Email appeared like it was from me

Hi, my boss got an email that had my name in the email address from field, but it was like: myname@something.jp, not myname@myrealaddress.com. She clicked on the link and got a bad virus, as well as an attack on her bank account.

The question is, how did the spammer get my name and know to send it to her? Did it come from one of my email accounts?

About two months ago I had a virus, could someone have gotten her email and my name then? She's pretty freaked out.
Melody ScottAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

JohnBusiness Consultant (Owner)Commented:
Spammers and worse spoof email addresses all the time. That is life.

You need to implement top notch spam control to filter this stuff out. Good spam control does not depend on email address, but rather the sender (IP and other header elements) and information in the body of the email.
0
BillDLCommented:
Chances are that your boss is not the only recipient of the email that purports to have been sent by you.  It is probable that others in your address book / contacts list have or will receive the same or similar messages.

>>> "About two months ago I had a virus, could someone have gotten her email and my name then?" <<<

That is the most likely scenario.  Virus writers have been doing this type of thing for a long time.  Their malicious programs are written to search known places for users' address books and snatch the contacts.  Normally the infected emails would not actually be sent from the computer that has been hacked, but rather from another mass emailing process from elsewhere using the data that was acquired.  These days people share contact lists between different applications and online accounts like Facebook, so it may also be possible to acquire contact lists by hacking those online accounts.

It may seem like more than just a coincidence that the email went to your boss, as though it was deliberately targeted, but consider the possibility that the virus your boss ended up with by opening the email that looked to have been from you might also have done the same thing with her contacts.  It is possible that other people have now received infected emails that look as though she sent them.

The lesson is in your description of the events:
>>> "She clicked on the link and got a bad virus, as well as an attack on her bank account." <<<

Time and time again we are warned not to blindly click on links in emails, especially where there isn't much of a description of what you are being induced to click on.  Of course there are some very well crafted email messages that are extremely difficult to differentiate from genuine ones, for example a message that looks as though it is from a bank, from facebook, or something similar, that tells you "a security breach has been discovered" (or some other bogus but worrying issue) and urges you to click a link to change your password.  Behind the scenes the reader is sending her credentials to criminals who can then drain the bank account.  Every online banking service will have an article telling you how to determine if an email message is genuinely from them.

You didn't say how you ended up with a virus two months ago.  If you were also induced to click a link in an email then the boss can hardly blame you when she did exactly the same thing.
1

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Melody ScottAuthor Commented:
Mine was worse- I didn't click a link, I got an email from a colleague, clicked on the email to preview it, and immediately got infected. I took it to my computer guy, who put in his USB drive, which Instantly got wiped. He got rid of the virus, gave me the laptop back, and I said, "Did you delete that email?" (Should have done it myself). He said no, he didn't, but I should. I closed preview mode, right-clicked on it to permanently delete, and got infected again.

I sent an email to the lady asking her not to email me again because she was sending me a virus, and went back to my computer guy. He cleaned it again, I opened my email and there was an email from the lady saying, "what virus??". And I got infected again. So I blocked her and got it cleaned again. Been fine ever since.
0
Melody ScottAuthor Commented:
Thanks for the clear information, appreciated.
0
BillDLCommented:
Thank you mel

It is for that reason I always leave the "preview" off.  The problem is when you are dealing with the daily influx of messages and see the name of the sender which you recognise.  It can happen to anybody.  The problem is with HTML format of just about all modern email messages.  It would be impossible in this day and age to read your messages all in plain text because HTML format and embedded images has become the default, whether they be from the bank, your ISP, from Experts-Exchange, and so on.  The very format that allows for the transmission of attractive messages is the same format that allows malicious code to run when opened and even previewed.
1
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Email Clients

From novice to tech pro — start learning today.