Le e-mail non effettivamente inviate da me vengono visualizzate nella mia cartella "inviata"?

2

Ho un account di Outlook (era hotmail).

Vedo alcune e-mail sospette nella mia cartella inviata, da scoprire sia nel client Thunderbird che nel client Web Outlook, che non ho inviato.

Ho già cambiato la mia password, preoccupandomi che avrebbe potuto essere compromessa; tuttavia, dopo aver ispezionato la fonte, vedo che il mio indirizzo non appare mai: il mittente non è in realtà me. Inoltre, non c'è " A: "

Questo mi fa pensare che forse l'account non è stato compromesso, ma come mai vedo le e-mail nella cartella inviata?

UPDATE : mentre in un caso non c'è "A:" , il client mostra " unknow " nella colonna A e il mio indirizzo non appare mai nella fonte di posta, c'è anche un altro caso in cui il mio indirizzo appare in " A: " (non in " Da: "). Direi che questo altro caso sembrava uno spoofing regolare se l'email era nella cartella Inbox , ma è in Inviato

Includo la fonte di posta elettronica (il sito di Outlook non sembra avere un'opzione per copiare solo le intestazioni). Ho cambiato gli indirizzi IP in caratteri non significativi come xx.xxx.xx.xx, sostituito i collegamenti malevoli e gli indirizzi di posta. Il mio indirizzo e quelli di eventuali miei contatti sembrano coinvolti. Potrei aver dimenticato qualcosa, sentitevi libero di modificare e chiedere ulteriori dettagli se necessario

