Apologies if this is not the correct forum, but the actual 'e-mails' one didn't seem to house many questions like this.
I was hoping to hear some more knowledgeable opinions as to what has happened to my dad's e-mail account. Let me describe the issue:
This morning I received an e-mail in my spam folder that ostensibly seemed to be from my dad, as both the sender's name and the title of the e-mail were his name (not a particularly common name I might add). The message consisted of a "How are you?", followed by a shady-looking link that seemed like what you might find in your typical spam e-mail fare. The sender's address however, was not my dad's Yahoo account, but an address with the domain @vertigofilms.com.ar (not an account that my dad has ever had contact with). My dad's e-mail also shows no record of having sent the mail out this morning.
The worrying aspect then (in addition to his name being in the title and sender name), is that each of the 15 recipients of the e-mail are contacts in my dad's address book. This leaves me puzzled as to whether his account has been hacked or not, as the fact that all of the recipients are contacts on his list (some of whom would not know each other in any other way) and his name being both the title and the sender's name would suggest that it was, but that the sender used a different address and there is no evidence in his sent mail leads to the opposite conclusion. I would also expect that all 200 or so of the contacts in his address book would have been mailed had his account actually been compromised rather than simply 15.
To be safe we've changed the password to the account already and I will be running some virus scans on his computer tomorrow, but I would love to hear some thoughts on how this particular spam works. The only plausible theory I've found in my own research has been that perhaps it was not my dad's account that was hacked, but one of his contacts that he had e-mailed. The addresses used were copied from the CC line of some previous e-mail, then his name was used to "spoof" and confuse the recipients as to the source. If this is the case, is there any action we could take to try to stop the spam (assuming more is coming), and would there be any other security measures you would recommend we take?
I was hoping to hear some more knowledgeable opinions as to what has happened to my dad's e-mail account. Let me describe the issue:
This morning I received an e-mail in my spam folder that ostensibly seemed to be from my dad, as both the sender's name and the title of the e-mail were his name (not a particularly common name I might add). The message consisted of a "How are you?", followed by a shady-looking link that seemed like what you might find in your typical spam e-mail fare. The sender's address however, was not my dad's Yahoo account, but an address with the domain @vertigofilms.com.ar (not an account that my dad has ever had contact with). My dad's e-mail also shows no record of having sent the mail out this morning.
The worrying aspect then (in addition to his name being in the title and sender name), is that each of the 15 recipients of the e-mail are contacts in my dad's address book. This leaves me puzzled as to whether his account has been hacked or not, as the fact that all of the recipients are contacts on his list (some of whom would not know each other in any other way) and his name being both the title and the sender's name would suggest that it was, but that the sender used a different address and there is no evidence in his sent mail leads to the opposite conclusion. I would also expect that all 200 or so of the contacts in his address book would have been mailed had his account actually been compromised rather than simply 15.
To be safe we've changed the password to the account already and I will be running some virus scans on his computer tomorrow, but I would love to hear some thoughts on how this particular spam works. The only plausible theory I've found in my own research has been that perhaps it was not my dad's account that was hacked, but one of his contacts that he had e-mailed. The addresses used were copied from the CC line of some previous e-mail, then his name was used to "spoof" and confuse the recipients as to the source. If this is the case, is there any action we could take to try to stop the spam (assuming more is coming), and would there be any other security measures you would recommend we take?