troubleshooting Question

How do you trace someone who attempted to hack email

Avatar of cjsling
cjsling asked on
Email ClientsAnti-Virus Apps
7 Comments1 Solution1332 ViewsLast Modified:
I have a scenero I would like to run by the security experts.
User1 claims his email account was hacked and used to correspond in email to unknown people. The ip information from his ISP shows activity with his email account from his computer. ( At the time, this user was not behind a firewall and was using a public ip address) So it appears that someone hacked his computer and sent email s, etc.. using his ip address. Almost like this person had full access.. His ISP records show activity with his ip even when he wasn't using his computer or even home.
My questions are... 1. what would be the next step to try and determine where the inbound connection came from, if that is even possible at this point.  2. There is a person who is believed to have been the possible user who hacked this account. Is there some way this can be proved ? Keeping in mind.. Could this user's ISP records be able to show the connection ?
Just looking for the next logical step to try and determine or have all steps been exhausted.
Thanks in advance for any help or guidance.
cj
Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 1 Answer and 7 Comments.
Join the Community
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 7 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros