Dodgy Email - guidance from IT boffins needed?

[Sergei Gotsmanov]

Somebody has received an email from my name saying I have an announcement - with the usual link to click on. My email is not showing any sent emails. Is it likely that it has come from his own account that has just plucked out my name from his contact list or is my email account responsible. Is it therefore my issue or his?

[badgerx16]

It is almost certainly nothing to do with you or your email directly. Your account name has probably been taken from a compromised IT system somewhere; if you go to this link

https://www.f-secure.com/gb-en/identity-theft-checker

and enter your account name it will probably show you where.

 

( I was once giving a presentation on IT security to our Board of Directors and as part of the talk used a hacking trick to send an email from one of the Directors to the Chief Executive, without accessing that Director's account, giving the Director's notice of resignation with immediate effect. Naturally the 'sent' message did not appear in the supposed source account.

As I was the IT Security Manager I had temporarily bypassed some of the mail server's security settings to do this, but there are plenty of insecure and badly managed systems out there ).

 

 

Edited 30 November, 2023 by badgerx16

[Sergei Gotsmanov]

9 minutes ago, badgerx16 said:

It is almost certainly nothing to do with you or your email directly. Your account name has probably been taken from a compromised IT system somewhere; if you go to this link

https://www.f-secure.com/gb-en/identity-theft-checker

and enter your account name it will probably show you where.

 

( I was once giving a presentation on IT security to our Board of Directors and as part of the talk used a hacking trick to send an email from one of the Directors to the Chief Executive, without accessing that Director's account, giving the Director's notice of resignation with immediate effect. Naturally the 'sent' message did not appear in the supposed source account.

As I was the IT Security Manager I had temporarily bypassed some of the mail server's security settings to do this, but there are plenty of insecure and badly managed systems out there ).

 

 

Thank you Badger that is much appreciated.

It did find one breach but from July 2020. Is this likely to be relevant this week?

Edited 30 November, 2023 by Sergei Gotsmanov

[Turkish]

12 hours ago, Sergei Gotsmanov said:

Thank you Badger that is much appreciated.

It did find one breach but from July 2020. Is this likely to be relevant this week?

This is my area pal I work in cyber security *cough* I mean printer cartridges. It’s likely this is as a result of breach either then or since, 45% of Uk companies were breached in 2022 and it took them an average of 174 days to realise they had been. Depending on your security tech and policies it could easily still be the 2020 breach or one your company doesn’t even know about yet. About 90% of those breaches occur from employees click on dodgy emails. I can help your company but it’ll cost you although no where near as much as a breach will  😜

Edited 1 December, 2023 by Turkish

[benjii]

On 01/12/2023 at 01:52, Turkish said:

 It’s likely this is as a result of breach either then or since

Genius.

[trousers]

On 30/11/2023 at 21:34, badgerx16 said:

It is almost certainly nothing to do with you or your email directly. Your account name has probably been taken from a compromised IT system somewhere; if you go to this link

https://www.f-secure.com/gb-en/identity-theft-checker

and enter your account name it will probably show you where.

 

 

 

How do we know that link is genuine / safe...?

[AlexLaw76]

https://haveibeenpwned.com/

[badgerx16]

3 hours ago, trousers said:

How do we know that link is genuine / safe...?

If you can't trust me, who can you trust ?