[78-L] Recent message from Donna Halper
Jeffrey Lichtman
jeff at swazoo.com.invalid
Sun Apr 17 20:29:14 PDT 2016
On 4/17/2016 7:45 PM, Donna Halper wrote:
> Does anybody know how this sort of thing happens? As far as I know, it
> wasn't my email account that was hacked, and in fact I regularly change
> my password.
The fact that the mail appeared to come from you doesn't mean your
account has been compromised. What usually happens is that someone's
computer gets infected with malware that sends mail to everyone in that
machine's address book, with a faked "From:" address (also taken from
the address book). The result is mail that looks like it comes from one
person, but actually originated on someone else's machine. The purpose
of this is to make the mail look more-or-less legitimate while making it
hard to trace.
So, for example, let's say Donna and Joe Blow have exchanged mail
sometime in the past, so that Donna is in Joe's address book. Then Joe's
computer gets infected. The malware sends mail to all 237 people in
Joe's address book, but puts Donna's address as the "From:" address. It
will look to these 237 people like they got mail from Donna, when in
fact they will have gotten it from malware on Joe's computer. A lot of
these people will recognize Donna's address, because Donna and Joe have
friends, colleagues and acquaintances in common.
--
- Jeff Lichtman
jeff at swazoo.com
Check out Swazoo Koolak Photography
at http://swazoo.com/
More information about the 78-L
mailing list