You are reading a single comment by @Dammit and its replies.
Click here to read the full conversation.
-
It’s all so scary and horrid I’d kind of rather not know.
I had my emails got to by someone exploiting an insecure printer on our network that held my password so the printer could email scans. The idea that my whole inbox is out there in the hands of nefarious folks forever is really unsettling.
See also - those gadgets you can buy for a few hundred £ that can spoof RFIDs and get into your car / office / garage door, software that can brute force passwords in seconds.
Hefty
@Dammit
I'd bet a significant sum of money that your partner doesn't know.
I'd also assume that alongside the phishing that you have seen there's user-account-compromise mail that you may not have spotted.
Attackers will compromise an account, search for (typically) a finance related conversation to piggy-back, if they find one they will copy the entire conversation and then send from an MTA they control spoofing the victims domain (if they're able), or using a look-alike domain (if they're not).
If that doesn't work, or doesn't get the results they want they'll go back into the compromised account and send from that.