What's new

Opened a Phishing Scam email..?

Dual Wielder

FULL MEMBER
Joined
Aug 7, 2019
Messages
1,601
Reaction score
3
Country
Pakistan
Location
United Kingdom
Some background, my email is @h0tmail. com account, which now uses 'outlook' (another microsoft company). Anyway so I foolishly clicked on an email pretending to be administration saying that my account was logged in from somewhere else; and inside the email there was a small blue box, forgot what it said but I assume it was a link, as it wanted to verify some info. I did NOT click on the link as I had some suspicions, and so I went back to the main page looking for options/(Alerts) telling me to check the I.P address from where my account was supposedly compromised from... to no avail I didn't find any such info/alerts.

I Then hovered my mouse over the email, and found the email address was definately not from administration as it was normal one: something @h0tmail. com.

So my question is it possible to get a virus/ malware from merely opening an email, even if I do not click on any links/ or download files etc?

Question number deux, I use 2 seperate browsers; chrome, firefox. Chrome is primarily used for banking, online shopping/ checking emails ect (all the important stuff), my passwords and usernames are already saved within the browser. Are these secure? i.e. is it possible for someone from the outisde like the piece of crap mentioned above to harvest sensitive data/info?


---
other useful info
Windows 8.1
anti virus soft: Windows defender (already scanned results came as negative).
 
. .
Some background, my email is @h0tmail. com account, which now uses 'outlook' (another microsoft company). Anyway so I foolishly clicked on an email pretending to be administration saying that my account was logged in from somewhere else; and inside the email there was a small blue box, forgot what it said but I assume it was a link, as it wanted to verify some info. I did NOT click on the link as I had some suspicions, and so I went back to the main page looking for options/(Alerts) telling me to check the I.P address from where my account was supposedly compromised from... to no avail I didn't find any such info/alerts.

I Then hovered my mouse over the email, and found the email address was definately not from administration as it was normal one: something @h0tmail. com.

So my question is it possible to get a virus/ malware from merely opening an email, even if I do not click on any links/ or download files etc?

Question number deux, I use 2 seperate browsers; chrome, firefox. Chrome is primarily used for banking, online shopping/ checking emails ect (all the important stuff), my passwords and usernames are already saved within the browser. Are these secure? i.e. is it possible for someone from the outisde like the piece of crap mentioned above to harvest sensitive data/info?


---
other useful info
Windows 8.1
anti virus soft: Windows defender (already scanned results came as negative).
If u didn't click any link and only opened the email...u should be fine.

Also I'd recommend upgrading ur windows 8.1 to windows 10. I find windows 10 better than windows 8.

As for the login info stored in ur browser for quickly logging in...
...if someone is to gain access to ur computer...whether directly or remotely...they can potentially access that login info. I would recommend some password manager like dashlane. U can store ur login info...it will be encrypted...allowing u the facility of logging in quickly and not having to remember all the different logins...while also safeguarding it.
 
.
Change your password for safety measure. Link your account or your mobile number to make it even more secure.
The google chrome password should be only saved if you are logged in through gmail account.
Anyone who has the password to your computer can view these passwords.
 
.
North Korea conducted a widescale phishing attack today targeting several countries

Looks like you fell for it
 
.
If u didn't click any link and only opened the email...u should be fine.

Also I'd recommend upgrading ur windows 8.1 to windows 10. I find windows 10 better than windows 8.

As for the login info stored in ur browser for quickly logging in...
...if someone is to gain access to ur computer...whether directly or remotely...they can potentially access that login info. I would recommend some password manager like dashlane. U can store ur login info...it will be encrypted...allowing u the facility of logging in quickly and not having to remember all the different logins...while also safeguarding it.

Not fond of W10, plus currently using touch screen ultrabook so win 8.1 is more user friendly...

I keep hearing about password managers, but tbh I saw them as a possible liability i.e. all eggs in one basket.. admittedly not very versed on the topic, but I may look more objectively into password managers now. I curently got many accounts logged in chrome, and reluctantly am leaning towards deleting everything just to be on the safe side. My issue isn't just having to remember them, its malware like keyloggers.. where I have become customed to writing usernames/ passwords in a jumbled order, occasionally adding words here and there just in case to throw it off (was infected with the malware in the past).. which is painstaking


North Korea conducted a widescale phishing attack today targeting several countries

Looks like you fell for it

Well if it's my buddy the rocketman, they maybe I can breathe a sigh of relief


Change your password for safety measure. Link your account or your mobile number to make it even more secure.
The google chrome password should be only saved if you are logged in through gmail account.
Anyone who has the password to your computer can view these passwords.

