Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Am I at risk?


  • Please log in to reply
9 replies to this topic

#1 jpkiser2

jpkiser2

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:30 PM

Posted 19 September 2011 - 02:29 PM

My small business was the recipient of a hacked email. Am I at risk now?

Long story, I own a small accounting type business. I sent an email to a client regarding his business. A couple of weeks later, my client replied to my email with some questions about his financial information I maintain. I was fortunately vague in my response and told him he'd need to work with his financial adviser rather than me. I provided his financial adviser's contact information and then he and the financial adviser continued trading emails with regards to his questions/requests. Weeks later, we find out that my client's email had been hacked. After my initial email to the client, the hacker changed the letter O in his email address to a zero and my reply and subsequent emails from the financial adviser were all being sent to the fake email address. Because it involved financial transactions, the whole situation is being investigated by authorities, but I wonder if my computer system is now vulnerable.

My small company does not have an IT department, so I have no idea how to make sure all the other client info and financial info I have on my computer is not in jeopardy. Is it possible that the hacker of my client could hack any info on my hard drive or any of my contacts or clients' email addresses since I traded emails with him too?

Thanks in advance for any thoughts!!

BC AdBot (Login to Remove)

 


#2 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:30 AM

Posted 19 September 2011 - 04:00 PM

So you only exchanged e-mails with that third party?
He did not send you attachments, neither did he send you links you clicked on?

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#3 jpkiser2

jpkiser2
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:30 PM

Posted 19 September 2011 - 04:46 PM

No, no attachments, or links. Just emails asking me for information.

#4 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:30 AM

Posted 20 September 2011 - 01:57 AM

No, no attachments, or links. Just emails asking me for information.


Then he can't have attacked your computers that way. What e-mail client do you use, and which version? Outlook?

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#5 jpkiser2

jpkiser2
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:30 PM

Posted 20 September 2011 - 07:31 AM

Oh, good! I use Outlook 07.

#6 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:30 AM

Posted 20 September 2011 - 07:41 AM

Oh, good! I use Outlook 07.


That's good, then we can also exclude he attacked you with a script attached to his e-mail, because Outlook 2007 would not execute it without warning you first.

So there is no evidence you have been attacked via e-mail.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#7 jpkiser2

jpkiser2
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:30 PM

Posted 20 September 2011 - 12:58 PM

What about Outlook 2002 SP3...my office also uses that version.

#8 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:30 AM

Posted 21 September 2011 - 12:17 PM

If I remember correctly, Outlook 2002 does not block attachments like scripts, but Outlook 2003 does.

Did you open attachments from this person with Outlook 2002?

If not, then there is no evidence of an attack.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#9 jpkiser2

jpkiser2
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:30 PM

Posted 21 September 2011 - 12:19 PM

No, none of us opened any attachments from the hacker. (I don't even think he sent any attachments for that matter.) It sounds like we're safe. Thank you for all your help and information, it's a relief!!

#10 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:30 AM

Posted 21 September 2011 - 01:45 PM

No, none of us opened any attachments from the hacker. (I don't even think he sent any attachments for that matter.) It sounds like we're safe. Thank you for all your help and information, it's a relief!!


You're welcome. But I recommend you upgrade Outlook 2002.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users