cancel
Showing results for 
Search instead for 
Did you mean: 

Compromised Mailbox?

FIXED
thejudge
Rising Star
Posts: 621
Thanks: 10
Registered: ‎01-08-2007

Compromised Mailbox?

Just had 3 mail delivery failure notices in one of my +net mailboxes for an e-mail I haven't sent. The original message is in Japanese, and Google Translate translates it as a message telling me that (whoever it is) has been monitoring my internet activity for some months, having uploaded a trojan to avoid AV detection. It then goes on to 'request' a sum of bitcoin to stop a video they claim to have made from being sent to all my contacts.

As I said, I haven't sent any e-mails from that account which would tally with the time shown on the failure notices. If I'm reading the info in them right, the messages were received at an account in Japan from an IP address in New Zealand:

 

Received: (qmail 15757 invoked from network); 8 Sep 2020 05:08:09 +0900
Received: from 101-100-131-215.myrepublic.co.nz (101.100.131.215)
  by mail09s.cside.jp with SMTP; 8 Sep 2020 05:08:09 +0900

 Does this mean that my mailbox has been compromised, or is this simply an old-style 'spoofing' attempt?

If the former, any suggestions as to what I can do?

(I've run a full AV scan and a Malwarebytes threat scan, but both come up negative.)

TIA

2 REPLIES 2
Baldrick1
Moderator
Moderator
Posts: 9,215
Thanks: 4,176
Fixes: 323
Registered: ‎30-06-2016

Re: Compromised Mailbox?

Fix

@thejudge 

It's not your mailbox, your email address has fallen into the hands of the bad guys. Your choice is either to put up with scam messages now or change your email address. If you put your email address into this web site it might tell you the source and what has been leaked.   https://haveibeenpwned.com/

Moderator and Customer
If this helped - select the Thumb
If it fixed it,  help others - select 'This Fixed My Problem'

thejudge
Rising Star
Posts: 621
Thanks: 10
Registered: ‎01-08-2007

Re: Compromised Mailbox?

Thanks for that link. It seems to suggest that no breach has taken place, so I suspect that that e-mail address has simply got out there somehow.

I think I can live with it for now (vigilantly, of course), although changing it might become necessary (and a real pain in the [self-redacted] because of all the ways I use that one).