Do you know if chrome encrypts login details? for hotmail accounts...
 
.
Some background, my email is @h0tmail. com account, which now uses 'outlook' (another microsoft company). Anyway so I foolishly clicked on an email pretending to be administration saying that my account was logged in from somewhere else; and inside the email there was a small blue box, forgot what it said but I assume it was a link, as it wanted to verify some info. I did NOT click on the link as I had some suspicions, and so I went back to the main page looking for options/(Alerts) telling me to check the I.P address from where my account was supposedly compromised from... to no avail I didn't find any such info/alerts.

I Then hovered my mouse over the email, and found the email address was definately not from administration as it was normal one: something @h0tmail. com.

So my question is it possible to get a virus/ malware from merely opening an email, even if I do not click on any links/ or download files etc?

Question number deux, I use 2 seperate browsers; chrome, firefox. Chrome is primarily used for banking, online shopping/ checking emails ect (all the important stuff), my passwords and usernames are already saved within the browser. Are these secure? i.e. is it possible for someone from the outisde like the piece of crap mentioned above to harvest sensitive data/info?


---
other useful info
Windows 8.1
anti virus soft: Windows defender (already scanned results came as negative).
Change Pass immediately and your immediate details,
Get 2 step verification setup ASAP
 
.
Not fond of W10, plus currently using touch screen ultrabook so win 8.1 is more user friendly...

I keep hearing about password managers, but tbh I saw them as a possible liability i.e. all eggs in one basket.. admittedly not very versed on the topic, but I may look more objectively into password managers now. I curently got many accounts logged in chrome, and reluctantly am leaning towards deleting everything just to be on the safe side. My issue isn't just having to remember them, its malware like keyloggers.. where I have become customed to writing usernames/ passwords in a jumbled order, occasionally adding words here and there just in case to throw it off (was infected with the malware in the past).. which is painstaking




Well if it's my buddy the rocketman, they maybe I can breathe a sigh of relief




Do you know if chrome encrypts login details? for hotmail accounts...
If I recall correctly...windows 10 has that same windows 8 like layout for touchscreen devices like tablets and Ultrabooks. Although I can't say that with certainty bcuz I'm the type of guy who has a gaming rig(PC...that I don't even use for gaming anymore :lol:). On top of that it doesn't have issues that windows 8 initially had. It's like a mix of windows 7 and 8 in just the right ways...IMO it's great.

As for password managers...technically u don't have to use one if u are very very careful about what u download(and don't make basic mistakes like falling for a phishing scam). Additionally u should install a top notch antivirus...and make sure to secure ur wifi. The only benefit these password managers offer is encryption...so even if ur computer does get infected...ur login info would be safe.
 
.
I highly doubt anything will happen just by opening an email. If you haven't click any link then you should be fine.

But just to satisfy yourself and for your inner peace, change the passwords. And report the email for spam/delete it.
 
.
Its always a good practice to keep your system up to date with updates/patches. It prevents any known hacking. But of course, dont get trapped into clicking links.. always open known emails and check the link behind the text.
 
.
As a rule of thumb NEVER STORE PASSWORDS ON ANY BROWSER FOR FINANCIALS example Bank accounts, credit cards, etc. Everything else is retrievable.
 
.
Some background, my email is @h0tmail. com account, which now uses 'outlook' (another microsoft company). Anyway so I foolishly clicked on an email pretending to be administration saying that my account was logged in from somewhere else; and inside the email there was a small blue box, forgot what it said but I assume it was a link, as it wanted to verify some info. I did NOT click on the link as I had some suspicions, and so I went back to the main page looking for options/(Alerts) telling me to check the I.P address from where my account was supposedly compromised from... to no avail I didn't find any such info/alerts.

I Then hovered my mouse over the email, and found the email address was definately not from administration as it was normal one: something @h0tmail. com.

So my question is it possible to get a virus/ malware from merely opening an email, even if I do not click on any links/ or download files etc?

Question number deux, I use 2 seperate browsers; chrome, firefox. Chrome is primarily used for banking, online shopping/ checking emails ect (all the important stuff), my passwords and usernames are already saved within the browser. Are these secure? i.e. is it possible for someone from the outisde like the piece of crap mentioned above to harvest sensitive data/info?


