Just had 3 mail delivery failure notices in one of my +net mailboxes for an e-mail I haven't sent. The original message is in Japanese, and Google Translate translates it as a message telling me that (whoever it is) has been monitoring my internet activity for some months, having uploaded a trojan to avoid AV detection. It then goes on to 'request' a sum of bitcoin to stop a video they claim to have made from being sent to all my contacts.
As I said, I haven't sent any e-mails from that account which would tally with the time shown on the failure notices. If I'm reading the info in them right, the messages were received at an account in Japan from an IP address in New Zealand:
Received: (qmail 15757 invoked from network); 8 Sep 2020 05:08:09 +0900 Received: from 101-100-131-215.myrepublic.co.nz (18.104.22.168) by mail09s.cside.jp with SMTP; 8 Sep 2020 05:08:09 +0900
Does this mean that my mailbox has been compromised, or is this simply an old-style 'spoofing' attempt?
If the former, any suggestions as to what I can do?
(I've run a full AV scan and a Malwarebytes threat scan, but both come up negative.)
Fixed! Go to the fix.
It's not your mailbox, your email address has fallen into the hands of the bad guys. Your choice is either to put up with scam messages now or change your email address. If you put your email address into this web site it might tell you the source and what has been leaked. https://haveibeenpwned.com/
Moderator and Customer
If this helped - select the Thumb
If it fixed it, help others - select 'This Fixed My Problem'
Re: Compromised Mailbox?
Thanks for that link. It seems to suggest that no breach has taken place, so I suspect that that e-mail address has simply got out there somehow.
I think I can live with it for now (vigilantly, of course), although changing it might become necessary (and a real pain in the [self-redacted] because of all the ways I use that one).