• Malicious mail becomes invisible

    Tags:

    Author
    Topic
    #2254199

    I am using Outlook Professional Plus 2016. Today I received an e-mail demanding payment in bit-coins. In this mail it states that the sender will be notified when I have read the mail. I deleted it, but it did not show up in the deleted folder. I then decided to undelete it and move it back to the drafts folder so that I could study the header (and of course the content for factual errors). I could not see the mail in any of my folders. But when I did a search on the first three leters of the senders name, Outlook found the mail. I still cannot move it to another folder. These are my questions:

    1. How does this mail become impossible to delete or see in any folder?
    2. What can I do to protect myself against this type of mail in the future?
    3. How can I delete this mail.
    4. The sender’s domain is Hotmail.com. To whom should I send a mail advising them of this abuse of a Hotmail account?

    Thanks for any and all help!

    Viewing 6 reply threads
    Author
    Replies
    • #2254220

      “The sender’s domain is Hotmail.com. To whom should I send a mail advising them of this abuse of a Hotmail account?”
      — Do not send an email to them or at any time in an unknown situation.

      Unfortunately I don’t know the best way for you to handle your situation and I know I’ll be learning.

      HP EliteBook 8540w laptop Windows 10 Pro (x64)

    • #2254281

      ONLINE EXTORTION SCAMS INCREASING DURING THE COVID-19 CRISIS
      FBI Public Service Announcement – 04/20/2020

      Determine the folder path of a message found in Search results

      How to Report Fraud to Hotmail

      You can’t really protect yourself against receiving this type of email. I’ve received two in the last week.

      4 users thanked author for this post.
    • #2254300

      I can only tell you what I do, and you can make your own decisions.  I have a couple of outlook email accounts, and each was set up for my specific uses.  On either account, when I receive an email from an address I don’t recognize, I don’t open it, I just delete it; it can only be spam.

      Those email accounts serve my purposes quite well, and I don’t need to concern myself with anything addressed to those accounts that does not correspond with the purposes for which I set up the accounts in the first place.

      I have several email accounts, including some throwaway accounts with fictitious names that I sometimes use for site registration for those websites I want to visit that demand registration.  I never check these throwaway email accounts; I don’t care about any email that gets sent there.

      Always create a fresh drive image before making system changes/Windows updates; you may need to start over!
      We were all once "Average Users". We all have our own reasons for doing the things that we do with our systems, we don't need anyone's approval, and we don't all have to do the same things.

      • #2254938

        bbearren: “when I receive an email from an address I don’t recognize, I don’t open it, I just delete it; it can only be spam.

        Do you first look at them in the “Preview” panel?

        Unless you set the email client to keep it closed, the visible contents (text, pictures) should show up there for examination before actually opening the email oneself, looking, for example, for spelling, grammar, or factual errors, wrong title banner, logos, etc. (Regardless of whether the panel is open or not, one may also check the actual headers of the suspicious message, with the whole story from sender to receiver, server by server along the way — your own procedure saves you this trouble, obviously.)

        I remember reading some contradictory opinions as to whether keeping the panel open may or may not be asking for trouble.

        Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

        MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
        Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
        macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

    • #2254681

      What can I do to protect myself against this type of mail in the future?

      I was looking for driver updates and an article mentioned a company. I checked the site and it looked okay so went to download their program and had to supply an email. I used one of my online ones and downloaded the program but it didn’t help with my issue so I uninstalled it.

      I’m sure I opted out of any newsletters but began to get advertisement emails from them which my online email forwarded to my personal account. I had to create filters in my online email account and local account so their emails were treated like spam and deleted. I used keywords like “newsletter”, “sale”, and the company’s name. The balance is blocking the right words (bitcoin in your case) but not whole domains like hotmail or your legitimate contacts may get blocked. But, as others have said it’s impossible to avoid them all.

      One thing to do also is remind your contacts to not send ‘anonymous’ web emails or you will just delete them. I have a friend who uses an online account with a random/gibberish name (something like qx25rty99 @ gmail.com for example )and he rarely emails me from it so I forget it’s his and delete the emails. I told him to mention his name in the subject- for example :”Dinner with Josh Friday?”

      Hope it all works out.

       

      • This reply was modified 3 years, 10 months ago by firemind.
    • #2254961

      The sender’s domain is Hotmail.com. To whom should I send a mail advising them of this abuse of a Hotmail account?

      Well, the standard approach would be to forward the thing to “abuse@hotmail.com”; stick to the bare facts, and don’t give away any personal info when you report it. “abuse@xxx.domain” usually get some sort of response.

      Also, email headers can be easily forged, so this may not do that much good, but it never hurts to try.

      I currently use a dedicated email client, “Thunderbird”, that seems to be fairly well hardened for personal use. Just keep your Malware and A/V programs updated and with the latest definitions…but you know that.

      Wish I could help with the MS email client, but haven’t used it in decades.

      Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Greenhorn
      --
      "The more kinks you put in the plumbing, the easier it is to stop up the pipes." -Scotty

    • #2254963

      Surprising that no one has mentioned MailWasher, which lets you view emails while they are still on your ISP’s server, and delete any you don’t want from there, before Outlook (or any mail client) even starts.  Lots of other nice features as well, such as permanent filters.

      Windows 10 Pro 64 bit 20H2

      3 users thanked author for this post.
      • #2254971

        That is a good one. I use PopPeeper to do the same thing. The upshot is screening and deleting bad emails is a good thing, especially before Outlook downloads those emails.

        1 user thanked author for this post.
      • #2255071

        I have been running MailWasher PRO since its inception back before 2000. It is marketed by a company named Firetrust in New Zealand. I still act as a Beta tester for them.

        1 user thanked author for this post.
    • #2258919

      I am having my own website, mail server this using: Apache SpamAssassin

      This is automated service about checking and validating sender prior delivering email at my mailboxes.

      I was have to disable it ( while it does work well) because I wanted to know the sources of incoming SPAM.

      Best way to avoid on-line extortion due someone which stolen your password from a specific website that you did register.

      This is setting a password this starting with specific website domain name and other characters of your choice.

      If you ever receive extortion by a sender saying that he knows your master password, you will be aware of which server were attacked.   And you may renew your password just at this one.

      Win7 Pro (Blue Retail Box) i7 4770 - 16GB DDR3 2400XMP - GTX1060 6GB - Professional Workstation

      • This reply was modified 3 years, 9 months ago by Kiriakos T..
    Viewing 6 reply threads
    Reply To: Malicious mail becomes invisible

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information: