Hacking into email

Posted on 2006-03-20
Last Modified: 2013-12-04
One of the girls in our office has just dumped her boyfriend.  He is not happy about this and has threatened that he will hack into her email and access all the emails in her mailbox.  He has told her that all he needs is her email address and he can do this with some software that he has.  Apparently he has done this before to someone else.

I know nothing about hacking.  Can anyone enlighten me?  Is it possible to do this?

We have a soho firebox.  The only thing being allowed in is UltraVNC which comes through on various ports which are forwarded to different PCs.  The VNC server on those PCs is using a DSM plugin encryption with a software key, and a password.

How would he try to get in? or can they intercept emails on the internet?

How does this all work?

(Layman's terms please...)
Question by:peparsons
    LVL 65

    Expert Comment

    by:Jim Horn
    I'm going to go out on a limb here and say that you're likely not going to get this question answered here, as giving you an answer would be the equivalent of how to hack into an email address, and posting hacking solutions is against the EE Member Agreement

    >...has threatened that he will hack into her email and access all the emails in her mailbox.
    Perhaps a timely letter from your lawyer to this individual threatening certain consequences if this happens would be a good idea.

    Hope this helps.

    Author Comment

    I just need to know how to defend against hackers.  That can't be against the rules.
    LVL 27

    Assisted Solution

    It sounds to me (system wise) as if you have taken the standard precautions to secure your enivornment.
    Can he intercept an email on the internet? Highly unlikely.
    Ensure that your co-worker does not have an easily guessable password. It should be no less than six characters long and contain alpha numerics as well. You could go so far as to create a new user account for her (alias if you will) and lock down her current account. But from what you have stated I would only do this if I had reason. Especially if this co worker converses with business contacts via her email account.
    If he has hacked in to someone elses account I'm guessing that he had access to the user account name and a working knowledge of that person so as to make it easier to hack their password. Many users have generic and easily guessable passwords. Hackers run software designed for these types of passwords in order to crack them. You could think of it like a random number generator in reverse. These utilities simply run a database of common words, etc. in hopes of connecting with the right one. I honestly wouldn't go in to panic mode over a threat from this individual. I do like the idea of a certified letter from a lawyer being delivered to him though. Any attempt at hacking into any system corporate or private is a felony.
    LVL 2

    Accepted Solution

    Hi everybody , It's all about social Engineering . Giva ya an example
    There are too many programs used to send fake Emails
    So when he gets her email he can send her an email as the following
    From :  ( He really can use it as a fake sender )
    to :
    Subject : lost password or any dump sth like this

    so in the mail he writes telling her that microsoft lost her password and she has to send it again
    so if she believed that she would press ( reply ) and put her password and send it right away
    she may not realize the ( reply to ) matter so the password now is in his inbox

    Another way , is FAKE Pages , he can send her an email from
    and the email contains a page to reset password but the trick that It's FAke
    so she will type the password into the page and press okay , in this way the password will be sent to him


    Another way , Trojan horses and Downloaders
    HE can send her a normal link (.html) so when she click it , nothing will appear and trojan will be in downloading state

    Another way , If he couldnt guess the password , he would guess her SECRET QUESTION
    tell her to be careful about the secret Question , cuz he was her BF,  He knows alot about her
    he may know her favorite person , coloure , etc..............
    What else ?
    mmmmmmmm let me thinking
    there are too many ways.
    But to defend his all tries
    just tell her to do the followings.
    1-Create a good password ( more than 6 characters as David-Howard  said ) and let it contains characters like this ( &#%@! with numbers and letters )
    2-create A hard guessing secret question
    3-Download and install kaspersky anti-virus personal from
    4- never Open links from UNKNOWN ppl
    5- Never trust THe HOAX emails

    that's all for now
    I hope that it helped u
    If u have anyother question just drop it here :)
    LVL 14

    Assisted Solution


    First question: where is your email server located? Is it accessible from the public Internet?
    If it is located inside your office, and users can only accessible to their mailbox inside the office, which is the normal practice for companies using Exchange, Lotus Notes, etc., which could be further protected by token or SSL thingy, then it is less likely to be hacked from outside.

    If it is a hosted email server, or accessible directly from the Internet, then as long as anyone can get the password to access into it, it is accessible. Therefore, strong protection to the password is needed, including implementing policy that forces users to change password frequently.

    The staff password might already been known to the ex-boyfriend, so the immediate action is to change all passwords to something not easily be guessed, and never reveal the password to anybody, not even to her manager or IT personnel.

    LVL 12

    Assisted Solution

    Is your email server accessable from the internet?  If not and your network is otherwise secure then his claims would appear to be somewhat exagerated.  His claim, "He has told her that all he needs is her email address and he can do this with some software that he has." , would appear to be too good to be true.  I have never encountered any such software and if your systems are secured correctly and your network is isolated from the Internet then I cannot see how this could be possible.

    As has been mentioned above a letter from your lawyer outlining the consequences of any attempt to access your systems or continued threats of this nature may be more helpful here than worrying about what would appear to be an empty threat.

    Author Comment

    Thank you all.  There is some good advice here.  I will chat to her some more and warn her about the social engineering stuff in particular.  We have changed her windows password already to something she has never used before.

    LVL 2

    Expert Comment

    You are more than welcome peparsons :)

    Featured Post

    Enabling OSINT in Activity Based Intelligence

    Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

    Join & Write a Comment

    SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
    In a recent article here at Experts Exchange (, I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
    Hi everyone! This is Experts Exchange customer support.  This quick video will show you how to change your primary email address.  If you have any questions, then please Write a Comment below!
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…

    728 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    23 Experts available now in Live!

    Get 1:1 Help Now