Received: from VE1EUR02HT166.eop-EUR02.prod.protection.outlook.com
 (ffff:ffff:fff::ff) by AM4PR0401MB1970.eurprd04.prod.outlook.com with HTTPS
 via AM3PR04CA0148.EURPRD04.PROD.OUTLOOK.COM; Tue, 5 Dec 2017 16:25:07 +0000
Received: from VE1EUR02FT031.eop-EUR02.prod.protection.outlook.com
 (xx.xxx.xx.xx) by VE1EUR02HT166.eop-EUR02.prod.protection.outlook.com
 (yy.yyy.yy.yyy) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id zz.zz.zzz.z; Tue, 5 Dec
 2017 16:25:07 +0000
Authentication-Results: spf=none (sender IP is kk.kk.k.kkk) smtp.helo=;
 hotmail.com; dkim=pass (signature was verified)
 header.d=oo.ATTACKER.NET;hotmail.com; dmarc=permerror action=none
 header.from=oo.ATTACKER.NET;
Received-SPF: None (protection.outlook.com:  does not designate permitted
 sender hosts)
Received: from SNT004-MC5F5.hotmail.com (hh.hhh.hh.hh) by
 VE1EUR02FT031.mail.protection.outlook.com (jj.jjj.jj.jjj) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id
 15.20.282.5 via Frontend Transport; Tue, 5 Dec 2017 16:25:06 +0000
X-IncomingTopHeaderMarker: OriginalChecksum:255C39763F036EA23876BAB41428C4FF25DFCEDF36BCA46234B50E8284D7EA26;UpperCasedChecksum:07DB12FEFEE63D3A0397067AECD2CCE92B37535297A742DC2CBAC5E1A3F32423;SizeAsReceived:1422;Count:15
Received: from oo.ATTACKER.NET ([kk.kk.k.kkk]) by SNT004-MC5F5.hotmail.com with Microsoft SMTPSVC(7.5.7601.23143);
     Tue, 5 Dec 2017 08:25:05 -0800
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=selector1; d=oo.movingright.net;
 h=From:Sender:List-Unsubscribe:Subject:Content-Type:Reply-To; [email protected];
 bh=gxYz3JpgRC3azGshKXDTANqNEhw=;
 b=1ciZCIO2c4qmrODX8SGMiTuGiS2luC5RKM47rWBLQUybeNQgnFjMuONYKnXhQOPTNQP+SzLsieTM
   hlYByyHUVnN5M1xIe4lVkh8ZlDYwM1tHxCZy7m0YenYRY+4YlPSKDYnjipdTA5F2bC+rJ39pCWwp
   q/3t2Wx7un+6GX+btcg=
DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=selector1; d=oo.movingright.net;
 b=stTfJpnCQ75QjWEEG63JZ9XcPnXW6zsghQgf2LYTgo19PBNoeJ6efXiP2QZzEbwZFaS7B2tOLY8x
   B++5EP1ewy8zbXldZ53IBCRSl6LOEcqXeRsORkgy+BInb7bHy52yFdLBOjtZb21WVPvgC9TDz98p
   IjFh3DjV57fuqVDoH2c=;
From: â¡â¡ Sarah â¡â¡ <[email protected]>
Sender: " yh" <[email protected]>
List-Unsubscribe: <[email protected]>
Subject: â¡â¤ Can't wait anymore ... See my nude pics and let's meet â¤â¡
Content-Type: multipart/alternative;
 boundary="----=_NextPart_6B34F3F8_4354_464B_B214_CE288821B8D1"
BCC:
Reply-To: <[email protected]>
Return-Path: <>
Message-ID: <[email protected]>
X-OriginalArrivalTime: 05 Dec 2017 16:25:05.0149 (UTC) FILETIME=[9BBA42D0:01D36DE5]
Date: Tue, 5 Dec 2017 08:25:05 -0800
X-IncomingHeaderCount: 15
X-MS-Exchange-Organization-Network-Message-Id: b28d5a5a-a945-46a9-cf2f-08d53bfcbf47
X-EOPAttributedMessage: 0
X-EOPTenantAttributedMessage: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa:0
X-MS-Exchange-Organization-MessageDirectionality: Incoming
CMM-sending-ip: kk.kk.k.kkk
CMM-Authentication-Results: hotmail.com; spf=pass (sender IP is kk.kk.k.kkk)
 smtp.helo=oo.movingright.net; dkim=pass header.d=oo.ATTACKER.NET;
 x-hmca=pass [email protected]
CMM-X-SID-PRA: [email protected]
CMM-X-AUTH-Result: PASS
CMM-X-SID-Result: PASS
CMM-X-Message-Delivery: Vj0xLjE7RD0yO0dEPTI7U0NMPTQ=
CMM-X-Message-Info: 3c21WZ1hAlvD6z4W+Uwvl9ImsHEUa/TV22P+NgFf/vRX9nK3L2uwOHntIsd8XhO4MbD/28XyRlUbWcA5rYswXa+72BTBwB5Sjk+MpOUeyPiAEw/KxFOjtzAqRDMnx/llO2pTeGfmjbRpokFCOA+AJ0EO+i1WEUDFXkKB2G4i4OvYAYxvsh7k/g==
X-MS-UserLastLogonTime: 12/5/2017 3:11:17 PM
X-Microsoft-Exchange-Diagnostics: 1;VE1EUR02FT031;1:kb26mkc2Gur4wkI3JkriHM1wTddL9iWWcHF8PPFz5TcFeFV6caw5/jYRkE6/8tct2iUEH2xxCvRz535hWmL6hwGjt6VSnp1kCzmmqB0JsktK2UGIE8duDKAnu4QUQF2j
X-MS-Exchange-Organization-AuthSource: VE1EUR02FT031.eop-EUR02.prod.protection.outlook.com
X-MS-Exchange-Organization-AuthAs: Anonymous
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: b28d5a5a-a945-46a9-cf2f-08d53bfcbf47
X-Microsoft-Antispam: BCL:0;PCL:0;RULEID:(5001025)(4604075)(4605076)(8291501071);SRVR:VE1EUR02HT166;
X-Microsoft-Exchange-Diagnostics: 1;VE1EUR02HT166;3:4UNbiEkNL3mQWkzT67Va8hemwyLjtytaRUijT0qm/aoHOBYOXTQrCKkvtrg9rGotlmFLQ5QJFldCX9rn8dO5y+pxFceWJG3xxUSeYZIgMoCJUEH0I1uB5+X9P6bpHqFWzMAc3HJ++RJFivVDYJi7/193o6PA0uA9rCOt9s5uwnxO7NIvX/ZxMRqJeeeuSZcPwrDVzoJSlf7Pt1tMg5G/JBXr0X8uEirCN91QzB8TxVZCLuHaVfzVTWhTjDsFIPRM5+6euyaRYNUHpSjq2OwS5QP0GCT+4mp51afJzsUD+DJbH0+Rn44Ech1ZdIiKhAqZ;25:qcljjPzjH11Lj+HscQXGwwqNnt108wu/IHYd9ab632NZMC6tpH3GBYE5Hs1jg93yzuhJSl9Jf3Z0+s/vfqIYJmrF8/d6MSqP6Gatornju3nnIJZGg6tuQoYyjGFLDZUpjO0oL0nnC4Hs9Md85wYi8ab9J0Xf0GEZzl9ML1iNVOMxm1fGPJlE1Q6O2VMaf9/d/LoNMmf8o/7CHFtB/BjBimjpMhMTu2vuVtVk+QNYVPWwywcRCFNqsPTj7T71Rk0WNM8NgDEf+8dLt08P1AEemq8QUFwaH0rGr+xB7W7arJGF4Yy6Bh/8B36/Nz3DRsD7mI5/bIap28U5Zo0sG5pIMw==;31:uTCLahoMZ9sdLlG7MIxV2lDbtQeE9LENR88NYwRnQByI3+8yXyBPFS7sffHycpyPjSYTzLbn88/KCR2K0VSmZqlmvR9kGlj/qQcEaw6DqXQhbEm/vBmvmepG7gGbKmngRounJ5zBmXX+bcWYJwA9QnEF/rSJxsgNYdVscGdkPGntiTOlzQAD4vO0IPNzEDd9htBKPfam6uGqbuqReoZkkutaShrfIkw7n90YTCgxWEc=
X-MS-TrafficTypeDiagnostic: VE1EUR02HT166:
X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(444000031);SRVR:VE1EUR02HT166;BCL:0;PCL:0;RULEID:(100000803101)(100110400095);SRVR:VE1EUR02HT166;
X-Microsoft-Exchange-Diagnostics: 1;VE1EUR02HT166;4:hDH6XB0xIALryjgDjwIOx2Mgbqxvg++40e05pYvaOGpUzJDLGfF2jNUvGo50BbVQj/1sZYoMuDB70naRENULw3CQOzJ7+V3OfranNp1mMKWg4XsTpNjQLO009/Bhv0/XutVJ0w+Y3ybKYgTvNE+g8d6kuCPPRv8tqwqfsIHf+5qYk7+AifrAQxFY62wFqj3mbsjCACwLJZ+8GRMDlWbmGLJCm6XRPniIvbrgFh//+N3OA4hJx2dbhIFeiUs8ZGiOOTo/2666Rier5D9be3RtRA==;23:fA6EZEu66lYNTqqQcD87MThbCfjplzYIdAynpuO9FmKhoqlHSEN3S73/hcxVRPz5I3w4058XT/daNKW0LsggBSogz5hykYGQnR8GBiSPnJZPrRAVaKQi6+SHXKiXmqB8mq9JkbH7xh80M6RUjlJYzEHXjxBQv3y/Xfnw/I7efy/D24MA1yG5uyxutDcypQ5XxczMDRF54CwoPzC3BnyUEA==;6:J2gFGwtvjTE+hWQZXPuZ4jAMV6++ojIqltBRPELV3zRSMKpfCY9zlcUxofex6By9d5MEZ6VhvHQoLS4IFAEo3apmbdJs0ljp3kPK7Aps/7TcPbbMRFfUQWSAL8+FG/hoWgyRIFm/LVBSXp0hsJy/bVn1NJhEbryNlJy2agXuHRHkF5OkEPE7nGnt0yH+Tzw1MfVINlS2/oUcYAFAVTR/Gbi5Ux3D4/7obnxo8oTmoiusfww65fRyeIlT/P4VWsTUuCKwHGoFxrgX2h8MQD4HUr/7rS+ZvP5JJtDzG3l51a0X3bDYbdsjrZM5es8TQhoI3AJPpTRsUbgzUbEmNCiRuTpDH4rlb6HE33bwCVcd4sg=
X-Forefront-Antispam-Report: SFV:NSPM;SFS:(98900018);DIR:INB;SFP:;SCL:1;SRVR:VE1EUR02HT166;H:SNT004-MC5F5.hotmail.com;FPR:;SPF:None;LANG:;
X-MS-Exchange-Organization-SCL: 1
X-Microsoft-Exchange-Diagnostics: 1;VE1EUR02HT166;5:nzTosku0e8yI5Od9hGVFDDpSDTaJjG8QrHpcUlBQ0pXoq6Y4R1LLBguzSJQ7DzonSL/7gFit2S8fnLJ5eHoqimUIKt97iu8tT+unYfE0+gk/odfRpO/B10yFS/I0I91ByhRuSUCsfB49iNdcILvT5Z5UjAhZf/375TIBF0rXt8A=;24:tmqDK7FyJfylF73xuv0hmvZ/d8CXBnwO3VR1OV30HXRz0ZKBL4qDnUYeYJ/kuVXPLTHe1uJpb6Fnoz0W3ozuqdn9osrQuAeu/CuJzPoG1do=;7:2laKC5VUl7zA1zWcpTVr93tYaLmh+stpopd5xb0jvca1ZN1PqNQyG7/GKMgbNeQXIT6EEWQU5jj9xS1LQdp+6Pp63aH6NkpHaT0Bf720xps+RtmUQbdxGkqP8ynAz+TekpX+4BEPKvxBjIcVbtIQbcdwjtsNWoXh4MqvldTy32TUlhOlDXm5ApuPHYxCDfib+FLNe01akYFzqt/Gda7O0u+xPo2KhT8UuLTmvhPPist+/rre8vdWRmc9ohHzBSQb
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-OriginatorOrg: outlook.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Dec 2017 16:25:06.0213
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: b28d5a5a-a945-46a9-cf2f-08d53bfcbf47
X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-CrossTenant-FromEntityHeader: Internet
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VE1EUR02HT166
X-MS-Exchange-Transport-EndToEndLatency: 00:00:01.3796011
X-MS-Exchange-Processed-By-BccFoldering: 15.20.0282.012
Importance: high
X-Priority: 1
X-Microsoft-Exchange-Diagnostics:
    1;AM4PR0401MB1970;27:OEPydiXdg1o82HkMUTG0XYX75zuvBxunKAUxDkItlxqYk+4MsCz14PBBHKu1DCh0Ai5orrSvfUSC2bbODcdo49227dYXiBpwoeSh2zGbVUhL5vpEhSm9Gm00Wc6L43Za
X-Microsoft-Antispam-Mailbox-Delivery:
    abwl:0;wl:0;pcwl:0;kl:0;iwl:0;dwl:0;dkl:0;rwl:0;ex:0;auth:1;dest:J;WIMS-SPF:oo%2emovingright%2enet;WIMS-DKIM:oo%2emovingright%2enet;WIMS-822:qvc%40oo%2emovingright%2enet;WIMS-PRA:noreply%40oo%2emovingright%2enet;WIMS-AUTH:PASS;ENG:(400001000128)(400125000095)(5062000261)(5061607266)(5061608174)(1002268)(4900095)(4921089)(3120004)(4950112)(4990090)(9140004);RF:JunkEmail;OFR:SpamFilterAuthJ;
X-Microsoft-Antispam-Message-Info:
    ZdW969Ez/4mHyEZtbSq5HOPAuVUD85rjbP8oC86qtJF/ZIJDSGmjQGwa4BVuxwWk+8aiKF2HYfg3cyTFIU79jY+Hnxc1VxRPT6QqeVm5CjLPzaYLD45M89dl8s7kQEMsD3LfzTI1puwVZjPfff2WWHX1aEbg/PyktaAGKCU5sWKVvl754LzJPh/cDkiQ8b5TNPrDZBfDG0nYuhUvylTq2Y6cXJ0klQGtKwD6bsLTrqJyF6OMsZlUSsrHriIY7VeAlHWruIEuKJyFBbbTR6Ue4/PeQ9QXhCmsGcK2QN+0MI2KNco4MTsBvXIB1DJOuSM/
MIME-Version: 1.0

