Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




6829 posts

Uber Geek
+1 received by user: 2329

Trusted

Topic # 248130 11-Mar-2019 15:12
Send private message quote this post

Hey all,

 

 

 

I literally have no idea re email and how it all works, I just have a natural ability to follow my nose and get things going and leave it at that, sorry that my description will be shocking but hopefully someone with knowledge can assist :). So long story short I run my own domain with freeparking. Points to cloudflare for MX records or DNS or what ever it was, then to mailgun then to Gmail. Seems clunky so maybe if someone can suggest a better setup I will go with that..

I just went to my sent folder to see an email that I sent to a customer and noted I had an email sent to me from me?

No text but a PDF in the body and subject is my name, 99% here already know it so will include a screen cap.

 

The PDF in the body I ignored but just wondering if anyone else has seen this, what could cause it and how?
Any info is appreciated. Also if someone can suggest somehow I can use my own domain for email and not get screwed for cost or having to have all these systems as I do now..

Cheers

 

 





 


View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2
'That VDSL Cat'
9693 posts

Uber Geek
+1 received by user: 2248

Trusted
Spark
Subscriber

  Reply # 2195936 11-Mar-2019 15:25
2 people support this post
Send private message quote this post

I'd look at changing your password..





#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.


168 posts

Master Geek
+1 received by user: 13

Subscriber

  Reply # 2195939 11-Mar-2019 15:30
Send private message quote this post

Can you post the message headers? (Sanitize as needed)

 

 

 

Could be spoofed mail getting through but yeah going off the surface it looks like they have compromised your account...


 
 
 
 




6829 posts

Uber Geek
+1 received by user: 2329

Trusted

  Reply # 2195945 11-Mar-2019 15:37
Send private message quote this post

Decal:

 

Can you post the message headers? (Sanitize as needed)

 

 

 

Could be spoofed mail getting through but yeah going off the surface it looks like they have compromised your account...

 

 

I do have 2FA enabled on my account and have had no requests to access apart from my own. I will update the PW now.
I do not see any further emails like this in my sent history.

 


Cheers

 

 





 


168 posts

Master Geek
+1 received by user: 13

Subscriber

  Reply # 2195950 11-Mar-2019 15:40
Send private message quote this post

Coil:

 

I do have 2FA enabled on my account and have had no requests to access apart from my own. I will update the PW now.
I do not see any further emails like this in my sent history.

 


Cheers

 

 

 

 

 

 

I see on your SPF record that you have Mailgun as an authorised relay agent. Potentially someone figured out how to relay the mail via them?

 

 

 

The message headers will give you the most info about where the mail came from




6829 posts

Uber Geek
+1 received by user: 2329

Trusted

  Reply # 2195952 11-Mar-2019 15:41
Send private message quote this post

So I was poking around the million different layers of your own google account. (God knows how they can have so many options that do the same thing and still make zero sense...)

 

 

 

This is my outlook on my home PC.. 

 

That was me signing into my fathers PC in Whangarei in an incognito window. 

 

 

 





 


2601 posts

Uber Geek
+1 received by user: 1100

Trusted
Lifetime subscriber

  Reply # 2195954 11-Mar-2019 15:45
Send private message quote this post

I would assume you haven't setup a SPF and DKIM records to make sure the emails can't be spoofed and someone is sending spoofed emails.

 

Sort out SFP & DKIM and the problems should go away. 






2362 posts

Uber Geek
+1 received by user: 378

Trusted

  Reply # 2195958 11-Mar-2019 15:48
Send private message quote this post

The SPF record...

 

kiwico.co.nz text = "v=spf1 include:mailgun.org ~all"

Most providers won't reject email if they fail SPF with a ~all so better (after testing) to change to -all 

 

Thanks

 

 




6829 posts

Uber Geek
+1 received by user: 2329

Trusted

  Reply # 2195962 11-Mar-2019 15:55
Send private message quote this post

LennonNZ:

 

The SPF record...

 

kiwico.co.nz text = "v=spf1 include:mailgun.org ~all"

Most providers won't reject email if they fail SPF with a ~all so better (after testing) to change to -all 

 

Thanks

 

 

 

 

I edited this on cloudflare, Will advise if it breaks it all :)

Thanks for all the help so far guys! 





