 08:36

I probably would not worry about your account been hacked more then likely its just a faked email;
it really is not that hard to fake an email from someone; its just a matter of changing the message headers a bit, and even then someone else could have a bot on the same ISP as you so nothing stops them sending email; If you are curious you need to look at the email header and look for the section Received this will show the path the email took to get to you; and thus the sending IP addry.

Detruire

1760 posts

Uber Geek

#336462 31-May-2010 09:06

He said that he found the email in the "deleted" folder.

rm *

paulspain

417 posts

Ultimate Geek

Trusted

Lifetime subscriber

#336470 31-May-2010 09:23

If this is your work email - what sort of password security rules does your company have in place - i.e. how long should it be? how many previous passwords does it remember (so you can't set it back to a previous one)? are you forced to have complex passwords (incl letters, numbers, symbols, etc)?

If it's a free email account (such as Hotmail or Yahoo) - moving to another free provider (such as Gmail) won't improve your security. It will improve when you have a more complex password.

Paul Spain
Founder: Gorilla Technology, NZ Tech Podcast

muppet

2539 posts

Uber Geek

Trusted

#336471 31-May-2010 09:24

There's been a lot of people reporting this sort of thing.

I don't think anyone has the definitive answer, but it seems that weak passwords are being guessed.

Weak these days doesn't just mean "monday", even things like "1werk24" are being guessed just via trial and error. Password length is key here, as well as good use of upper/lower characters etc.

There is also the chance that some other account you use has been hacked and you registered that account with your hotmail address and the same password.

That's why it's key to use a different password for each website. A massive pain I know, making a password manager essential. I use Keepass to store and manage the keys and xmarks Firefox addon to keep the passwords synced across my many browsers.

Hope this helps and goodluck!

Audiophiles are such twits! They buy such pointless stuff: Gold plated cables, $2000 power cords. Idiots.

OOOHHHH HYPERFIBRE!

freitasm

BDFL - Memuneh
79041 posts

Uber Geek

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#336475 31-May-2010 09:30

What email service was this?

My technology disclosure

Ragnor

8196 posts

Uber Geek

Trusted

#336485 31-May-2010 09:54

Scanning all PC's you use to access the email account with malwarebytes would probably be a good start.

I hope you made the new password 12 digits, alpha numeric, mixed case with puncuation characters so it can't easily be brute forced with a dictionary attack.

http://www.pctools.com/guides/password/
http://www.goodpassword.com/

euanandrews

1528 posts

Uber Geek

Trusted

#336558 31-May-2010 12:41

Its Hotmail folks.

Like I said, I have already changed the passwod

And I would have thought I am pretty safe these days as the only PC I now use is my N900 mobile, which runs on Maemo (Linux)....dont imagine many hackers target such nieche OS

But when at work, I use the work computer a lot....and I have accessed my Hotmail from there....so I am guessing that is the source, especially as I have seen these type emails in works email inbox...

When I get back to work, I will be asking some qauestions and chasing this up.

freitasm

BDFL - Memuneh
79041 posts

Uber Geek

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#336564 31-May-2010 12:42

I thought it would be... Have you by any chance clicked on a link to a service such as "click here to see which of you friends blocked you"?

My technology disclosure

ZollyMonsta

3009 posts

Uber Geek

ID Verified

Trusted

#336572 31-May-2010 12:52

Mine did it too (Hotmail) and sent out emails advertising a electronics company..

I've since killed my hotmail account as I never use it anymore (I use Gmail).

Check out my LPFM Radio Station at www.thecheese.co.nz - Now on iHeart Radio, TuneIn and Radio Garden

As per the usual std disclaimer.. "All thoughts typed here are my own."

euanandrews

1528 posts

Uber Geek

Trusted

#336585 31-May-2010 13:11

@MF No, not that I can remember...I dont bother with that stuff...dont really use Facebook....just always logged in for chat via my N900