------=_NextPart_6B34F3F8_4354_464B_B214_CE288821B8D1
Content-Type: multipart/alternative;
 boundary="----=_NextPart_571E1FD8_86E7_4BD2_829A_B257F132850D"
X-Microsoft-Exchange-Diagnostics:
    1;AM4PR0401MB1970;27:OEPydiXdg1o82HkMUTG0XYX75zuvBxunKAUxDkItlxqYk+4MsCz14PBBHKu1DCh0Ai5orrSvfUSC2bbODcdo49227dYXiBpwoeSh2zGbVUhL5vpEhSm9Gm00Wc6L43Za
X-Microsoft-Antispam-Mailbox-Delivery:
    abwl:0;wl:0;pcwl:0;kl:0;iwl:0;dwl:0;dkl:0;rwl:0;ex:0;auth:1;dest:J;WIMS-SPF:oo%2emovingright%2enet;WIMS-DKIM:oo%2emovingright%2enet;WIMS-822:qvc%40oo%2emovingright%2enet;WIMS-PRA:noreply%40oo%2emovingright%2enet;WIMS-AUTH:PASS;ENG:(400001000128)(400125000095)(5062000261)(5061607266)(5061608174)(1002268)(4900095)(4921089)(3120004)(4950112)(4990090)(9140004);RF:JunkEmail;OFR:SpamFilterAuthJ;
X-Microsoft-Antispam-Message-Info:
    ZdW969Ez/4mHyEZtbSq5HOPAuVUD85rjbP8oC86qtJF/ZIJDSGmjQGwa4BVuxwWk+8aiKF2HYfg3cyTFIU79jY+Hnxc1VxRPT6QqeVm5CjLPzaYLD45M89dl8s7kQEMsD3LfzTI1puwVZjPfff2WWHX1aEbg/PyktaAGKCU5sWKVvl754LzJPh/cDkiQ8b5TNPrDZBfDG0nYuhUvylTq2Y6cXJ0klQGtKwD6bsLTrqJyF6OMsZlUSsrHriIY7VeAlHWruIEuKJyFBbbTR6Ue4/PeQ9QXhCmsGcK2QN+0MI2KNco4MTsBvXIB1DJOuSM/

