So some background first...
I have a domain that I manage using a ZoneEdit free account, and I mainly use this for email forwarding
I have *@mydomain forwarded to my GMail
Lately, I've been getting a lot of messages that appear to be coming from myself, saying stuff like "I have your password, it's [whatever], send me bitcoin now!"
The passwords they are sending me and the addresses they are sending them to are from very old accounts I had on some vBulletin forums that almost certainly got hacked and ended up on TOR, and a few years ago, I went through an awakening, switched to a password manager (1Password), and changed all my active accounts to randomly generated passwords, enabled 2FA where possible, and deleted / deactivated any accounts I no longer wanted
I'm not concerned at all that they have these old passwords, but what I am concerned about is how they're able to spoof their email as if it's coming from me
I'm a somewhat technical person, but not too technical when it comes to the inner workings of email, dns, etc.
Can someone explain how they're able to spoof the address so easily, and is there anything I can do to prevent this?
What about SPF, would that be a viable solution?
Thanks in advance.
I have a domain that I manage using a ZoneEdit free account, and I mainly use this for email forwarding
I have *@mydomain forwarded to my GMail
Lately, I've been getting a lot of messages that appear to be coming from myself, saying stuff like "I have your password, it's [whatever], send me bitcoin now!"
The passwords they are sending me and the addresses they are sending them to are from very old accounts I had on some vBulletin forums that almost certainly got hacked and ended up on TOR, and a few years ago, I went through an awakening, switched to a password manager (1Password), and changed all my active accounts to randomly generated passwords, enabled 2FA where possible, and deleted / deactivated any accounts I no longer wanted
I'm not concerned at all that they have these old passwords, but what I am concerned about is how they're able to spoof their email as if it's coming from me
I'm a somewhat technical person, but not too technical when it comes to the inner workings of email, dns, etc.
Can someone explain how they're able to spoof the address so easily, and is there anything I can do to prevent this?
What about SPF, would that be a viable solution?
Thanks in advance.
Last edited:
