[Noisebridge-discuss] Fw: continuing adventures in the brave new world.

Carl carl at icarp.info
Tue Apr 3 20:55:53 PDT 2012


It's more likely that his account was NOT hacked, but that the spammer
simply placed your friend's email address in the "From:" field of the
email that was, in reality, sent from the spammer's email account.
Which explains why it would not be in his Sent box, since it wasn't
actually sent from it.  This is trivial to accomplish by someone who
runs their own mail server.

This is like writing someone else's return address instead of your own
when mailing an envelope.  Anyone can write whatever they want in the
"From:" field of an email.  There is no security or authentication
method in place to prevent this.


-Carl

On Tue, 2012-04-03 at 00:08 -0700, Frantisek Apfelbeck wrote:

> Hey folks,
>
> Just a quick note regarding my recently hacked hotmail account.
>
> I awoke this morning to receive a spam email from my own account even
> though it doesn't show up in my "Sent" box. I replied to the email
> just to see if it came to my inbox and it did. Can hackers duplicate 
> your account? The complexity of the digital realm continues to amaze,
> astound and totally confuse me!
>




More information about the Noisebridge-discuss mailing list