spam email coming from user account

Posted on 2016-09-18
Medium Priority
Last Modified: 2016-09-20
Hello, I have a lady in the office that receive an email from another employee asking a question, she responds to the email and another email come back with her response and requesting she sends her company credit card, we are all in the same office so she got up to ask and he had never sent her an email nor does her email show up in his inbox..... Hopefully this make sense.  The emails that was sent had, sent from Iphone on the bottom of the email and he does use his Iphone to send and receive company email, they are both on the same domain  ... Any suggestions to find out whats going on

The email is hosted with google so I looked at the access log and it only shows the users mac and his Iphone
also I changed his email password
Question by:Deerek11
  • 4
  • 2
LVL 38

Expert Comment

by:Pawan Kumar
ID: 41804194
Never share these kind of stuff with anyone with email or via phone. Tracking will not help.

Block everything and complaint to police about the same, It may be a fraud.

Banks/organizations never asks these kind of information.

Author Comment

ID: 41804226
The question came from one of our employees within the company. Are there steps I need to take for security
LVL 38

Assisted Solution

by:Pawan Kumar
Pawan Kumar earned 1000 total points
ID: 41804227
Yes, please block the card information first.

Then inform the bank about the same.

Please lodge a complaint with the police about the same.

That should be all.
Train for your Pen Testing Engineer Certification

Enroll today in this bundle of courses to gain experience in the logistics of pen testing, Linux fundamentals, vulnerability assessments, detecting live systems, and more! This series, valued at $3,000, is free for Premium members, Team Accounts, and Qualified Experts.


Author Comment

ID: 41804233
She never sent any information about the credit card .... she got up from her desk to see if it was real because of the second email requesting card info the first email just asked are you in the office....
LVL 38

Expert Comment

by:Pawan Kumar
ID: 41804237
Great ! then ask her not to to reply on the second email and just ignore it.
LVL 38

Expert Comment

by:Pawan Kumar
ID: 41804252
@Author - I think we can close this question. Could you please mark one answer as accepted solution and close the question if you have no further question. :)

Thank you !
LVL 88

Accepted Solution

rindi earned 1000 total points
ID: 41804392
The message didn't come from the person you thought it was. The crooks spoof mail addresses that look like it came from your office, but it is an external source. If you check the headers of the email you should see that it actually came from somewhere else.

Most of the time they will just guess different mail addresses and hope that one of them fits. But it is relatively unlikely that they will get 2 addresses right. If that happens, a PC in your environment has already been compromised and they were able to get your address lists, so you should thoroughly scan all your PC's for malware and get rid of it. Or maybe a PC of one of your clients who has your email addresses has been compromised, in which case you can't do much except maybe warn your clients after you have found that your environment is clean, that it is possible they have malware and should check for it too. Another reason could be that your emails have been published on your website and are publicly available. In that case you can't do much apart from using really good spam filters.

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Find out what Office 365 Transport Rules are, how they work and their limitations managing Office 365 signatures.
A few solutions to a problem some of us have been having when trying to add Hostgator email accounts to Outlook 2016 (will probably work with Outlook 2013 as well).
Is your OST file inaccessible, Need to transfer OST file from one computer to another? Want to convert OST file to PST? If the answer to any of the above question is yes, then look no further. With the help of Stellar OST to PST Converter, you can e…
Planning to migrate your EDB file(s) to a new or an existing Outlook PST file? This video will guide you how to convert EDB file(s) to PST. Besides this, it also describes, how one can easily search any item(s) from multiple folders or mailboxes…

607 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question