Skip to content

Help, my Email has been hi-jacked, what do I do?

Some possibilities:
1) most commonly done; someone is simply forging your address into the “From” field to email that never actually comes near your mail server(s). This is very easy to detect by the recipient because the mail routing path clearly does not match the route that real mail from you would take. Problems with this kind of hijack – it is impossible to prevent (since it requires nothing from you) and it depends on the recipient of the email being shrewd enough to figure out that someone has forged an email from you (and most people are so happy to hear from you they don’t bother to check before opening the message). The risks: mostly just misunderstanding and disappointment when they realize it’s forged/spam or they’ve been fooled. Rarely a bit of misdirected anger (some clueless recipients think it’s your fault this happened). Very rarely, a virus or trojan horse slips through protection because the “from” address was white-listed and trusted inappropriately.

2) somewhat less common, but only for people who use MSIE on Windows in combination with Outlook and who don’t spend hours and hours every week fighting malware on their own PC: a trojan horse gets planted on the computer of the person with the From address, and then reads their address book and mail spool, and begins posing as them from their own computer to send out copies of itself and then carry out the will of it’s authors or commissioners. This is both nefarious and tough to detect at the recipient side, because the mail routing looks exactly right! It is also much more dangerous as one compromised computer can jump to new tactics and run sniffing software to capture information from the local LAN (local to the compromised computer); because others may trust the sender and routing info and trust the inbound message making the trojan horse spread easier. It is pretty much only likely to infect people who use MSIE and Outlook on a Windows PC. Break any of those three items and it is much harder and more rare to get infected/hyjacked.

3) very rare; the hyjacker knows you, and specifically frames you by subscribing your email address to a bunch of websites you are not interested in, then sends a bunch of email as you and pretends to be you. This is really nasty as you can end up getting a bunch of crap you never asked for (problematic at clueless employers) and because it is harder to detect a human posing as you in emails, so your recipient friends might never know they are dealing with an poser. The saving grace is that typically their response to you actually gets to you and not the poser (unless they did not actually hijack your address, but made one up that looks like yours to a human). The thing to remember to tell your employers should this happen to you is that no one has any more control over what comes into your inbox than they have over junk mail sent to them by the post office. I once had this happen to me when I was in the USAF and had to subscribe my Colonel to some spam lists to prove a point (he was trying to give me an article 15 for stuff sent to my work address; and I refused saying I had no control over the crap coming into the box – that I had not asked for it; no one believed me until he started getting porn spam himself).

Sadly, the first and third items on this list are so trivially easy to fix; yet market momentum has made them impossible to fix. We could all reject mail that had no digital signature; and insist on digital certificates or signatures to accept mail. Then we’d know the sender was really the sender. PGP provides this feature, but most people are unwilling to give up accepting unsigned email; so it ends up only being used to send and get lightly secured mail as a feature over regular mail instead of as a complete replacement. Item 2 is hard, because as soon as everyone gives up Windows + IE + Outlook, the crooks will follow them to the new standard; and while there may be a lag by months or years before the new default OS, browser, and mail reader get hacked – they will be. While nothing else is as easy to hack as IE, Outlook and Windows – the financial rewards will put pressure on the crooks to figure out whatever we all switch to.