---
other useful info
Windows 8.1
anti virus soft: Windows defender (already scanned results came as negative).
For all banking or financial related purpose use Fedora or linux based operating system. If you don't have extra computer then use Virtual Box and install Fedora or Ubuntu or Linuxmint etc ...
But, now a days just opening the email is enough. Because moment you click on email , your email password or your mail box compromised right away. Things are totally changed.

A good read for you..

https://www.avanan.com/blog/phishing-alternate-inbox
 
.
Not fond of W10, plus currently using touch screen ultrabook so win 8.1 is more user friendly...

I keep hearing about password managers, but tbh I saw them as a possible liability i.e. all eggs in one basket.. admittedly not very versed on the topic, but I may look more objectively into password managers now. I curently got many accounts logged in chrome, and reluctantly am leaning towards deleting everything just to be on the safe side. My issue isn't just having to remember them, its malware like keyloggers.. where I have become customed to writing usernames/ passwords in a jumbled order, occasionally adding words here and there just in case to throw it off (was infected with the malware in the past).. which is painstaking




Well if it's my buddy the rocketman, they maybe I can breathe a sigh of relief




Do you know if chrome encrypts login details? for hotmail accounts...
I will say create a gmail account for chrome if you are thinking about saving passwords.
The would suggest people to use Password manager such as keepass to save passwords.
 
.
Some background, my email is @h0tmail. com account, which now uses 'outlook' (another microsoft company). Anyway so I foolishly clicked on an email pretending to be administration saying that my account was logged in from somewhere else; and inside the email there was a small blue box, forgot what it said but I assume it was a link, as it wanted to verify some info. I did NOT click on the link as I had some suspicions, and so I went back to the main page looking for options/(Alerts) telling me to check the I.P address from where my account was supposedly compromised from... to no avail I didn't find any such info/alerts.

I Then hovered my mouse over the email, and found the email address was definately not from administration as it was normal one: something @h0tmail. com.

So my question is it possible to get a virus/ malware from merely opening an email, even if I do not click on any links/ or download files etc?

Question number deux, I use 2 seperate browsers; chrome, firefox. Chrome is primarily used for banking, online shopping/ checking emails ect (all the important stuff), my passwords and usernames are already saved within the browser. Are these secure? i.e. is it possible for someone from the outisde like the piece of crap mentioned above to harvest sensitive data/info?


---
other useful info
Windows 8.1
anti virus soft: Windows defender (already scanned results came as negative).

I might help you on this! Because now a days cryptojacking attack and Monero Crypto-Miner Malware attack is happening:

They will steal your personal information without knowing to you.

1. I will suggest you to check if any unknown service ( services.MSC) running on your system.

Many other things you have to cross checked.

Now I m dealing with an attack on Zee network ( you know " zee news"... Hehehe)

ZEEL: Monero Crypto-Miner Malware attack has happened on Servers 20th june ( email subject line)
 
Last edited:
.
For all banking or financial related purpose use Fedora or linux based operating system. If you don't have extra computer then use Virtual Box and install Fedora or Ubuntu or Linuxmint etc ...
But, now a days just opening the email is enough. Because moment you click on email , your email password or your mail box compromised right away. Things are totally changed.

A good read for you..

https://www.avanan.com/blog/phishing-alternate-inbox

I was leaning towards using Ubuntu via virtual box in the past for general web browsing in the past, whilst keeping normal windows for all the important stuff, but I did not find conclusive info on vulnerabilities to the actual pc (via shared internet connection i.e. NAT, Bridge..etc), thus deferring my plans.

I might help you on this! Because now a days cryptojacking attack and Monero Crypto-Miner Malware attack is happening:

They will steal your personal information without knowing to you.


1. I will suggest you to check if any unknown service ( services.MSC) running on your system.

Many other things you have to cross checked.

Now I m dealing with an attack on Zee network ( you know " zee news"... Hehehe)

ZEEL: Monero Crypto-Miner Malware attack has happened on Servers 20th june ( email subject line)

Well I wouldn't know if any 'unknown service' would be running on Task manager, since I wouldn't be able to differentiate whats normal and whats foreign (virus/malware). I did check if my Chrome and anti-virus were upto date, did a couple of scans.. and even uninstalled chrome in the end insuring all data is wiped.. don't know what else I could do.
 
.

Latest posts

Pakistan Defence Latest Posts

Pakistan Affairs Latest Posts

Back
Top Bottom