Morning all,
got an email today, ostensibly from one of my mates but actually from <Randogrulz@mchsi.com>
It's his private email, not his work one but of course it contains a link to "unpaid invoice documents", that I won't be opening. Question is though, how did they connect his email and mine ? Has one of our accounts (his, presumably) been hacked somehow, but not to the extent where they can actually send messages from it ?
I've told him but no idea what to actually suggest or do about it
❓
Sounds like they may have accessed your email account so they can send you emails from people known to you.
Both of you should change your passwords ASAP. Also make sure you're using different passwords for every site.
I know it doesn't solve all ills but my account does use dual authentication or whatever it's really called. Shouldn't that have kept them out (and, since it's google, told me when they gained access) ?
Or it could be any mutual friend/acquaintance who’s account has been compromised, or a message trail forwarded on anywhere that has both names in it.
yeah, that's what I was thinking (hoping)or a message trail forwarded on anywhere that has both names in it
If you're with Gmail then check that no new devices have accessed your account - you should have got an email from them though if that was the case.
Probs one of your mates accounts have been accessed.
What apps have you got on your phone and did you allow any access to your contacts? Or, are you both on Facebook, and you've used FB as sign-in to a site and amongst it's permissions was ability to see your contacts.
Or something similar.
May not even be the app/sites, but the contact list they get leaks out or is hacked by a third party and then gets on the spam list.
Either of you bought something online involving the other persons email address? A lot of spam I find comes via retailers getting hacked. I have my own domain and use a different email address for each retailer and I can see then where they've leaked.
Another is simply that emails are not secure and pass through a lot of intermediate networks and servers. Somewhere along the line an email containing both your email addresses has gone through a server that's been hacked or infected, and is harvesting email addresses.
I've checked my account and no sign of any intrusion (and given how clumsy they were with showing their real email address in the message I doubt they're being really sophisticated after gaining access)
He says that he had a problem a few months ago so I'm going with that as my most likely explanation so far
I did have my credit card frozen the other day but there had been no dodgy activity on there - all I did was pay for public parking at my permanent workplace (where I use the card loads at shops/canteen) one day and they shut me down 😯