for display only
Big Blue Interactive The Corner Forum  
Back to the Corner

Archived Thread

NFT: Computer Security Help

Samiam : 1/27/2023 5:15 pm
I get a message the other day from Microsoft that it detected an unusual sign in attempt for my hotmail account. The attempt was from Moscow and the Microsoft email landed in my junk file and I didn't see it for a few days. I reported back that it wasn't me. This morning I checked my sent file and there was an email that I did not send. The date was a few days before the attempt to log in. It went to a financial advisor that I don't use but I get monthly emails with financial information. I had met with this advisor years ago but decided not to use. The email in my sent said here's names and addresses of friends that I think would like to receive information from.

I immediately changed my password on the hotmail account and the other email addresses I use and enabled two step authentication on everything that didn't have it before. I checked all my financial stuff and that as the two step authentication and seems ok. I'm asking is that's enough or if I should do something else like delete the hotmail address or something else.

Thanks for any help.
That sounds good to me.  
D HOS : 1/27/2023 5:40 pm : link
Strange that someone would access your hotmail just to send spam to one recipient.

I think by changing your hotmail password (assuming you chose well), having MFA on your financial services accounts, checking on things as you have done, you've responded appropriately.

I don't know if Hotmail supports MFA but if it does, enable it.

I'd consider using another mail service however. Microsoft, Yahoo, Google, the big names are big targets though they are simple and effective to use.

Personally I use a smaller less well known email service that does provide me good support and is very well regarded for security and privacy.

If you have the technical skills to handle a bit more in depth setup, consider Zoho for email, or if you are on the paranoid side, look at Proton.

Check your email headers  
JohnF : 1/27/2023 5:59 pm : link
when you're not sure about an email coming to you.

How to Get Email Headers

It's possible the financial advisor's computer or email account got hacked, and a bad guy has all their contact info for clients.

Looking at the header will tell you if this email came from that advisor, or someone else. In general, NEVER reply to email you're not sure about. Open up another client (yahoo, gmail, etc), and let the advisor know about this if you see his email coming from another address.

I'd look for a more secure email than Hotlook, btw, but that's your choice.
what John F said  
markky : 1/27/2023 6:03 pm : link
also change the username (when possible) and password of all financial account, and change the email account associated with those accounts. create a new email address used only for that purpose and nothing else.
Another possibile explanation  
Chocco : 1/27/2023 6:17 pm : link
Not saying this is the case, but I have seen this a few times before with sent emails.
If you had originally sent an email to that address and for whatever reason it was not delivered, sometimes after a period of time it will come up as a sent email. A lot of times you will also get an error message in your inbox saying it wasn't able to send it.
Again I am not saying that is what happened here, but it is one possible explanation.
Back to the Corner