-
October 28th, 2005, 12:43 PM
#1
Junior Member
Unauthorised email sent from my colleague's account.
A colleague at work mentioned that he got one of those mail administrator returned mail emails about an email that he never sent. I told him to just change his account password, although he's convinced there's actually a hacker trying to use his email account. Is there any basis to his fears and does he need to wipe his entire system and start again with the same account password as he seems to think? What should I suggest he do?
Cereal: Eaten at all times of the day.
-
October 28th, 2005, 12:49 PM
#2
It is proppably a spoofed email that got sent back..
It works like this..
LAMER: has a virus, the virus sends mail to CORP faking the from adress to JOHNs email adress.
CORP: receives mail, sees it as a virus and sends a notification to JOHN
JOHN: receives mail from CORP and gets mad.. I didn't send that..
Now who's fault is it ??
LAMERs fault for getting infected with a virus (and his ISP for letting him send the mails)
CORPs fault for sending one of those notifications..
more on this here: http://attrition.org/security/rant/av-spammers.html
ASCII stupid question, get a stupid ANSI.
When in Russia, pet a PETSCII.
Get your ass over to SLAYRadio the best station for C64 Remixes !
-
October 28th, 2005, 01:21 PM
#3
JinX is probably spot on.
He's maybe a bit harsh calling your collegue a lamer but this is the sort of thing you hear about 5 times a day especially if you work on the helldesk.
-
October 28th, 2005, 02:06 PM
#4
I didn't call his colegue a lamer.. I called his colegue JOHN..
Luckily I don't do helldesks (anymore)..
wheaty_bytes, it might be nice if you could paste the contents of the mail..
That might point out who is to blame
ASCII stupid question, get a stupid ANSI.
When in Russia, pet a PETSCII.
Get your ass over to SLAYRadio the best station for C64 Remixes !
-
October 28th, 2005, 02:22 PM
#5
A colleague at work mentioned that he got one of those mail administrator returned mail emails about an email that he never sent. I told him to just change his account password, although he's convinced there's actually a hacker trying to use his email account.
It is possible.
Is there any basis to his fears and does he need to wipe his entire system and start again with the same account password as he seems to think? What should I suggest he do?
He could be right on the money. At work we had the same exact issue and the "IT Tech" told the guy just to change his password sad to say the next day it happened again. I would recommend just creating a new email address for him.
Post the email headers.
-
October 28th, 2005, 02:30 PM
#6
Originally posted here by Computernerd22
I would recommend just creating a new email address for him.
I wouldn't. It's a lot of work to do (informing everyone etc.).
Is there any other evidence the account has been compromised? This problem on it's own does not indicate a compromised account.
Just ignore it. Eventually the person with the virus will get sorted out.
Steve
IT, e-commerce, Retail, Programme & Project Management, EPoS, Supply Chain and Logistic Services. Yorkshire. http://www.bigi.uk.com
-
October 28th, 2005, 02:51 PM
#7
Just ignore it. Eventually the person with the virus will get sorted out.
I wouldn't just ignore it. All this will do is piss off the guy who clearly thinks
he's convinced there's actually a hacker trying to use his email account.
And the IT Tech is just "ignoring the issue," Kill two birds with one stone. Get rid of the lamer who is using his email account and second, make the worker happy by changing his email address to something he likes that way it (makes it look like you did something for him) and should easily resolve the other issue he was having. If worse comes to worse can't you just delete that specific email address that has been so called hacked, and create a new one? I think this would be better than
need to wipe his entire system and start again with the same account password as he seems to think?
If you were going to reformat the harddrive resinstall windows go back on and use the same account information that would be pointless to do.
-
October 28th, 2005, 02:55 PM
#8
the_JinX: right enough, Doh!
wheaty_bytes: was it a personal email account or was it a work account?
-
October 28th, 2005, 03:03 PM
#9
Originally posted here by Computernerd22
And the IT Tech is just "ignoring the issue,"
Without other supporting evidence this is the correct thing to do. It is a waste of resource to create new accounts like this.
Crikey, if the support guys here started doing this, they'd get nothing else done.
The guy may be convinced he's being hacked, this doesn't make it true.
I'm convinced I'm god's gift to women...
Steve
IT, e-commerce, Retail, Programme & Project Management, EPoS, Supply Chain and Logistic Services. Yorkshire. http://www.bigi.uk.com
-
October 28th, 2005, 03:07 PM
#10
There are numerous mallware that spoof the from email address.....
Mostly we ignore it...but I do check the machine or account....change passwords etc
I also try and get a copy of the email or headers...to determine where its coming from.
We have it happen here...shows internal user is sending internal email virus to other users.....looking at the header...shows its coming from outside...the local cable smtp server..........which is not the ISP we use.............spoofed.
MLF
How people treat you is their karma- how you react is yours-Wayne Dyer
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|