Question Spam sent from my Gmail

Toggle sidebar Toggle sidebar
S

Szeska837

Commendable
Apr 20, 2021
27
0
1,530
So I was searching through my Gmail account's messages and checked the sent folder, where I found 2 messages sent to 2 email addresses I don't recognize (one looks like advertising, the other one is just random English text). They're not recent messages, they were sent in 2012 in the middle of the night, so I was most likely sleeping) and they were not delivered to the addresses, got messages in my inbox about them failing. I changed my password immediately after I noticed the notifications about the failed messages, which was around 15 hours later (checked the messages).
The messages are shown to be sent from my email address and appear both in my inbox and sent folders.
After that I found no problems with my account and it's fine to this day. Only those 2 messages are suspicious, nothing else.
I know they're old messages, but I recently started checking my online credentials, because an older email (not Gmail) was found in a data breach (the Gmail was not found).
Do you think my email was hacked at the time? Or something else? Maybe I clicked on a spam email, which sent those 2 messages?
 
Last edited:
Sort by date Sort by votes
I'm assuming since this was back in 2012 the emails were sent (before MFA). This could've been a simple password grab from clicking a link or signing in at the wrong website. Now in that sense where were you working at the time? Were these emails sent to target or intercept a ongoing conversation with a buyer or seller of a product? Was it a novice trying to use your email as a middle man. My final take on this is if it was your personal email they could've been just trying to send out emails to either A: Test if their system was full proof. B: Novice Bad-Actor trying to send phishing emails from an alternate source but doesn't know susceptible destinations. C: You're a sleeping email typing machine.
 
Upvote 0 Downvote
Szeska837 said:
So I was searching through my Gmail account's messages and checked the sent folder, where I found 2 messages sent to 2 email addresses I don't recognize (one looks like advertising, the other one is just random English text). They're not recent messages, they were sent in 2012 in the middle of the night, so I was most likely sleeping) and they were not delivered to the addresses, got messages in my inbox about them failing. I changed my password immediately after I noticed the notifications about the failed messages, which was around 15 hours later (checked the messages).
The messages are shown to be sent from my email address and appear both in my inbox and sent folders.
After that I found no problems with my account and it's fine to this day. Only those 2 messages are suspicious, nothing else.
I know they're old messages, but I recently started checking my online credentials, because an older email (not Gmail) was found in a data breach (the Gmail was not found).
Do you think my email was hacked at the time? Or something else? Maybe I clicked on a spam email, which sent those 2 messages?
Click to expand...

Gmail has a login history. Check that. Also IF the email has header info, check to see if the words "Apparently from" and "Apparently to" show up. If you find those words show up, someone likely used an open email relay port to imitate you.
 
Last edited by a moderator:
  • Like
Reactions: GearJJ
Upvote 0 Downvote
GearJJ said:
I'm assuming since this was back in 2012 the emails were sent (before MFA). This could've been a simple password grab from clicking a link or signing in at the wrong website. Now in that sense where were you working at the time? Were these emails sent to target or intercept a ongoing conversation with a buyer or seller of a product? Was it a novice trying to use your email as a middle man. My final take on this is if it was your personal email they could've been just trying to send out emails to either A: Test if their system was full proof. B: Novice Bad-Actor trying to send phishing emails from an alternate source but doesn't know susceptible destinations. C: You're a sleeping email typing machine.
Click to expand...

They were sent to a foreign address and some school address, the second was apparently a reply email too, but I see no replies. I'm not really concerned about the spam messages, but rather my personal documents in the letters, there's no way to tell if they could see them, if they really did login to my account. This was 10 years ago, though, and nothing happened yet and being concerned about it now doesn't really help, I know.

digitalgriffin said:
Gmail has a login history. Check that. Also IF the email has header info, check to see if the words "Apparently from" and "Apparently to" show up. If you find those words show up, someone likely used an open email relay port to imitate you.
Click to expand...

Checked the header info and I see no "apparently from" part..
 
Last edited by a moderator:
Upvote 0 Downvote
Who knows what may have transpired 10 years ago.

A lot has changed since then. There are probably emails from companies and organizations that no longer exist.

For the most part any sort of postmortem is likely an exercise in futility.

Just let it go and spend the time saved on double checking your current security configurations etc..

Be careful about links that you click (especially in emails). Google emails that you do not recognize using keywords, addresses etc. before opening the email.

White list your contact list. All other emails go to a junk folder for further review. Most can likely be deleted without opening them at all. Just read the headers carefully.

Change aging passwords, invoke 2FA, update AV software.

And, as always, ensure that all important data is backed up at least 2 x to drives off of the current host drive.

Verify that the backups are recoverable and readable.
 
  • Like
Reactions: digitalgriffin and Deleted member 14196
Upvote 0 Downvote
Ralston18 said:
Who knows what may have transpired 10 years ago.

A lot has changed since then. There are probably emails from companies and organizations that no longer exist.

For the most part any sort of postmortem is likely an exercise in futility.

Just let it go and spend the time saved on double checking your current security configurations etc..

Be careful about links that you click (especially in emails). Google emails that you do not recognize using keywords, addresses etc. before opening the email.

White list your contact list. All other emails go to a junk folder for further review. Most can likely be deleted without opening them at all. Just read the headers carefully.

Change aging passwords, invoke 2FA, update AV software.

And, as always, ensure that all important data is backed up at least 2 x to drives off of the current host drive.

Verify that the backups are recoverable and readable.
Click to expand...

Good list Ralston

I will also add that you can password protect just about all word/excel/power point documents. While the encryption is rather low grade by today's standards, it will thwart 99% of hackers.
 
Upvote 0 Downvote
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom