Link to home
Create AccountLog in
Avatar of Now Then
Now ThenFlag for United Kingdom of Great Britain and Northern Ireland

asked on

How to determine whether an email is a spoof or whether the email account has been hacked into.9

My brother-in-law has forwarded an email conversation to me that was initiated by a request for the payment of an invoice that did not exist. The spam email appears to have come from his email address and was sent to people in his address book. I was wondering if someone could help me to recognise whether the spam email is a spoof or whether someone or something has managed to hack into the email account. I have no real experience of reading email headers so please be gentle.
Thank you in advance.
Avatar of Andrew Leniart
Andrew Leniart
Flag of Australia image

My brother-in-law has forwarded an email conversation to me that was initiated by a request for the payment of an invoice that did not exist.
I frequently see these myself. They are scam emails sent in the hope that some lowly paid accounts payable clerk at a company (or the owner himself) will just assume the invoice is valid and pay it.

I was wondering if someone could help me to recognise whether the spam email is a spoof or whether someone or something has managed to hack into the email account. I have no real experience of reading email headers so please be gentle.
Who are the participating authors of this conversation? Does he recognize any of them? It's highly unlikely anyone has managed to hack into your brother-in-laws email account just because he got an email like this. A hacked account would almost certainly have other indications of unauthorized use.

If you want to be on the safe side, advise your brother in law to change his email account password and ensure his account recovery options are valid.

I hope that's helpful.

Regards, Andrew
Avatar of Now Then

ASKER

The spam email purports to have come from my brother-in-law. It has been sent to people in his address book.
Avatar of David Johnson, CD
really without the headers there isn't much anyone can do from afar. you could try pasting the header into https://mxtoolbox.com/EmailHeaders.aspx
Are the email headers from the original email still visible when the email has been forwarded?
Yes, if an email has been forwarded, the original email headers should remain. If you could tell us which email client are you using, we can help in how to extract the email headers.
ASKER CERTIFIED SOLUTION
Avatar of Andrew Leniart
Andrew Leniart
Flag of Australia image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Well, it seems that forwarded emails do not contain the headers from the original email. I am waiting now for someone to provide me with the original headers. That could take a while.