Posted on 04/21/2018 9:25:43 PM PDT by Hostage
Somehow my and my 11-year old son's gmail was spoofed, meaning someone is able to send messages out using our gmail accounts.
The spoofed emails show up in my sent folder.
We changed our Google account passwords. But I am still studying what else to do; not confident I understand how it happened, not confident I've done what needs to be done.
My son plays on Xbox Live and I don't know what goes on there but he's smart enough to not give out personal info.
I have a 2-step verification process enabled.
Here's one of the spoofed messages (I redacted out my gmail with ******@gmail.com)
from: ABC Shark Tank <******@gmail.com> via telus.com
to: senderus@justvaluerate.com,
senderse@justvaluerate.com,
monsl@50-233-80-21-static.hfc.comcastbusiness.net,
mz@traveldailymedia.com,
gego@nih.gov,
iscontact@rei.com,
mz@wp.com,
info@chadog.fr,
info@autotrader.com
date: Sat, Apr 21, 2018 at 7:17 PM
subject: Exclusive Limited Time Online Offer Shark Tank Success Story
mailed-by: telus.com
security: ip-pool.com did not encrypt this message Learn more
________________________
Whoever got hold of my gmail changed the gmail name from my personal name to 'ABC Shark Tank' shown above. Also, I don't know any of the addressees.
The body of the spoofed gmail has a line from Google that says:
"This may be a spoofed message. Gmail couldn't verify that it was actually sent from your account. Learn more"
The 'Learn more' link is kind of useless.
Here's the second spoofed message title:
------------is A Big P R o s T a T e [M A k I N G] Your LiMp?
Anytime I see a subject title like that, I push the Spam button but this is from my gmail address:
from: -----------------Optimum Male Health <*******@gmail.com> via telus.com
So my real name was changed to '-----------------Optimum Male Health'
I sent a TEST message to myself and everything looks good. Only 2 spoof messages used my gmail and no other for now.
The only other spoofed message came from my son's gmail where his gmail was also spoofed. His mail is redacted below to 'xxxxxxxx@gmail.com' and his name was changed to 'Funeral Quote':
from: Funeral Quote
to: senderus@justvaluerate.com,
senderse@justvaluerate.com,
monsl@50-233-80-21-static.hfc.comcastbusiness.net,
mz@traveldailymedia.com,
gego@nih.gov,
iscontact@rei.com,
mz@wp.com,
info@chadog.fr,
info@autotrader.com
date: Sat, Apr 21, 2018 at 7:20 PM
subject: Maybe Youre Just Not Ready For A Girlfriend
mailed-by: gmail.com
security: Standard encryption (TLS) Learn more
: Important according to Google magic.
______________________________
This one borders on porn and I don't do porn, neither does he (I check his website history from time to time and set child security so he's not able to see any smut).
Is Qook like a Cuck or a Kyke?
Has my knowledge been hacked to become Qookish?
Spam mailers can insert from address’s using a list. 50% chance it was sent from their system not actually using your account.
Look for the mail in question in your sent items folder. If it’s not there, it’s a spoof.
Do you use a mail client, or do you use online mail?
If you have a working email client and address book in it, it could have been hacked by a virus. So refresh your anti virus and do a root kit full scan.
See #9.
But we changed passwords just to be careful.
Lol!
Mel is still kickin at 91 years of age. He must be doing something right!
Thank you. This is solid advice.
I will do that and let you know.
He was talking about a Spaceballs sequel but I guess nothings going to come of it.
This is the first time you’ve ever seen an email with a forged header?
I can send you an email that looks like it came from Donald Trump if you want an example of what’s going on here.
Have some PHP code you can run from any webserver:
$to = “mytarget@gmail.com“;
$subject = “This is Don”;
$txt = “This is a totally legit email from the President of the United States”;
$headers = “From: president@whitehouse.gov“;
mail($to,$subject,$txt,$headers);
> 50% chance it was sent from their system not actually using your account.
try 99.99999999% chance
This just happened to me, too. I have never heard of spoofing before.
LOL, I have no idea.
I’m just “questioning”...
H->! had a private server....
Gmail should be a ghost town..
WTH uses Gaggle? and WHY?
I just knew that anything beyond Assembly would turn out to be Evil...
I know, I know.
I will now go out on my balcony and self-flagellate while embracing the suck.
Solid, but scary.
The spoofed emails were in my sent folder but the addressees were not on my list.
Time for us to learn.
Scary stuff.
Thanks again, yours is really solid advice.
Using a throwaway email on Xbox Live and other website registrations is a good idea. I don’t register to websites recently, not a big FB user (very rare user).
I did open the spoof messages but not any images inside them. Scary to think there is an auto-reader to detect a live email address.
I’ll post updates to you as I drill down on this experience.
I will likely need to do a full malware virus scan as you suggested.
Enable two-factor and change your password. You also have to identify all financial accounts which had an email in your account, because that person could have reset passwords on those accounts using your email.
They got your ID and password for GMail. You have to scan all of your computers/devices for malware. Something keylogged you.
One last thing, when you say they are spam/spoof it may tell them you read them. You may want to go offline on the Internet before doing so, even viewing them may send them a signal that you did
I have some more ideas on how to block them, Look forward to your response
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.