Maybe everyone else has already experienced this but...
I received an email yesterday from a firm I did some business with a year or two ago containing a link to a remittance advice. It looked dodgy so I replied and said "er... I think maybe your email account has been hacked..."
The firm then replied and said no, we haven't been hacked at all. It's a genuine email so please click on the link to see the document.
The link looked so dodgy that I still wasn't happy and phoned them. They confirmed that their email system had indeed been hacked, and it was the hacker who had replied to my email.
That's a new one for me!
Related resources
Replies (16)
Please login or register to join the discussion.
Don't reply to dodgy emails! What on earth were you thinking?
If you think it's dodgy delete it, if you're not sure then send a new email or call them. Replying to the original is giving the hacker another chance to trick you, it's easy to set up an email so that the reply is sent to a different address.
Good point.
That said, I've just checked and the mail-to/reply address was the legitimate email address for the individual. I've received emails from that same email address before.
So the hacker must have taken over their account, or possibly the firm's email system.
That said, I've just checked and the mail-to/reply address was the legitimate email address for the individual. I've received emails from that same email address before.
So the hacker must have taken over their account, or possibly the firm's email system.
Not necessarily (though it appears the other firm confirmed they did in this case).
There is a common hacking technique known as "e-mail spoofing". This makes e-mails appear to come from a legitimate address when they don't. https://en.wikipedia.org/wiki/Email_spoofing
But if you know that the 'reply to' email address is genuine then the reply email should go to that address. As mabzden said, the only way a hacker could access that is if they have hacked their email system/mail server. Spoofing alone can't divert the response to the spoofed email received.
No its only the appearance that looks like the genuine email address. In fact the underlying email address, which is hidden, is where it goes to.
That is how they get a sniff that you can be convinced and you will get targetted.
Nevr reply to a dodgy email however genuine it looks.
But dont take my word for it. Ask the IT guru's.
These hacks are getting more and more sophisticated by the day. It's no surprise millions are caught out everyday. We just need to continue to be vigilant. Thank you for sharing mabzden.
Roll on MTD.
I am sure there will be no such problems with MTD and it will be perfectly safe digitalising the whole tax administration system, especially when Accountants are bypassed and the Government deals directly with the public, particularly those who are not really that digitally savvy.
Great stuff
If the internet is as temperamental as today, I simply can't wait and, tomorrow, I spend the afternoon at home, waiting for Openreach to fix the home (broadband) system! How efficient is that?
As I've said before, the UK is almost a third world country, in some respects, these days. And, that saddens me.
The safest way to do this is if you think the email is dodgy and you really have to reply in some way:
DO NOT reply to the email but start a new email thread by typing in the address yourself into the email. I know it is a pain to do it manually, but any other approach leaves you open to problems.
If the server itself has been compromised as in this case, then this wouldn't actually make a difference. The hackers would still gain access to it.
It's called email spoofing. If you had looked at the mail server or email header data you would have seen it wasn't from the real firm. Only made to look like it was. Old trick from many moons ago.
Email spoofing is easy to spot by spam filters, the email client or a reasonably tech-savvy recipient. An incoming message may claim to have a reply address of [email protected], but with a bit of detective work you can see it's sending to [email protected].
This example was more sophisticated, with nothing untoward in the headers or the reply address. The hacker seemed to have control of the user's account.
Email spoofing is easy to spot by spam filters, the email client or a reasonably tech-savvy recipient.
As you say, it is possible to spot spoofing if you are aware of it. Also, in this particular case, the actual address had been compromised.
But, for the less tech-savvy user, it is important to know that from/reply addresses can be faked. Weird e-mails should be queried by another route if there is any suspicion.
