Email appeared like it was from me

Hi, my boss got an email that had my name in the email address from field, but it was like: myname@something.jp, not myname@myrealaddress.com. She clicked on the link and got a bad virus, as well as an attack on her bank account.

The question is, how did the spammer get my name and know to send it to her? Did it come from one of my email accounts?

About two months ago I had a virus, could someone have gotten her email and my name then? She's pretty freaked out.
mel200Asked:
Who is Participating?
 
BillDLCommented:
Chances are that your boss is not the only recipient of the email that purports to have been sent by you.  It is probable that others in your address book / contacts list have or will receive the same or similar messages.

>>> "About two months ago I had a virus, could someone have gotten her email and my name then?" <<<

That is the most likely scenario.  Virus writers have been doing this type of thing for a long time.  Their malicious programs are written to search known places for users' address books and snatch the contacts.  Normally the infected emails would not actually be sent from the computer that has been hacked, but rather from another mass emailing process from elsewhere using the data that was acquired.  These days people share contact lists between different applications and online accounts like Facebook, so it may also be possible to acquire contact lists by hacking those online accounts.

It may seem like more than just a coincidence that the email went to your boss, as though it was deliberately targeted, but consider the possibility that the virus your boss ended up with by opening the email that looked to have been from you might also have done the same thing with her contacts.  It is possible that other people have now received infected emails that look as though she sent them.

The lesson is in your description of the events:
>>> "She clicked on the link and got a bad virus, as well as an attack on her bank account." <<<

Time and time again we are warned not to blindly click on links in emails, especially where there isn't much of a description of what you are being induced to click on.  Of course there are some very well crafted email messages that are extremely difficult to differentiate from genuine ones, for example a message that looks as though it is from a bank, from facebook, or something similar, that tells you "a security breach has been discovered" (or some other bogus but worrying issue) and urges you to click a link to change your password.  Behind the scenes the reader is sending her credentials to criminals who can then drain the bank account.  Every online banking service will have an article telling you how to determine if an email message is genuinely from them.

You didn't say how you ended up with a virus two months ago.  If you were also induced to click a link in an email then the boss can hardly blame you when she did exactly the same thing.
1
 
JohnBusiness Consultant (Owner)Commented:
Spammers and worse spoof email addresses all the time. That is life.

You need to implement top notch spam control to filter this stuff out. Good spam control does not depend on email address, but rather the sender (IP and other header elements) and information in the body of the email.
0
 
mel200Author Commented:
Mine was worse- I didn't click a link, I got an email from a colleague, clicked on the email to preview it, and immediately got infected. I took it to my computer guy, who put in his USB drive, which Instantly got wiped. He got rid of the virus, gave me the laptop back, and I said, "Did you delete that email?" (Should have done it myself). He said no, he didn't, but I should. I closed preview mode, right-clicked on it to permanently delete, and got infected again.

I sent an email to the lady asking her not to email me again because she was sending me a virus, and went back to my computer guy. He cleaned it again, I opened my email and there was an email from the lady saying, "what virus??". And I got infected again. So I blocked her and got it cleaned again. Been fine ever since.
0
 
mel200Author Commented:
Thanks for the clear information, appreciated.
0
 
BillDLCommented:
Thank you mel

It is for that reason I always leave the "preview" off.  The problem is when you are dealing with the daily influx of messages and see the name of the sender which you recognise.  It can happen to anybody.  The problem is with HTML format of just about all modern email messages.  It would be impossible in this day and age to read your messages all in plain text because HTML format and embedded images has become the default, whether they be from the bank, your ISP, from Experts-Exchange, and so on.  The very format that allows for the transmission of attractive messages is the same format that allows malicious code to run when opened and even previewed.
1
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.