You might get a suspicious email from a friend and assumes that said friend’s computer or email account has been hacked. Conversely, a friend may tell you of a dodgy email they received from you.
Often neither of you has been hacked so what has happened?
A scammer somehow gets hold of an email with several recipients including yourself and your friend.
The scammer then picks an email address and sends a fraudulent email to you which seems to come from your friend. This is not difficult to do.
Often scammers might use an address similar to your friend’s one. So if friend’s email is gordonbennet47@hotmail.com they might create a fake email account called gordonbennet47@gmail.com or gordonnbennet47@hotmail.com and send you a mail from there. It’s easy not to notice the disparity.
Countermeasures
There’s not much than can be done, but as a precaution, get your friend or whoever the emails are seemingly coming from to change their email password. This is just in case they’ve suffered a phishing attack per below.
How does the scammer get the email addresses?
Phishing
A scammer needs to get into just one email account to start his devious strategy.
Usually this is done by sending out loads of convincing looking emails which encourage the recipient (the ‘patsy’) to open a link.
The patsy clicks the innocuous looking like is presented with a challenge like “As a security measure, please proceed by entering your email password”. Patsy enters this and is taken to somewhere unremarkable such as Amazon. The patsy shrugs and forgets the whole thing.
Meantime the scammer then has the password and access to their email. This is known as phishing.
The scammer scans the email account and finds a group email to, say, a dozen emails. Scammer can then start sending fake emails from one to the other in the hope that somebody falls for the scam.
Website hacking
People often use the same password for their email and everything else. Somebody doing this might register their details (email address and password) on a legitimate but badly secured website.
A hacker then cracks the site and gets the list of emails and passwords. There’s a good chance that in many cases the password used is the same as the email password.
As a countermeasure never register an account on a site using your email password, think up something else.
Dodgy data brokers
There are people on the so called ‘dark web’ who will buy email addresses from scammers and sell them on to other scammers. There’s a fair chance that your email address is lurking on a few dodgy databases along with those of some of your contacts and friends. There’s nothing you can do about this.