------=_NextPart_571E1FD8_86E7_4BD2_829A_B257F132850D
Content-Type: text/html; charset="UTF-8"
X-Microsoft-Exchange-Diagnostics:
    1;AM4PR0401MB1970;27:OEPydiXdg1o82HkMUTG0XYX75zuvBxunKAUxDkItlxqYk+4MsCz14PBBHKu1DCh0Ai5orrSvfUSC2bbODcdo49227dYXiBpwoeSh2zGbVUhL5vpEhSm9Gm00Wc6L43Za
X-Microsoft-Antispam-Mailbox-Delivery:
    abwl:0;wl:0;pcwl:0;kl:0;iwl:0;dwl:0;dkl:0;rwl:0;ex:0;auth:1;dest:J;WIMS-SPF:oo%2emovingright%2enet;WIMS-DKIM:oo%2emovingright%2enet;WIMS-822:qvc%40oo%2emovingright%2enet;WIMS-PRA:noreply%40oo%2emovingright%2enet;WIMS-AUTH:PASS;ENG:(400001000128)(400125000095)(5062000261)(5061607266)(5061608174)(1002268)(4900095)(4921089)(3120004)(4950112)(4990090)(9140004);RF:JunkEmail;OFR:SpamFilterAuthJ;
X-Microsoft-Antispam-Message-Info:
    ZdW969Ez/4mHyEZtbSq5HOPAuVUD85rjbP8oC86qtJF/ZIJDSGmjQGwa4BVuxwWk+8aiKF2HYfg3cyTFIU79jY+Hnxc1VxRPT6QqeVm5CjLPzaYLD45M89dl8s7kQEMsD3LfzTI1puwVZjPfff2WWHX1aEbg/PyktaAGKCU5sWKVvl754LzJPh/cDkiQ8b5TNPrDZBfDG0nYuhUvylTq2Y6cXJ0klQGtKwD6bsLTrqJyF6OMsZlUSsrHriIY7VeAlHWruIEuKJyFBbbTR6Ue4/PeQ9QXhCmsGcK2QN+0MI2KNco4MTsBvXIB1DJOuSM/