 


BDFL - Memuneh
62679 posts

Uber Geek
+1 received by user: 13360

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 2195970 11-Mar-2019 16:04
7 people support this post
Send private message quote this post

Email spoofing is pretty easy because there's no authentication. The email in the screenshot is a common scam doing the rounds and the sender use your email address. Gmail is "helpful" and put a copy of stuff coming in with your email address in the Sent folder. 

 

That's all. Ignore it.





2362 posts

Uber Geek
+1 received by user: 378

Trusted

  Reply # 2195994 11-Mar-2019 16:42
Send private message quote this post

SPF only protects the MAIL from and not the Header From (from Impersonation) so you need DKIM for this so I suggest you look at that as well if your mail provider supports it.

 

 

 

 


6473 posts

Uber Geek
+1 received by user: 1212

Trusted
Lifetime subscriber

  Reply # 2195998 11-Mar-2019 16:51
Send private message quote this post

freitasm:

 

Gmail is "helpful" and put a copy of stuff coming in with your email address in the Sent folder.

 

 

Yikes. That would certainly explain it!




6829 posts

Uber Geek
+1 received by user: 2329

Trusted

  Reply # 2196015 11-Mar-2019 17:51
Send private message quote this post

freitasm:

Email spoofing is pretty easy because there's no authentication. The email in the screenshot is a common scam doing the rounds and the sender use your email address. Gmail is "helpful" and put a copy of stuff coming in with your email address in the Sent folder. 


That's all. Ignore it.



That explains it thank you! Is there any way to prevent this? Will this be negative towards my domains spam ranking?
Cheers




 


BDFL - Memuneh
62679 posts

Uber Geek
+1 received by user: 13360

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 2196077 11-Mar-2019 19:40
2 people support this post
Send private message quote this post
14665 posts

Uber Geek
+1 received by user: 1969


  Reply # 2196127 11-Mar-2019 21:34
Send private message quote this post

These scams asking for bitcoin payments are becoming more and more common. Usually the scammer will send you an email with a password you have previously used on a compromised website, making you believe that they have somehow got access to your passwords. Spoofing your email address is another one of these scams, trying to make you believe that they have also got access to your password. It is just making email less and less attractive as a tool, when you end up with this sort of thing in your inbox.




6829 posts

Uber Geek
+1 received by user: 2329

Trusted

  Reply # 2196209 12-Mar-2019 07:23
Send private message quote this post

I never had a password of mine quoted, Just seems like a spoofing attempt then? 
The passwords I used for this gmail account are completely different than any I have ever used before too.
Got another 2 of these in my inbox this morning. Wonder why it now decides to do it twice? Is it part of some scripted scheme to make it seem like I;m being "Hacked"?





 


 1 | 2
View this topic in a long page with up to 500 replies per page Create new topic


Donate via Givealittle


Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Amazon introduces new Kindle with adjustable front light
Posted 21-Mar-2019 20:14


A call from the companies providing internet access for the great majority of New Zealanders, to the companies with the greatest influence over social media content
Posted 19-Mar-2019 15:21


Two e-scooter companies selected for Wellington trial
Posted 15-Mar-2019 17:33


GeForce GTX 1660 available now
Posted 15-Mar-2019 08:47


Artificial Intelligence to double the rate of innovation in New Zealand by 2021
Posted 13-Mar-2019 14:47


LG demonstrates smart home concepts at LG InnoFest
Posted 13-Mar-2019 14:45


New Zealanders buying more expensive smartphones
Posted 11-Mar-2019 09:52


2degrees Offers Amazon Prime Video to Broadband Customers
Posted 8-Mar-2019 14:10


D-Link ANZ launches D-Fend AC2600 Wi-Fi Router Protected by McAfee
Posted 7-Mar-2019 11:09


Slingshot commissions celebrities to design new modems
Posted 5-Mar-2019 08:58


Symantec Annual Threat Report reveals more ambitious, destructive and stealthy attacks
Posted 28-Feb-2019 10:14


FUJIFILM launches high performing X-T30
Posted 28-Feb-2019 09:40


Netflix is killing content piracy says research
Posted 28-Feb-2019 09:33


Trend Micro finds shifting threats require kiwis to rethink security priorities
Posted 28-Feb-2019 09:27


Mainfreight uses Spark IoT Asset Tracking service
Posted 28-Feb-2019 09:25



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.