Posted on 04/21/2018 9:25:43 PM PDT by Hostage
Somehow my and my 11-year old son's gmail was spoofed, meaning someone is able to send messages out using our gmail accounts.
The spoofed emails show up in my sent folder.
We changed our Google account passwords. But I am still studying what else to do; not confident I understand how it happened, not confident I've done what needs to be done.
My son plays on Xbox Live and I don't know what goes on there but he's smart enough to not give out personal info.
I have a 2-step verification process enabled.
Here's one of the spoofed messages (I redacted out my gmail with ******@gmail.com)
from: ABC Shark Tank <******@gmail.com> via telus.com
to: senderus@justvaluerate.com,
senderse@justvaluerate.com,
monsl@50-233-80-21-static.hfc.comcastbusiness.net,
mz@traveldailymedia.com,
gego@nih.gov,
iscontact@rei.com,
mz@wp.com,
info@chadog.fr,
info@autotrader.com
date: Sat, Apr 21, 2018 at 7:17 PM
subject: Exclusive Limited Time Online Offer Shark Tank Success Story
mailed-by: telus.com
security: ip-pool.com did not encrypt this message Learn more
________________________
Whoever got hold of my gmail changed the gmail name from my personal name to 'ABC Shark Tank' shown above. Also, I don't know any of the addressees.
The body of the spoofed gmail has a line from Google that says:
"This may be a spoofed message. Gmail couldn't verify that it was actually sent from your account. Learn more"
The 'Learn more' link is kind of useless.
Here's the second spoofed message title:
------------is A Big P R o s T a T e [M A k I N G] Your LiMp?
Anytime I see a subject title like that, I push the Spam button but this is from my gmail address:
from: -----------------Optimum Male Health <*******@gmail.com> via telus.com
So my real name was changed to '-----------------Optimum Male Health'
I sent a TEST message to myself and everything looks good. Only 2 spoof messages used my gmail and no other for now.
The only other spoofed message came from my son's gmail where his gmail was also spoofed. His mail is redacted below to 'xxxxxxxx@gmail.com' and his name was changed to 'Funeral Quote':
from: Funeral Quote
to: senderus@justvaluerate.com,
senderse@justvaluerate.com,
monsl@50-233-80-21-static.hfc.comcastbusiness.net,
mz@traveldailymedia.com,
gego@nih.gov,
iscontact@rei.com,
mz@wp.com,
info@chadog.fr,
info@autotrader.com
date: Sat, Apr 21, 2018 at 7:20 PM
subject: Maybe You’re Just Not Ready For A Girlfriend…
mailed-by: gmail.com
security: Standard encryption (TLS) Learn more
: Important according to Google magic.
______________________________
This one borders on porn and I don't do porn, neither does he (I check his website history from time to time and set child security so he's not able to see any smut).
I feel your pain. I was once the recipient of spam, with my own business email address as sender. I passed it to Corporate computer security.
OT. I have a Twitter account but rarely use it. The last time I logged on my default language had been changed to Hebrew and I was following Obama.
This has been happening to my Gmail account, too, just over the last couple of days.
It's not quite that simple.
Change your password to something that's:
- not a word in the dictionary
- is at least 8 characters long
- uses one or more Uppercase letters
- uses at least one number
- uses at least one special character
If two-factor authentication is available, enable that as well.
Your 11 grandson is not being honest about where he has been on the internet. It’s not a big deal, but I would spend some time in his history.
Again, 11 year old kids are kids. Kids lie because they are kids.
Just a good opportunity for learning about the internet and life.
Just make sure to lie down on the right side of the bed.
He's the original 2000 year old man. Being 91 is just a front :P.
Make sure you run an updated virus scan, you may have been hacked as a backdoor. But I suspect most likely you are correct and someone got your email.
Do you use pop or I map or your net browser to access your email?
Part of your description leads me to think that you may have a virus or malware. Consider running an anti-virus and/or anti-malware program. Also run an registry cleaner after the others.
If you need recommendations;
anti-virus:
- Comodo
- Malwarebytes
anti-malware:
Spybot search and distroy
Registry cleaner
Eusing
It is not spoofed if the emails are in his Sent folder!
Nice!
yeah, you are right. I read his post too quickly and missed that.
Since the e-mails are in the sent folder, you weren’t spoofed, but either hacked or viruses. The e-mail came out of your account.
This could be due to direct compromise of your e-mail, or it could because a spambot virus is in your computer and is accessing mail the machine is logged into. I’d there is more than one account being used to send spam, and they have different passwords, it is probably the spambot virus.
The first part of the problem is understanding what it is and how to describe it.
I understand what you are saying, that it defies a ‘spoof’ description if the files show up in the sent folder.
But ...
To test things I sent an email to myself and my real name appears and everything else looks normal.
So this points to someone using my email, running it through my email account from the outside, and they are not using my email list of addressees.
It tells me the hacker has their own addressee list, their own means to name my email, for example in one of the fake emails My Name <******@gmail.com> is changed to ABC Shark Tank <******@gmail.com> via telus.com
They were able to rename the email user as ‘ABC Shark Tank’ which I never use and what if any is the significance of ‘via telus.com’? I never see my normal emails attach the phrase ‘via telus.com’.
Thanks to everyone sharing their knowledge and experiences.
You’re not only helping one user but many other viewers as well who have been hacked, infected, spoofed and who as I, do not yet possess a clear understanding of how exactly this incident can be described.
You know, I created a proton account months ago when a friend asked me to email them only via proton. But I email on average maybe once a month to this friend so it doesn’t get used often.
I keep using ‘gmail’ only because I’ve had it for like ten years with very only one other incident which was not the same as this incident.That incident was where my ‘Drafts’ folder was being used by parties to communicate to each other. I discovered this quite by accident. An internet research showed me exactly what to do, so I took care of it and never had the problem again.
How many people regularly check their ‘Drafts’ folder?
He says he sees it in his sent mail folder. But apparently, Gmail handles this like incoming mail.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.