undefined | Better HN

0 pointsndespres7y ago0 comments

I stated in the next paragraph that the situation could just as easily be reversed. We do not have any way to know in this situation whose mailbox was accessed, the OP, or their client.

0 comments

joezydeco7y ago

Seems more likely it was the client. If the OP was hacked, the thief could have sent a completely legit email with correct headers and etc.

PhasmaFelis7y ago

If OP's mail was hacked, the attacker wouldn't have needed to use a confusingly-similar email address ("abicde@mydomain.com" instead of "abcde@mydomain.com"). They could have used OP's actual address.

ndespresOP7y ago

Good theory but not necessarily true. The attacker might still wish to use a spoofed domain to ensure that they get delivery of all replies.

In cases where Gmail and Office 365 accounts get hacked like this, the attacker will enable email forwarding to an address they can monitor for replies, and delete replies from the clients so that the compromised person does not see them. I am not sure if you can do this easily with a godaddy mailbox.

corobo7y ago

Did you edit it in? Either that paragraph was not there when I replied or I'm losing my ability to read

j / k navigate · click thread line to collapse