<meta http-equiv="Content-Type" content="text/html; charset=utf-8"><img src="MALICIOUS_URL_7" width="1" height="1">
<p style="text-align: center;">
<font face="Comic Sans MS">
<b>
<a href="MALICIOUS_URL_6">
<font color="#CC0066" size="6">Hi</font></a></b></font></p><p><center><p>
<center><font size="5" face="comic sans ms">
<a href="MALICIOUS_URL_5"><b>
<font color="#DF0101"><span style="background-color: #FFFFFF"><marquee> â©â¡â© i'm here to make you something special  â©â¡â©</marquee></span></font></b></a></center><br>
</font><a href="MALICIOUS_URL_4"><b>
<font size="5" face="MV Boli" color="#000000">
<span style="background-color: #FFFFFF; text-decoration:none">Well, I hope my new photos will melt even the coldest soul... ;)</span></font></b><p>
<span style="text-decoration: none">
<b>
<font color="#993333" size="6" face="IrisUPC"> &nbsp;</font><font size="7" color="#CC6699" face="IrisUPC">I want to hug you between my legs</font></b></span></p>
<font color="#DF0101" size="6">
</font>
<font color="#DF0101" size="6">
</font>
</b>
<b>
<span style="text-decoration: none">
<font color="#DF0101" size="6" face="Matura MT Script Capitals">
I'm wild and looking to hookup 
!</font></span></b></a><b><font color="#DF0101" size="6"><font size="5" face="comic sans ms" color="#000000"><a><br>
</font>
</font>
<a>
<font size="6">
<p></font>
<font size="5" face="Lucida Sans"><font size="6">â©â©â©â© CLICK HERE â©â©â©â©</font><font color="#DF0101" size="6"> </font> </font></b><font color="#DF0101" size="6"><font color="#DF0101" size="6"><font color="#DF0101" size="6" face="comic sans ms">
</p>
<p>
<center></font><font size="5" face="comic sans ms" color="#000000">
<font color="#DF0101" size="6"><a href="MALICIOUS_URL_3"><img src="MALICIOUS_URL_8"></a></center><br> 

