Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malicious Emails Sent from My Account


  • Please log in to reply
5 replies to this topic

#1 Kerbalstuff

Kerbalstuff

  • Members
  • 2 posts
  • OFFLINE
  •  

Posted 25 October 2016 - 10:25 AM

Hey, this morning my grandma got an email from what she thought was my parents email as it was the same but it ended with @nep.net instead of @sky.com (Who provides our Internet) . It said "Good evening <my grandma's name>) but it was sent at 09:27. It also contained this link: http://mgmima¦rlik.com/ru¦bber.p¦hp?decide=r20b06n¦ycr77k

(I added a few ¦ symbols so you don't accidentally click it)

If anyone could open this in a virtual machine that would be great, but anyway, we don't know what to do and how to stop this. We have been told before that our router could have been hacked but we don't know anything for sure.

Thanks. DC

BC AdBot (Login to Remove)

 


#2 Al1000

Al1000

  • Global Moderator
  • 7,979 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:04:02 PM

Posted 25 October 2016 - 10:37 AM

Hi DC, and welcome to Bleeping Computer.

VirusTotal reports this link as safe:

https://www.virustotal.com/en/url/72491d7fa0520efa29d8cd9d939c3b08eeda146915cc57ff6b5c5a7559deb665/analysis/1477409439/

I will move your thread to an appropriate forum where members can give you further advice on this issue.

#3 SafetySteve

SafetySteve

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Northern California.
  • Local time:07:02 AM

Posted 25 October 2016 - 10:48 AM

The title of your post says "Malicious Emails sent from my account".  But your post above talks about receiving an email and following a link.  Is there more to the story?

 

Why do you suspect that your router has been hacked?

 

Did you change the default password when you got your router?  

Have you checked for any firmware updates for your router?



#4 Kerbalstuff

Kerbalstuff
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  

Posted 25 October 2016 - 11:02 AM

No, we didn't. We were told by the man who built our computer that when he was setting up the router that there was some dodgy stuff in the log.

#5 RolandJS

RolandJS

  • Members
  • 4,533 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin TX metro area
  • Local time:10:02 AM

Posted 25 October 2016 - 11:35 AM

The title of your post says "Malicious Emails sent from my account".  But your post above talks about receiving an email and following a link.  Is there more to the story?

That's not unusual, once or twice yearly, I get email "from myself to myself".  I'm suspecting his email address is being spoofed from afar; however, it might be or ,it might not be, the router and the email account.


Edited by RolandJS, 25 October 2016 - 02:29 PM.

"Take care of thy backups and thy restores shall take care of thee."  -- Ben Franklin revisited.

http://collegecafe.fr.yuku.com/forums/45/Computer-Technologies/

Backup, backup, backup! -- Lady Fitzgerald (w7forums)

Clone or Image often! Backup... -- RockE (WSL)


#6 SafetySteve

SafetySteve

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Northern California.
  • Local time:07:02 AM

Posted 25 October 2016 - 01:33 PM

No, we didn't. We were told by the man who built our computer that when he was setting up the router that there was some dodgy stuff in the log.

It is important that you change the default admin password for your router.  

It is important that you check for firmware updates for your router.

 

Did the person who noticed the "Dodgy" stuff on the router log elaborate or do anything to mitigate the problem?

 

I agree with RolandJS that the email is not an indicator of being infected or problem.  

 

With the Virustotal URL Scan done in a timely manner revealing a clean site, I would focus on educating your Grandma about being more aware of security risks such as this incident raises.  






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users