Unorthodox emails from a relative

Pawnless Endgame · 24 Apr 2010 at 16:18

A few days ago, I was receiving numerous Viagra emails from my sister. I gave her a telling off, because she was a bank manager for a few years, so she should know at least the basics on IT fraud. Don't give out your password even if the email looked realistic etc etc. My bets are that her email account has been compromised, either by keylogger or in response to a realistic-looking email/website asking for credentials. She doesn't know how her account got compromised. She felt that I was harsh, yet I tried to make it clear that if she is going to learn from her mistake, she needs to trace her error. There is logic behind everything. She did resolve the problem by herself in the end by contacting her ISP (AOL), but was there any other reason that could have caused her address to send out rogue emails? My family are all pretty clued up on IT and it's the first time this has happened in the family.

Moredhel · 24 Apr 2010 at 16:21

Erm, chances are it's just a spoofed address and had nothing to do with her email account.

csmager · 24 Apr 2010 at 16:25

Moredhel said:
Erm, chances are it's just a spoofed address and had nothing to do with her email account.

This is more quite likely. Has happened to me a couple of times - used to get all the NDR's too.

Is very likely if her email address is on any website that a spambot can pick up.

Pawnless Endgame · 24 Apr 2010 at 16:29

Nothing has come up on Google, but I guess it is still possible if she registered herself onto a mailing list. Maybe I was a bit harsh on her.

csmager · 24 Apr 2010 at 16:37

That said, the fact you're getting the emails from a random spoofing is a bit coincidental. That would more point to her address book being used as well as email address. Hadn't really thought about that one!

Pawnless Endgame · 24 Apr 2010 at 16:43

Actually, I've just looked at the "To" field and there were 9 other recipients. I recognised all of the recipients (one of them being my granny LOL!), so you're right Csmager - it's therefore also an address book attack.

OCdude · 24 Apr 2010 at 19:24

AOL user?

I think you were perfectly reasonable

hah

Pawnless Endgame · 24 Apr 2010 at 19:30

AOLer's. Bless 'em.

demonix · 28 Apr 2010 at 17:00

Monserrat said:
My bets are that her email account has been compromised, either by keylogger or in response to a realistic-looking email/website asking for credentials.

That might not be correct as if your sister uses the same password for her e-mail account as she does on other sites and one of those sites had been compromised to transmit login and password data to a third party who would then use that to gain access to that e-mail account and use it to spam all the e-mail addresses on that account (that would include any e-mails that are stored in the inbox or any other box on that account).

I know this as I had a similar problem last year although it was a mistyped password that was the password for my yahoo e-mail account (the login ID for that site was the yahoo e-mail address) and a few hours later I logged back in to find several rejected mail messages and a completely cleared out sent box (I use that account to send out job applications) so I knew that my account had been compromised which lead to a sudden change of password and a severe distrust of the 2 sites that I'd used that could've been the source of this "hack"