<center><a href="MALICIOUS_URL_1"><img src="MALICIOUS_URL_9"></a></center><br> 

<center><a href="MALICIOUS_URL_2"><img src="MALICIOUS_URL_10"></a></center><br>








------=_NextPart_571E1FD8_86E7_4BD2_829A_B257F132850D--

------=_NextPart_6B34F3F8_4354_464B_B214_CE288821B8D1
Content-Type: text/plain
X-Microsoft-Exchange-Diagnostics:
    1;AM4PR0401MB1970;27:OEPydiXdg1o82HkMUTG0XYX75zuvBxunKAUxDkItlxqYk+4MsCz14PBBHKu1DCh0Ai5orrSvfUSC2bbODcdo49227dYXiBpwoeSh2zGbVUhL5vpEhSm9Gm00Wc6L43Za
X-Microsoft-Antispam-Mailbox-Delivery:
    abwl:0;wl:0;pcwl:0;kl:0;iwl:0;dwl:0;dkl:0;rwl:0;ex:0;auth:1;dest:J;WIMS-SPF:oo%2emovingright%2enet;WIMS-DKIM:oo%2emovingright%2enet;WIMS-822:qvc%40oo%2emovingright%2enet;WIMS-PRA:noreply%40oo%2emovingright%2enet;WIMS-AUTH:PASS;ENG:(400001000128)(400125000095)(5062000261)(5061607266)(5061608174)(1002268)(4900095)(4921089)(3120004)(4950112)(4990090)(9140004);RF:JunkEmail;OFR:SpamFilterAuthJ;
X-Microsoft-Antispam-Message-Info:
    ZdW969Ez/4mHyEZtbSq5HOPAuVUD85rjbP8oC86qtJF/ZIJDSGmjQGwa4BVuxwWk+8aiKF2HYfg3cyTFIU79jY+Hnxc1VxRPT6QqeVm5CjLPzaYLD45M89dl8s7kQEMsD3LfzTI1puwVZjPfff2WWHX1aEbg/PyktaAGKCU5sWKVvl754LzJPh/cDkiQ8b5TNPrDZBfDG0nYuhUvylTq2Y6cXJ0klQGtKwD6bsLTrqJyF6OMsZlUSsrHriIY7VeAlHWruIEuKJyFBbbTR6Ue4/PeQ9QXhCmsGcK2QN+0MI2KNco4MTsBvXIB1DJOuSM/




