I had a similar one... phishing...in outlook express, right click the body then select message options from the drop down. There you will find the header txt. Can't help you with any other mail providers, sorry. The txt info is likely to be 'spoofed' so you won't get far, sorry to say. Except you can report it as phishing to your mail provider....
--
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus
5 webpages, 3 forums and two others kind of important, with the most important one changed about 3 months ago. I have changed the passwords on all theose sites. Mikek
This is the problem with using the same password for many things. Eventual ly one of the repositories is hacked and that password is now known and tie d with your email. So you need to use many passwords or at least different passwords for different levels of security.
I used a basic password for web sites I care not about. Another with more rigorous variations for web sites with no particular repercussions but that should at least be given some protections. The web sites with important i nfo/finances I use passwords that meet nearly anyone's definition of a rand om password.
These emails never actually present any danger in that the people behind th em have no intention of hacking any accounts. They want to frighten you in to sending them money. Ignore the emails, but change all your passwords, e ven the unimportant ones. If you don't remember everywhere you have used t hem, don't fret that. The important ones are the ones you really need to p rotect. It's not even so important that they be highly "random". You just need to not reuse them at web sites that are likely to be hacked and passw ords stolen. Using different email addresses help prevent linking of accou nts when they are hacked... if they don't have your mail address info.
--
Rick C.
- Get 1,000 miles of free Supercharging
- Tesla referral code - https://ts.la/richard11209
It's dressed up as an extortion attempt. But as you suspect, it is likely that the attached file is booby trapped, to finish the takeover job.
Windows has nothing to do with it. I'm on a Mac.
I've gotten three extortion emails over the last few months, but none with an attachement. In all three cases, the email subject was a long-expired COMCAST email password of mine.
Looking in my records, a few years ago COMCAST sent an email to all subscribers that their email address had been compromised, and please change it. Which I did, and nothing bad ever happened.
The password has been changed a few times since then. One time when I got an annoying sales email from Norton saying my email credentials had been found on the dark web (with some kind of link to which one gave an email address), so please subscribe, but never making the key suggestion, that I immediately change my credentials. Which I did, never mind if Norton is or is not correct. But I didn't subscribe either.
Anyway, reading the three extortion emails (all of which were composed from a common script but differ in both details and command of English, and claim to come from different people), one could see that despite all the claims that my computer was compeletly compromised, they actually had only that expired password, and were fishing. They each asked for US $2000 and $3000 via bitcoin to go away.
What I think happened is that the data stolen when COMCAST was penetrated a few years ago has been sold to multiple criminals on the dark web. Or, one very persistent criminal. But, given the differing approaches and levels of English, I think it's three people.
The emails made various accusations, but actualy had no details. What they appear to be doing is to spam these extortion emails out to a very large list, secure in the probability that someone is guilty of at least some of them, and when one gets a live one on the fishhook, it's the gift that keeps on giving.
Anyway, I did not and will not respond in any way.
Check which one of your other accounts have had their customer database leaked to the "dark web". Your snipped-for-privacy@knology.net address shows 4 breaches.
My email address shows 12 "breaches". I've changed my password on all but one account, but all 12 continue to appear since they were first listed. That's because my name, email address, and former passwords are still being offered for sale on the "dark web" and will probably never be removed from the list of "breached" accounts. Therefore, as a minimum measure, I suggest that you:
Not reuse any passwords. Each password should be unique.
Maintain a list of accounts where you have fixed a password leak problem.
Be prepared to change the password again on breached sites because some IT departments are chronically clueless or have internal problems.
Use 2FA (two factor) authentication when available.
Decide if you prefer convenience or security. If you prefer security, I suggest you purge your "saved passwords" from your browser and other password collectors, such as Google: However, if you trust Google, you might try these: "Password Checkup extension"
--
Jeff Liebermann jeffl@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558
They get lists of emails and passwords that have been stolen in the past and send these emails out hoping to scare a few people enough that they can blackmail them into sending cash.
As I have my own domains I use a different email address for every organisation (plus a throwaway gmail account for usenet). It is surprising just how many organisations, even very reputable ones, either sell or leak email addresses. I often tell them when this happens. On one occasion an online supplier investigated and found that the company they used for managing mailshots had sold on their customer list to somebody whose products definitely did not fit well with their customer base. John
I do the same thing and have found similar issues. This often results in a hesitation to use the fabricated email address when a person is in the loo p. I use the company's URL in front of the @ sign and people think that me ans it is an email address at their company. Sometimes I have to call them and talk to someone to get them to even try sending an email. The spammer s don't care at all. They will use any address they get their hands on.
--
Rick C.
+ Get 1,000 miles of free Supercharging
+ Tesla referral code - https://ts.la/richard11209
I had this a month ago. They had my email and a very valid and secret passw ord of mine. It shook me a while. In my case I believe linkedin got hacked and that was how they got it. They had nothing else, but it took me severa l hours to sort it out and convince myself that in the end it was a scam wi th no real teeth behind it
It will be - there are various insecure password archives. You could probably do everybody a service by telling us which one you used that password on. One of them is surely guilty of a serious security breach.
I am not inclined to be forgiving on these scams. Show headers all should provide enough information for you to copy and paste here.
Experian gave my personal information away to hackers because their own system security was found badly wanting. Pay peanuts get monkeys.
I have not choice about it my bank discloses all my personal details to them as a part of it's fraud prevention measures :(
Make sure you change any that use that pattern or a similar one.
And do a deep scan of your PC before you do anything else.
Malwarebytes has always allowed me to dig neighbours out of deep holes. It is just possible your computer has been compromised but it is far more likely that some random site where you used that password has been hacked and the perps are hoped to spook you into doing something stupid.
Like giving them money in bitcoin or downloading malware.
Could you repeat that last sentence in English please?
Good. The attachment itself may very well be malware. You might want to upload it to one of the online malware-checking sites to see just what sort of nasty it was... but the odds are that opening it _would_ compromise your computer.
Good. It's most likely that it wasn't your computer which was hacked... it was the account/password database on one of those sites.
Rule #1: never use the same password on more than one site.
ElectronDepot website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.