|
05 Dec 16 - 04:22 PM (#3824702) Subject: Tech: My email name spoofed BEWARE From: Uncle_DaveO This morning I found, in my INBOX, an email purporting to be from me, "DOESTERR", dated yesterday. The subject line was "Wife Out of Control". Whaa?? I didn't remember sending such a message, either to myself or to anyone else. So I looked in the SEND directory, and no such message had been sent. The email as received contained nothing, but there was an attachment, 8.3 KB in size. I absolutely will not download it. I assume that my email name was spoofed and that attachment was sent to some unknown list. That, or my name was one of the members of a spam list, set up to show the name of the recipient also as the originator. WARNING! Any emails purporting to be from me are probably fake,and malware. If you know otherwise that I'm planning to send you an email, it just MIGHT be what it claims to be, but if there is no text to the email, and only an attachment, DON'T OPEN IT! Dave Oesterreich |
|
05 Dec 16 - 05:10 PM (#3824708) Subject: RE: Tech: My email name spoofed BEWARE From: frogprince Yuh, right; we know what it's really about: Uncle Dave got in the moonshine, and attached something to an email that he's now thoroughly ashamed of ! |
|
05 Dec 16 - 05:20 PM (#3824710) Subject: RE: Tech: My email name spoofed BEWARE From: Thompson Damn, sorry to hear that UDave. It's easy to spoof an email, and a pain in the ass when it's done to you. I'd be inclined to change your email password just in case they've phished your address. |
|
05 Dec 16 - 05:48 PM (#3824712) Subject: RE: Tech: My email name spoofed BEWARE From: Jack Campin It's not particularly easy to spoof an email's origin - unless the sender is Yahoo, in which case the service will do its level best to assist any spammer who wants to. Every single hacked-account email I've had in the last two or three years has come from a compromised Yahoo account. Betcha that's what Dave uses. |
|
05 Dec 16 - 10:36 PM (#3824740) Subject: RE: Tech: My email name spoofed BEWARE From: leeneia I recently read that this happens from time to time. It will die out in a few days. No need to change e-mail address. I've had spoofed e-mails from friends, and so far the advice has been correct. |
|
06 Dec 16 - 03:34 AM (#3824749) Subject: RE: Tech: My email name spoofed BEWARE From: Jack Campin I am still getting faked messages from some Yahoo accounts two years after they started (from people I can't contact or who are too thick to see the problem). No, it doesn't always just fade away. If anybody knows how to contact Michael Orme the flute player, please tell him his account is the worst offender. |
|
06 Dec 16 - 03:41 AM (#3824750) Subject: RE: Tech: My email name spoofed BEWARE From: GUEST,Peter An address being spoofed doesn't mean that the account is compromised. Often addresses somebody elses compromised address book are the ones being used. |
|
06 Dec 16 - 04:41 AM (#3824756) Subject: RE: Tech: My email name spoofed BEWARE From: Mr Red sending joke e-mails is one way to get all your friends on a spam list. another is sending a block of e-mails in the "To" and the "Cc" field, then one of them gets hacked, &..... bingo - all of you! You should use the "Bcc" and when you tell people that, they may agree. or tell you they haven't got a "Bcc". Of course they have, they just don't bother to think. On the receive side try looking at the header before opening. was that e-mail "From" or "ReplyTo" yourname@yapoo.com or Yaroo.com or Yahboo.com. Most of them are "From" anywhere but an address that looks almost like yours, even yourname@hotmail.com (instead of gmail i.e.), human nature dictates we see your name and clock it as you, you wouldn't trick us, now would you? The "ReplyTo" is a good giveaway, but not infallable. Looking at the send folder is a good way in only one scenario, but if it looks as if it came from a friend and you are suspicious, look at the header. Outlook allows this (the installed "Word" thing - right click > properties). But I have found a "Header inspect" on webmail in all my providers and I have 4. Oh plus rocketmail - makes 5, that & gmail seem to be necessary for some things. I may have 2 Farcebook ones but don't know or care. |
|
06 Dec 16 - 05:14 AM (#3824765) Subject: RE: Tech: My email name spoofed BEWARE From: Jack Campin Looking at the header will not help in the case of a hacked Yahoo account. The message will genuinely have been sent from Yahoo. Some email services simply block everything coming out of Yahoo. This is not a bad idea. A service as viciously, irresponsibly incompetent as Yahoo doesn't deserve to stay in business. |
|
06 Dec 16 - 05:27 AM (#3824768) Subject: RE: Tech: My email name spoofed BEWARE From: Sandra in Sydney Some years back I was forced to get a yahoo address for a forum & rarely access it. The forum doesn't have much use these days & when I do access I might see 2 emails & 40 spams (spam are all neatly in the spam folder, but ...) As I haven't logged on for a while I thought I might as well check it out, but decided not to as there were links to security info re the 2014 hacking & as I don't need that account, I can't be bothered going thru the hoops of logging in & maybe changing password of an account I don't use. sandra (not geeky) |
|