------=_NextPart_6B34F3F8_4354_464B_B214_CE288821B8D1
Content-Type: text/plain
X-Microsoft-Exchange-Diagnostics:
    1;AM4PR0401MB1970;27:OEPydiXdg1o82HkMUTG0XYX75zuvBxunKAUxDkItlxqYk+4MsCz14PBBHKu1DCh0Ai5orrSvfUSC2bbODcdo49227dYXiBpwoeSh2zGbVUhL5vpEhSm9Gm00Wc6L43Za
X-Microsoft-Antispam-Mailbox-Delivery:
    abwl:0;wl:0;pcwl:0;kl:0;iwl:0;dwl:0;dkl:0;rwl:0;ex:0;auth:1;dest:J;WIMS-SPF:oo%2emovingright%2enet;WIMS-DKIM:oo%2emovingright%2enet;WIMS-822:qvc%40oo%2emovingright%2enet;WIMS-PRA:noreply%40oo%2emovingright%2enet;WIMS-AUTH:PASS;ENG:(400001000128)(400125000095)(5062000261)(5061607266)(5061608174)(1002268)(4900095)(4921089)(3120004)(4950112)(4990090)(9140004);RF:JunkEmail;OFR:SpamFilterAuthJ;
X-Microsoft-Antispam-Message-Info:
    ZdW969Ez/4mHyEZtbSq5HOPAuVUD85rjbP8oC86qtJF/ZIJDSGmjQGwa4BVuxwWk+8aiKF2HYfg3cyTFIU79jY+Hnxc1VxRPT6QqeVm5CjLPzaYLD45M89dl8s7kQEMsD3LfzTI1puwVZjPfff2WWHX1aEbg/PyktaAGKCU5sWKVvl754LzJPh/cDkiQ8b5TNPrDZBfDG0nYuhUvylTq2Y6cXJ0klQGtKwD6bsLTrqJyF6OMsZlUSsrHriIY7VeAlHWruIEuKJyFBbbTR6Ue4/PeQ9QXhCmsGcK2QN+0MI2KNco4MTsBvXIB1DJOuSM/


------=_NextPart_6B34F3F8_4354_464B_B214_CE288821B8D1--
    
posta Mario Trucco 07.12.2017 - 00:43
fonte

1 risposta

1

2 passaggi obbligatori da eseguire sono anti-spyware e anti-malware e usa di nuovo outlook solo se hai cambiato la password.

Ci sono allegati e collegamenti attualmente in circolazione sotto varie forme che la prima cosa che fanno è usare gli script per leggere la password del tuo account di Outlook.

Dopo averlo ottenuto, possono fare cose come:

  • Invia informazioni sensibili (furto di informazioni) verso altri indirizzi che nascondono

  • Invia spam - migliaia o anche più messaggi che non saprai mai che sono stati inviati fino a quando non sarà troppo tardi - lo saprai solo quando inizierai a ricevere bounce-back e / o il tuo IP di posta elettronica è nella lista nera

  • Invia vari tipi di attacchi SMTP

  • Diffondi lo stesso contenuto finché non ci sono abbastanza droni per un attacco più grande

Il problema con questo tipo di allegati è che sembrano molto legittimi e usano funzioni di posta elettronica standard così ben definite e limitate da non essere rilevate come thread da alcun sistema difensivo simile ad un antivirus - nessuna AV blocca le e-mail di Outlook legittime.

Se il tuo server di posta elettronica non è sicuro e non richiede l'autenticazione, non è necessario rubare la password e l'utente malintenzionato sarà in grado di inviare qualsiasi e-mail che desidera da qualsiasi account del tuo server.

I campi sorgente possono essere simulati come quelli di destinazione, quindi per vedere che cosa è effettivamente andato lì devi indagare sul tuo server di posta elettronica guardando i log in quell'intervallo di tempo.

    
risposta data 08.12.2017 - 10:39
fonte

Leggi altre domande sui tag