Unauthorised access to Email and internet banking

15 pts.
Tags:
Email
IP addressing
Security
Is it possible that someone could hack into an email account (without changing your passwords), send and recieve emails from your hotmail account while making it look like it came from your IP address, set up fake dating site profiles in your name (with all of your details, photographs etc) , and somehow managed to hack into your bank accounts and paid for these profiles on line with your money, quite possibly for the last 2 years without your knowledge? Someone claims to have had this happened to him. Says that the hacker has accessed his information through the use of a R.A.T Trojan, and that hotmail gave him this information. If this is true then this would be some kind of personal attack, not just some random hacker looking for kicks would it not? And is it possible that microsoft or hotmail would even bother to look into this for him? And if so would they ever send him pictures of what this hacker may have used on these profiles. ie pictures of other people (possibly used on the profiles), or of other dating site members the hacker may have contacted. Would this not be against their privacy laws? I have the email source files from an email he claims a hacker sent to somebody else. All IP addresses in the recieved headers belong to hotmail or microsoft. The X originating IP address belongs to the "victim". Can this be forged and is there anyway of being able to tell if it had. All dates in the headers seem to match also. (ie gmt time in recieved header matches x original arrival time when converted to australian time) Please help!
ASKED: February 26, 2008  2:06 AM
UPDATED: February 26, 2008  11:12 PM

Answer Wiki

Thanks. We'll let you know when a new response is added.

yes it is very possible to do this unfotunately. free internet email accounts unfortunately pose a possible hacking threat. there is a possible way to catch him if he is still using the account. you can pay for a tracking service. what they do is send an email to the account. when it is opened it sends a email back to where you specify and it shows every hop it took getting to where it was opened. router to router down to the last IP address. My co-worker used it to track down a domain squatter even though he was using free internet email because it tracked him down to the IP address he was using at that time. I don’t know the name of the company but I will find out and get back to you.

Discuss This Question: 4  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Denny Cherry
    I would concur that it is possible, but to the level which you have described is not very likely. Microsoft / Hotmail may have looked into it, but they probably won't have sent screenshots of personal ads opened under that users email address. After all how would they have found the personal ad? An email could have been in the users email box from the personal site, but then the user could have simply gone to that site and looked at it him self. Can headers be forged, yes. Is it easy, probably not. Is it easy to do once the email has been downloaded and stored, sure. A hex editor can do it fairly easily. If the originating email is his computers public IP then it came from his machine, not just his Hotmail account.
    65,490 pointsBadges:
    report
  • Lucy
    The IP address comes from his work server which covers the whole state. His excuse is it could have been anyone working for his company who may have accessed his hotmail account. When he emails me however the IP address is different when he uses hotmail and different when he uses his work's emailing system (outlook I think), even though its from the same machine. How does this work? When I do a search they both come up as coming from the same server though. Does his hotmail IP somehow differentiate his machine from the others on this server? Basically this is my boyfriend claiming a hacker has done this to him. Accessed his email, internet banking, and put up fake dating site profiles, possibly for the purpose of some kind of personal attack. So basically I'm trying to work out the likelyhood of this happening. I also came across some pictures he claims hotmail sent to him with regards to this issue to show him what the hacker had been using/accessing. I'm finding this hard to believe and would just like to be certain that microsoft would not do this kind of thing.
    15 pointsBadges:
    report
  • Spadasoe
    Lucy Time to find a new boyfriend.... If he is more concerned about the hotmail and dating profiles than he is about his bank accounts (hope they're not joint) he's shining you on.
    5,130 pointsBadges:
    report
  • Jerry Lees
    Doing all these things would be much less likely than this either being; a personal attack from the system or this being a denial of having done those things. Forging mail headers is pretty easy stuff. However, it would be difficult to forge the Recieving server's portion of the header. For examle, the portion that your ISP places on the message when it recieves it, who it recieved it from and who they said they were. Doing this would require you're ISP's server to be comprimised. Most mail messages are sent in either GMT Time or UTC time as a reference for the time because, remember an e-mail form russia really take no longer to be recieved than from a neighbor who is on another ISP than you. As an example, this forum posts messages in GMT because it is a standard time zone to use so that timeframes can be established. As for hotmail, it is possble the hotmail account was hacked, this would certainly cause everything in the header to be correct. Especially if you use the same password for all your accounts and they got a hold of another account somewhere else. If Microsoft did look into it, it would not likely be for him. It would be for them--- so they could prosecute if needed.
    5,335 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following