Very strange email...

I met an elderly friend who showed me an email that she received this morning, it seems to come from me but I didn't send it, it has some interesting features.

Firstly it has my email address but with "googlemail.com" instead of "gmail.com" that my emails go out with.
It also has tacked to the end of the googlemail.com, the surname of a mutual friend. The elderly lady didn't even know that this was the mutual pals surname.

Secondly, the email says "Gj" in the body together with Henry C....y "sent from my ipad". I do not have an ipad although the elderly lady has. Gj is a mystery.
Most intriguingly is that name Henry C.....y is that of her late husband, I never met him, he died 9 years ago and anyway he was always known as Harry, which I also didn't know until today..

Any ideas, I am sure invoking the power of ARRSE will find the answer...
 
Delete it, spam/phishing
 
As above. These come in two main types:

1] They send a similar email (often advertising0 to everyone in the address list.
2] They take data such as passwords or browsing habits for a number of reasons.
I've been caught by this.

Delete it. If she can, report as a phishing scam.
 
An address book has been compromised that includes all three names (i.e. Yours, hers and her late husbands). It's probably not yours, since you never met the old fella. Nor his, as he is no longer with us. Could be hers, but equally, could be some fourth party that knows/knew all 3 of you. Likely to be the mutual friend you mention. Their computer is very possibly compromised.

The "Sent from my iPad" thing is just to add a bit of fake authenticity to the email. The mail client on an iPad sets that phrase as a default signature.

"Googlemail" is the original domain of gmail, and "gmail" is not available in some countries. Which kind of points to where this came from. Russia.
 
So, would he get away with this by just changing passwords ( and advising others to do this) or is it more serious than that?
 
So, would he get away with this by just changing passwords ( and advising others to do this) or is it more serious than that?

It's more complicated than that.

Without seeing the whole email, c/w headers, I can't say with certainty; but my guess is that the email account itself has not been compromised (i.e. Username and password is probably NOT compromised). The email will have come from a cyber criminal, using the OP's address as "from". If the recipient clicked "reply", and then checked the address that the email would go to, it is likely the bad guy's server, not the OP.

If the OP's account had been compromised, then he would likely have "sent" many more emails. But services like gmail are smart enough to apply machine learning, and notice that 400,000 emails were sent from Russia. So typically the bad chaps don't target hacking into gmail. Much lower hanging fruit around.
 

BarcelonaAnalPark

LE
Book Reviewer
Tell your friend to change email passwords and stop going on mucky websites.
 
Thank you gentlemen, we have changed our passwords, keeping fingers crossed.
I would love to know how Henry came into the equation.
Oddly the flowers were nicked from his grave in the week and when the old lady went to replace them the stonework had been removed from the grave to enable digging nearby.
Poor old dear is just a little spooked!!
 

chrisg46

LE
Book Reviewer
I occasionally get emails from august organisations such as PayPal who tell me they are suspending my account with them due to suspicious activity on that account.
While naturally pleased they are so diligent, I am somewhat confused as I don't have PayPal. I am also bemused by their email address - it seems to have a display name along the lines of "customer services", but the outlook header is "thieving.barsteward@outlook.com" or similar. Surely a large company such as PayPal can afford it's email address?
I am tempted to reply to point out that surely the stupid fcuks can do better that, do you think they will be encouraged to send more emails?


Posted from the ARRSE Mobile app (iOS or Android)
 
The "from" address in the e-mail doesn't necessarily mean that's where the email was actually sent from. Spammers will use special spam sending software that let them put anything they want into the headers (the parts having to do with the routing of the message) of an email.

Think of it as being like the return address on a postal letter. You could write any return address you want on a postal letter, but so long as there is a stamp on the envelope and a valid destination address it will get delivered by the post office.

As others have said, most likely someone you both know has either had a computer virus or otherwise had their address book copied. The addresses then get sold on to spammers. They will then do a mix and match on the names in order to make it more difficult to figure out who actually has the problem.

The spammers don't normally want you to reply to them, or at least not to the "from" address as usually most of the process on their end is automated. They usually want you to click on an obfuscated link contained in the email and go to a web site they control to either put your details into a fake form, or to deliver a virus to your computer via a security vulnerability, or both of course.
 

Joshua Slocum

LE
Book Reviewer
I opened my mail box today and saw this email, I rarely use drop box, it may be that the sender found my email addy on the NAPIT website unless the russkis have hacked arrse
I then rang my Computer person who knows of such stuff and he said its a scam
I went into the BT thingy and marked it as spam, and then I found a few other offering military clothing ??
any ways heres a pic in case you get it
031.JPG
 
I opened my mail box today and saw this email, I rarely use drop box, it may be that the sender found my email addy on the NAPIT website unless the russkis have hacked arrse
I then rang my Computer person who knows of such stuff and he said its a scam
I went into the BT thingy and marked it as spam, and then I found a few other offering military clothing ??
any ways heres a pic in case you get it
View attachment 328569

Any pics of Sherry Josh?

PS

Your avatar looks a bit funny.
 
I opened my mail box today and saw this email, I rarely use drop box, it may be that the sender found my email addy on the NAPIT website unless the russkis have hacked arrse
I then rang my Computer person who knows of such stuff and he said its a scam
I went into the BT thingy and marked it as spam, and then I found a few other offering military clothing ??
any ways heres a pic in case you get it
View attachment 328569
There are phishing emails going around which attempt to steal your Dropbox or email passwords. One version takes you to a fake Dropbox login page in an attempt to steal your Dropbox login. The other takes you to a fake email login page to try to steal your email password. Some try to get you to download a file containing a virus.

Fake Dropbox Email Phishing Scam Alert - April 2017
These fake Dropbox emails look legitimate, but they're both phishing scams that work differently. One tries to steal your Dropbox password with an order request that looks like it's from an actual company. The other tries to steal your email password with a fake file sharing request. (...)

Dropbox email spam is very common. Some of these scams try to lure you into downloading a virus attached to or linked from the email. Others exploit the popularity of the file sharing service to get you to provide your username and password with a fake login page.
 

W P

LE
Aha Yes, not sure why that has happened maybe the new arse format, I will try to reduce it a bit without breaking the internet ( unless its soem secret sign for those in the know)

Avatars have to be square, so web-site systems like Arrse's crop &/or reduce the scale of the images selected by the users. To maintain the 1:1 aspect ratio & get rid of the beige stripe it's necessary to crop the bottom:

joshua-slocum2.jpg


Here's a sharper version if you prefer (it will look better when the Arrse system reduces it):

joshua-slocum3.jpg
 

Joshua Slocum

LE
Book Reviewer
Avatars have to be square, so web-site systems like Arrse's crop &/or reduce the scale of the images selected by the users. To maintain the 1:1 aspect ratio & get rid of the beige stripe it's necessary to crop the bottom:

View attachment 328901

Here's a sharper version if you prefer (it will look better when the Arrse system reduces it):

View attachment 328902
Many thanks,
I just fitted the picture you trimmed up and its much better, you are most kind, I was going to stick another image in but I dont like change, and those that have met me say it looks much like my younger self
 

Latest Threads

Top