So I'm curious about something and the people on this board knows way more than my IT department so I thought I'd get some good information here.
We all get phishing emails where we are sent something that looks like an adobe file or what not saying "invoice, please open," or things along those lines. More often lately, I have been getting these emails from people I know. I have been thinking that in most of these cases, the hackers are spoofing people's email. As such, I have made it my practice to send an email back to the person I know to tell them someone got into their contacts or what not, and they are grateful.
On two different occasions in the last week, I received emails basically saying, "Here is the updated project description." One was from a person I'm actively working with; one is not.
In both cases, I sent the email back to the account and said, "I don't think you meant to send this." And in both cases - here is what gets me - the hacker replied to me, "Yes, I did. Please review."
So here's my question. I'm not surprised that hackers can take over someone's email address, but what does it mean that the hacker is replying in real time? If it doesn't really mean anything other than the hacker is in the system, that's fine, I just wanted to know. But I'm just wondering if this means that something even worse has happened to the other users' systems - i.e., the hack is deeper or the hacker has more control.
Sorry if this question is dumb but I just had not seen that before this week and it happened twice!
We all get phishing emails where we are sent something that looks like an adobe file or what not saying "invoice, please open," or things along those lines. More often lately, I have been getting these emails from people I know. I have been thinking that in most of these cases, the hackers are spoofing people's email. As such, I have made it my practice to send an email back to the person I know to tell them someone got into their contacts or what not, and they are grateful.
On two different occasions in the last week, I received emails basically saying, "Here is the updated project description." One was from a person I'm actively working with; one is not.
In both cases, I sent the email back to the account and said, "I don't think you meant to send this." And in both cases - here is what gets me - the hacker replied to me, "Yes, I did. Please review."
So here's my question. I'm not surprised that hackers can take over someone's email address, but what does it mean that the hacker is replying in real time? If it doesn't really mean anything other than the hacker is in the system, that's fine, I just wanted to know. But I'm just wondering if this means that something even worse has happened to the other users' systems - i.e., the hack is deeper or the hacker has more control.
Sorry if this question is dumb but I just had not seen that before this week and it happened twice!