Comments on: Unauthorised access to Email and internet banking

By: jlees

jlees — Tue, 26 Feb 2008 23:12:57 +0000

Doing all these things would be much less likely than this either being; a personal attack from the system or this being a denial of having done those things.

Forging mail headers is pretty easy stuff. However, it would be difficult to forge the Recieving server’s portion of the header. For examle, the portion that your ISP places on the message when it recieves it, who it recieved it from and who they said they were. Doing this would require you’re ISP’s server to be comprimised.

Most mail messages are sent in either GMT Time or UTC time as a reference for the time because, remember an e-mail form russia really take no longer to be recieved than from a neighbor who is on another ISP than you. As an example, this forum posts messages in GMT because it is a standard time zone to use so that timeframes can be established.

As for hotmail, it is possble the hotmail account was hacked, this would certainly cause everything in the header to be correct. Especially if you use the same password for all your accounts and they got a hold of another account somewhere else.

If Microsoft did look into it, it would not likely be for him. It would be for them— so they could prosecute if needed.

By: spadasoe

spadasoe — Tue, 26 Feb 2008 14:43:45 +0000

Lucy
Time to find a new boyfriend…. If he is more concerned about the hotmail and dating profiles than he is about his bank accounts (hope they’re not joint) he’s shining you on.

By: lucy

lucy — Tue, 26 Feb 2008 08:05:55 +0000

The IP address comes from his work server which covers the whole state. His excuse is it could have been anyone working for his company who may have accessed his hotmail account. When he emails me however the IP address is different when he uses hotmail and different when he uses his work’s emailing system (outlook I think), even though its from the same machine. How does this work? When I do a search they both come up as coming from the same server though. Does his hotmail IP somehow differentiate his machine from the others on this server?
Basically this is my boyfriend claiming a hacker has done this to him. Accessed his email, internet banking, and put up fake dating site profiles, possibly for the purpose of some kind of personal attack. So basically I’m trying to work out the likelyhood of this happening. I also came across some pictures he claims hotmail sent to him with regards to this issue to show him what the hacker had been using/accessing. I’m finding this hard to believe and would just like to be certain that microsoft would not do this kind of thing.

By: mrdenny

mrdenny — Tue, 26 Feb 2008 05:26:24 +0000

I would concur that it is possible, but to the level which you have described is not very likely.

Microsoft / Hotmail may have looked into it, but they probably won’t have sent screenshots of personal ads opened under that users email address. After all how would they have found the personal ad? An email could have been in the users email box from the personal site, but then the user could have simply gone to that site and looked at it him self.

Can headers be forged, yes. Is it easy, probably not. Is it easy to do once the email has been downloaded and stored, sure. A hex editor can do it fairly easily.

If the originating email is his computers public IP then it came from his machine, not just his Hotmail account.