06 Dec 16 - 05:29 AM (#3824770) Subject: RE: Tech: My email name spoofed BEWARE From: Jack Campin If you don't check it out yourself, the spammers will. A dormant account can be hacked into and reactivated any time. Best to get it deleted. |
|
06 Dec 16 - 05:59 AM (#3824778) Subject: RE: Tech: My email name spoofed BEWARE From: DaveRo Seeing Mr Red's advice about BCC, and knowing that there are some Mozilla Thunderbird users here, I thought I'd share details of a couple of addons I recently found. Use_BCC_instead might stop you accidentally TOing CCing your mailing list to everybody. I haven't tried it but if I used mailing lists I would. Expand_mailing_list_recipients is useful if you regularly email to a list, but want to exclude some recipients this time. That one I have tried and it works well. |
|
06 Dec 16 - 06:09 AM (#3824781) Subject: RE: Tech: My email name spoofed BEWARE From: JHW I get these from yes a Yahoo account. None pretending to be me for a long time but pretending to be someone I know, with the name before the @ correct but something else after it, hoping you won't notice. But I'm back using my Yahoo myself as Hotmail was recently ruined by improvements and is deadly slow and missing features. So Yahoo has become least worst |
|
06 Dec 16 - 06:36 AM (#3824782) Subject: RE: Tech: My email name spoofed BEWARE From: Sandra in Sydney thanks, Jack - I now have a new password & have archived the 2 emails received over the past 2 months & deleted the 7 spam! sandra |
|
07 Dec 16 - 05:27 AM (#3824987) Subject: RE: Tech: My email name spoofed BEWARE From: Mr Red There is a problem in sending block e-mails in the Bcc field. Firstly there has to be something in the "To" field and that can be your own address. Secondly, spam filters can sometimes regard anything that is not "To" the recipient (per se) as spam. And a lot of e-mails all looking the same look like spam. I get round this when checking my website entries by running a macro in Outlook (Office). It effectively sends one e-mail per person, which generates many e-mails to send. But macros in Outlook are a step more obscure than (say) Word or Excel, and macros in the latter 2 can be daunting for the casual user. I came across a ridiculous situation with Helloprint.com - the website didn't spell all requirements in detail for artwork, so they auto e-mailed back. I waited and missed deadlines, all the time getting spam e-mails selling their other services. When I got in touch they suggested looking in the spam folder (of my provider's webmail!!!!). How clever is that? Important messages diverted, junk gets through! They didn't understand my point either. I didn't use them again. |
|
07 Dec 16 - 05:54 AM (#3825004) Subject: RE: Tech: My email name spoofed BEWARE From: DaveRo Mr Red wrote: ... there has to be something in the "To" field and that can be your own address.Your email client or webmail may require it but email in general doesn't, and Thunderbird doesn't. Some email clients put 'Undisclosed recipient' in the To field of emails received (not sent) that have only BCC. I've now installed the 'Use BCC instead' addon and set it to warn me if there are more than 3 non-BCC recipients. Might save me some embarrassment. |
|
07 Dec 16 - 07:21 AM (#3825024) Subject: RE: Tech: My email name spoofed BEWARE From: Jack Campin I came across a ridiculous situation with Helloprint.com - the website didn't spell all requirements in detail for artwork, so they auto e-mailed back. I waited and missed deadlines, all the time getting spam e-mails selling their other services. When I got in touch they suggested looking in the spam folder (of my provider's webmail!!!!). How clever is that? Important messages diverted, junk gets through! They didn't understand my point either. I didn't use them again. From that description it looks like your email provider fucked up, not Helloprint. The sender has no control over whether the receiver's mailserver can correctly identify spam. (If such control was possible, spammers would be using it). |
|
08 Dec 16 - 06:25 AM (#3825203) Subject: RE: Tech: My email name spoofed BEWARE From: Thompson It's only good manners to use BCC (blind carbon copy) rather than CC (carbon copy) when sending out an email to a group of people; not everyone wants their email address shared with all your other friends. If you're worried about a mass email landing your friends' or colleagues' addresses into spam boxes, limit the number BCC'd on each email to around 20 people. Some servers will refuse to accept larger numbers of names with the same server - for example, some government servers; if you want to email all the TDs in the Dail, do it in groups. |
|
14 Dec 16 - 07:20 PM (#3826572) Subject: RE: Tech: My email name spoofed BEWARE From: Jack Campin The latest bad news about Yahoo: one billion accounts compromised in 2013 I can't see any way they could have been more stupid and irresponsible if they'd tried. |
|
14 Dec 16 - 09:52 PM (#3826582) Subject: RE: Tech: My email name spoofed BEWARE From: EBarnacle Unless I know for sure that it is legit, I mark anything that comes through with a rave and a .php suffix as a phishing mail. |
|
15 Dec 16 - 08:33 PM (#3826773) Subject: RE: Tech: My email name spoofed BEWARE From: Jack Campin More on the Yahoo fuckups, from knowledgeable people: Brian Krebs People on Reddit's Ask Me Anything The discussion in the second one goes to some illuminating places. |