Announcement

Collapse
No announcement yet.

Intercepted e-mails

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
    #1

    Intercepted e-mails

    It has happened a few times that e-mails sent by my wife with payment details have been intercepted, with the recipient receiving a cloned email with different bank details. She has tried to send he account details as an attached PDF, but the bad guys simply add their account details into the body text.

    Does anyone here have ideas about how this works? At what end is the interception taking place? What can be done to avoid this? Who's to blame (other than he crooks)? Who is liable?
    Tags: None
    #2
    My first thought is that your wifes account has been compromised. What to do next depends very much on who the email provider is. If it's someone like Google or Hotmail you wan to change the password, revoke previous access to the account (it depends on the provider again how this is done) and most importantly, set up Two Factor Authentication.

    Once this is done check for inbox rules on the account. If it's a different provider then the same basic steps will suffice but there may be variables. But the most important thing is to set up two factor authentication, using an app and not SMS. Even better get a FIDO key.
    Last edited by Levin; 24-04-2019, 09:57.

    Comment

      #3
      Yeah, absent some good external reason to suspect a targeted attack this seems by far the most likely option. Well, other than the recipient being the scammer.

      Comment

        #4
        The simple answer is that plain email isn't a secure method of communication. And yes, she's probably being targeted.

        Is something like WhatsApp an option? That's encrypted end-to-end.

        Comment

          #5
          Originally posted by G-Man View Post
          It has happened a few times that e-mails sent by my wife with payment details have been intercepted, with the recipient receiving a cloned email with different bank details. She has tried to send he account details as an attached PDF, but the bad guys simply add their account details into the body text.

          Does anyone here have ideas about how this works? At what end is the interception taking place? What can be done to avoid this? Who's to blame (other than he crooks)? Who is liable?
          I second the advice above, changing passwords and Two-factor Authentication will solve this.

          Also who is the email provider, if she sends financial type information like this, then sending via encrypted email is another possibility.
          If this is work-related email, then there is a possibility her organisation has been compromised by malware or an admin.
          Good spot with an inbox rule as well. I have seen that quite a few times.


          Comment

          Previous template Next
          Working...
          X