[78-L] Recent message from Donna Halper

Jeffrey Lichtman jeff at swazoo.com.invalid
Sun Apr 17 20:29:14 PDT 2016



On 4/17/2016 7:45 PM, Donna Halper wrote:
> Does anybody know how this sort of thing happens?  As far as I know, it
> wasn't my email account that was hacked, and in fact I regularly change
> my password.
The fact that the mail appeared to come from you doesn't mean your 
account has been compromised. What usually happens is that someone's 
computer gets infected with malware that sends mail to everyone in that 
machine's address book, with a faked "From:" address (also taken from 
the address book). The result is mail that looks like it comes from one 
person, but actually originated on someone else's machine. The purpose 
of this is to make the mail look more-or-less legitimate while making it 
hard to trace.

So, for example, let's say Donna and Joe Blow have exchanged mail 
sometime in the past, so that Donna is in Joe's address book. Then Joe's 
computer gets infected. The malware sends mail to all 237 people in 
Joe's address book, but puts Donna's address as the "From:" address. It 
will look to these 237 people like they got mail from Donna, when in 
fact they will have gotten it from malware on Joe's computer. A lot of 
these people will recognize Donna's address, because Donna and Joe have 
friends, colleagues and acquaintances in common.

-- 
                        -        Jeff Lichtman
                                 jeff at swazoo.com
                                 Check out Swazoo Koolak Photography
                                     at http://swazoo.com/



More information about the 78-L mailing list