Jump to content
CaLy

Help with a mail received few times saying my email is hacked

Recommended Posts

10 hours ago, lisati said:

The only one I recall receiving that mentioned a password had one which wouldn't have worked. A few months earlier I had noticed that something was a bit off, and had taken the precaution of changing my password.

yeah, a spamtrap of mine seems to have gotten on the list with lots of random password.  The interesting thing is that spamtrap address is just an alias account and has no password.  Probably just a copycat setup from scammers who do not have the actual passwords.  One can never be sure if they are the copycat or the real thing that is "masking" the password just so they do not give themselves away.

Share this post


Link to post
Share on other sites

in your case, I'd be sending a manual report to sendgrid, and one to the IP owner of the link in the body. but the reports wouldn't be sent from the email account I received the message to, but from a spam reporting email address not associated with me. (I made one up a long time ago combating a Nigerian spammer with a name from another Nigerian spammer :) and have been using that one for manual reports ever since, always munging my name and other identifying strings explaining to the abuse desk the reasons for it.)

Share this post


Link to post
Share on other sites
7 hours ago, CaLy said:

Today i received a new one (telling about webcam, wich i dont have) ... so :P

Tracking URL : https://www.spamcop.net/sc?id=z6505315873z0b3bb21ccb863cdadb680fb4f1c7c68az

Seems sendgrid are dopey in not receiving reports, their customer has a compromised computer! These type spam warnings seem common! Always use a virus program Windows Defender is adequate and one paid for it when the bought windows.

https://www.spamcop.net/w3m?action=checkblock&ip=167.89.100.171

 

Share this post


Link to post
Share on other sites
On 12/8/2018 at 11:56 PM, CaLy said:

Today i received a new one (telling about webcam, wich i dont have) ... so :P

Tracking URL : https://www.spamcop.net/sc?id=z6505315873z0b3bb21ccb863cdadb680fb4f1c7c68az

That's a fairly typical example of some I've received, mostly for one particular email address which, because it's little more than a redirect on a server, doesn't actually have an associated mailbox.

Share this post


Link to post
Share on other sites

Sounds like they might be morphing now.  I got the following sent to an address that has not has this stuff yet.  More phishing...

Urgent : Someone has your password

http://www.spamcop.net/sc?id=z6506112137zb5e259ccf80b3b62fcb7a72e9509c841z

I have to chuckle at these liars how seem to be getting desperate.  I hope it means they are losing the battle.......

Share this post


Link to post
Share on other sites

Ha, I thought this guy has given up, but seems he came back for another try.  Been a long while since I have seen this come into my "spamtrap" account.  I though they had given up on it.  Amazing how an account could have a password without an /etc/password entry.

http://www.spamcop.net/sc?id=z6508576087z8ae70bcdece03f0236640dc90110bceaz

Share this post


Link to post
Share on other sites

What makes you think the "same guy" is back?  Looking at where the IP's for the last three reports (Tracking URL in thread) Sure looks like the CD(?) with the email is just being passed around.

93.65.54.240 Italy

109.238.12.51  France  

210.16.101.53  India

Share this post


Link to post
Share on other sites

I haven't bothered looking too closely for a pattern in the similar emails I've received, but have noticed that the ones I've reported tend to get tracked back to different ip addresses.

Share this post


Link to post
Share on other sites
23 hours ago, Lking said:

What makes you think the "same guy" is back?

There have been a few different passwords used.  However, the one today has a unique password that was used back in November.  It is similar to the format of the October scams, but not similar to the early December copycat scams.  Of course with a spamtrap account that has never had a password of its own and likewise does not have its own browser.  I did not that this scam did not talk about the webcam, unlike the ones back in November.

If it was a different person, then I would expect that I would be able to find some sort of link to the so called password somewhere on the internet.  Though, this could be a darkweb link that I know nothing of.

Share this post


Link to post
Share on other sites
On 12/25/2018 at 3:48 PM, lisati said:

Had one of those (or was it Japanese?) a few weeks back. It could be taken as evidence that spammers are stupid.

Well they have the password and name is correct but last millennium one and were on adsl always used vrus scanner

Thr information seem to of been scammed from SpamCop early days probably from junked computers

Share this post


Link to post
Share on other sites
On 12/26/2018 at 8:10 PM, petzl said:

Well they have the password and name is correct but last millennium one and were on adsl always used vrus scanner

Thr information seem to of been scammed from SpamCop early days probably from junked computers

One or two of the dodgy emails I've had seem to have their origins the days before my provider moved away from Yahoo, who had had a couple of data breaches. The password was correct but an old one. I'd already seen evidence that something was a bit "off"  and had changed my password as a precaution, prior to receiving claims that my account had been hacked. More recent efforts I've seen in my inbox have been of a slightly different character, and would probably warrant a separate thread.

I'd suggest, at the very minimum, a change of password a.s.a.p. for people who get one of these "your account has been hacked" emails, or any other evidence that something's not quite right.

Edited by lisati
Added suggestion to change password

Share this post


Link to post
Share on other sites
2 hours ago, lisati said:

One or two of the dodgy emails I've had seem to have their origins the days before my provider moved away from Yahoo, who had had a couple of data breaches. The password was correct but an old one. I

Still suspect info coming from old dumped servers. I said ADSL  but it was even before that, when I had 33.6 modem.

So many getting these threats so it seems organised and from more than one source.  Seem to remember where junkied computers are sent to Africa and gangs take the data off them. Use the Windows FREE version of CCleaner to wipe drives select Tools/Drive Wiper. Formating won't remove info.  Wipe at least once then format the more times you wipe the longer it takes depending on drive size.

DO NOT WIPE SSD (drives) you will destroy them!

Edited by petzl

Share this post


Link to post
Share on other sites
13 minutes ago, petzl said:

Wipe at least once then format the more times you wipe the longer it takes depending on drive size.

My approach to old failed hard drives is ¼" drill.

Share this post


Link to post
Share on other sites
1 hour ago, Lking said:

My approach to old failed hard drives is ¼" drill.

never had a failed drive? but if I junk computer use them in hard drive enclosures  for USB storage.(hold all my DVD movies) if not needed hammer them.

Edited by petzl

Share this post


Link to post
Share on other sites

Received a new version of the "I installed malware".  The price this time is up to $1000.

Quote

Let me get directly to the point without wasting both of our time a while ago while surfing one of porno xxx internet site your operating-system is compromised by software program I carefully placed there,
while you were watching those video clips and enjoying my software put in malware on your personal computer now I've got complete access of the personal computer.

Yea right. https://www.spamcop.net/sc?id=z6515021682z3d3182f240de52601e3dd7c4046dd04fz

Share this post


Link to post
Share on other sites

[💩Knob💩], appropriate moniker; doesn't appear to understand "please" & "thank you" would likely achieve a happier outcome...

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×