Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Email hacked ?

  • 31-01-2020 12:28pm
    #1
    Registered Users, Registered Users 2 Posts: 1,696 ✭✭✭


    Had a conversation recently which got me thinking. If your email was hacked and sends out a message to all your contacts ........... "Hi, I need urgent help. pls email me back " type of message

    The message appears to come from the correct email address when you hover the mouse over it.

    How much info does the hacker have - ie can they read past emails, or all future ones as well. Apart from changing passwords, what else would need doing.


Comments

  • Closed Accounts Posts: 501 ✭✭✭squawker


    Sounds a spoofed email

    have a read here

    https://www.lifewire.com/what-is-email-spoofing-2483501


  • Registered Users, Registered Users 2 Posts: 2,868 ✭✭✭Ten Pin


    Most email clients will show the full header information which will show the actual source of an email.

    Some scam emails will have almost identical domain name with an additional character inserted...

    Example
    365-online.com (FAKE)
    365online.com (GENUINE)

    And they might also have a spoofed genuine domain name but it's actually a subdomain...

    Example
    365onlinecom.somedodgydomain.com


    Email with 2FA should prevent almost all hacker attempts to log in to an email account


  • Registered Users, Registered Users 2 Posts: 20,194 ✭✭✭✭jimgoose


    Someone who knows what they're doing with an open SMTP relay can forge email ridiculously easily:
    jim@lameduck: telnet localhost 25
    Trying ::1...
    Connected to localhost.
    Escape character is '^]'.
    220 oc5182556863.ibm.com ESMTP Postfix
    helo goose.net
    250 oc5182556863.goose.net
    mail from: foo@bar.com
    250 2.1.0 Ok
    rcpt to: jim@goose.net
    250 2.1.5 Ok
    data
    354 End data with <CR><LF>.<CR><LF>
    subject: Test message
    This is a test message.
    So there!
      
    -- 
    Linus Benedict Torvalds
    .
    250 2.0.0 Ok: queued as 99608EA3016
    quit
    221 2.0.0 Bye
    Connection closed by foreign host.
    
    jim@lameduck:
    


  • Registered Users, Registered Users 2 Posts: 2,426 ✭✭✭ressem


    Had a conversation recently which got me thinking. If your email was hacked and sends out a message to all your contacts ........... "Hi, I need urgent help. pls email me back " type of message

    The message appears to come from the correct email address when you hover the mouse over it.

    How much info does the hacker have - ie can they read past emails, or all future ones as well. Apart from changing passwords, what else would need doing.

    Depends on the email account.

    There's a lot of Office 365 phishing, where a person will click a link and enter their Office 365 / work username and password into a fake site that looks like a Microsoft page.
    When a hacker gets this, then they get the ability to
    1) download all the contacts,
    2) view the sent mails and signature of the victim
    3) Access services like onedrive holding the person's files, possibly more (Business sharepoint, shared mailboxes, other apps using Single-Sign-On)
    4) send mails to any of those contacts that require in-depth IT tracing to determine that it wasn't sent by the victim. And Office 365 does a poor job of recognizing the sudden mass mailing and blocking it by default.

    If the account access is not audit logged and examined, and the attacker is subtle about sending mail (i.e. the victim doesn't start receiving dozens of bounces from old contacts / out of offices) then it's possible for the attacker to site with access for months / until the next corporate mandatory password change.

    Microsoft make that 2 factor authentication free (i.e. using a mobile phone to enter a code before a new machine can access your mail.)


  • Registered Users, Registered Users 2 Posts: 3,739 ✭✭✭scamalert


    worked in education place and amount of those crappy phishing emails is insane, and people that actually consider them real, as said above seems more like spoofed email and not your account hacked- if it was the case they would done lots more with info.


    likes of google allows to see source ip of email, id bet if checking youll see its spoofed and from likes of india,nigeria etc, on reverse trace.


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 3,036 ✭✭✭BailMeOut


    They usually add an inbox rule to delete any incoming emails.


Advertisement