Re: [OT] Has my e-mail account been hacked?
On Tue 13 Oct 2015 at 22:21:08 -0400, Stephen Powell wrote:
> On Tue, 13 Oct 2015 18:57:58 -0400 (EDT), Brian <ad44@cityscape.co.uk> wrote:
> >
> > The comment was a general one and directed at all our readers. However,
> > earlier you said "Someone discovered my password somehow". You have
> > just demolished that guess as having no basis as a likely cause.
>
> Likely, no, but still possible. For example, when I update my web
> pages, I use my ISP's FTP server. Suppose someone else on my ISP's subnet
> has a network sniffer in promiscuous mode. The FTP server uses ordinary
> unencrypted FTP. The userid and password are sent in clear text. I wish
> they had an FTPS server, but the last time I checked, they didn't. I use
> e-mail solely through a web-based e-mail client. When I login, I don't
> know if the password is sent in clear text over the network or not.
>
> That being said, if my password was obtained in this manner, I don't have
> much of a defense against it. If I change my password, they can get the
> new one the same way as they got the old one.
>
> Another possibility is a malicious web site that I may have unknowingly
> visited that managed to find a password in memory, a cookie, etc. So
> despite all the precautions that I have taken, it is still possible for
> a password to be "discovered".
>
> Having said that, it looks like someone else's credentials may have been
> used, based on some other posts to this thread. But I am not an expert
> in these matters. That's why I asked for help.
Your mails all have
X-Authed-Username: emxpbnV4bWFuQHdvd3dheS5jb20=
The one to aol.com has
X-Authed-Username: dGhlY291Z2hpbmdjYW5hcnlAd293d2F5LmNvbQ==
so did not come from your account.
Someone has access (legitimately or not) to the second account and is
sending mails with a forged envelope From. Your only recourse is to
present the evidence to the ISP and let them deal with it.
Reply to: