Need to contact John Wilcock

[Pitlamp]

I received a slightly unusual email yesterday from John Wilcock's address; I'm not 100% sure it's genuine. It's not really written in his usual style and the subject line has six exclamation marks (which I've never known before). If anyone is in a position to email him on my behalf, to check he really did email me, please would you send me a PM?

Or - John - if you're on here, please would you send a PM directly via this forum?

Thanks.

 

[TLH]

I received a slightly unusual email yesterday from John Wilcock's address; I'm not 100% sure it's genuine. It's not really written in his usual style and the subject line has six exclamation marks (which I've never known before). If anyone is in a position to email him on my behalf, to check he really did email me, please would you send me a PM?

Or - John - if you're on here, please would you send a PM directly via this forum?

Thanks.

A similar email from John Wilcock was posted to the Matienzo email list yesterday. So, I suspect this is a hacked email. It was not addressed to anybody directly.

 

[Pitlamp]

Thanks; the one I got had the subject title "Reaching Out!!!!!!". That's just not like John.

Did the Matienzo email have the same message title? Did it refer to laryngitis? If so a hacking seems likely.

Anyone else who receives something similar might like to be wary, at least.

 

[Badlad]

Was it this scam email.

"How are you doing?

I'm unable to speak over the phone due to a serious throat pain caused by laryngitis. Can I ask a favour from you?

John"

 

[Badlad]

I wonder what that favour might be. Perhaps sending some money? Clearly his email is hacked. Beware.

 

[Pitlamp]

"How are you doing?

I'm unable to speak over the phone due to a serious throat pain caused by laryngitis. Can I ask a favour from you?

John"

That's the one Badlad.

Seems pretty certain this is due to a hacking. Could someone who know's John's phone number give him a quick call to alert him? (I don't have a number for him.) With his professional background I doubt it'd take him long to stamp this out.

 

[langcliffe]

Seems pretty certain this is due to a hacking. Could someone who know's John's phone number give him a quick call to alert him? (I don't have a number for him.) With his professional background I doubt it'd take him long to stamp this out.

The email address is unlikely to have been hacked - just a common acquaintance's address book (such as mine). The hacker then sends an email purportedly from someone in the address book, to someone else in the address book with a spoofed sender's email address. The actual return address, which you don't always see, would be different. This is a very common scam.

 

[Pitlamp]

Thanks Langcliffe; I now know that several other folk in the caving community have received this message.

Beware folks.

 

[pwhole]

If your email program lets you see the header text of the mail you can see the return address listed, and it will invariably not be the one you were expecting.

 

[Pitlamp]

Normally when I hover over a suspect email address the real (fraudulent) email address is revealed. In this case it's showing the right email address. Sneaky . . .

 

[rm128]

I suspect this email account has been fully hacked, such that John Wilcock himself will not have access to it. This happened to my wife a couple of weeks ago. Her email account was hacked and essentially stolen. The hackers changed the password, so that she could no longer access the account, but the hackers presumably could. Hence, there is no suspicious return address - it is simply the original one, but with a new, more nefarious purpose. My wife had to convince her provider that the account did in fact belong to her, before she could access it again. In the end, she totally lost confidence in it and moved to a completely new email address.

 

[andrewmcleod]

I suspect this email account has been fully hacked, such that John Wilcock himself will not have access to it. This happened to my wife a couple of weeks ago. Her email account was hacked and essentially stolen. The hackers changed the password, so that she could no longer access the account, but the hackers presumably could. Hence, there is no suspicious return address - it is simply the original one, but with a new, more nefarious purpose. My wife had to convince her provider that the account did in fact belong to her, before she could access it again. In the end, she totally lost confidence in it and moved to a completely new email address.

Almost certainly the hackers just got hold of an email/password combination (possibly from another site) rather than 'hacking' the email account (or perhaps this is what you meant)

Use a password manager, and use different passwords on every site. While it is true that any reputable website shouldn't actually store your password itself (instead a hashed version from which it is easy to verify your password but extremely difficult to recreate it), not every website is quite as robust as it should be with salting these and using decent hashing (or in some cases doing it at all).

Check whether your email address has appeared in data breaches here:

Have I Been Pwned: Check if your email has been compromised in a data breach

Have I Been Pwned allows you to search across multiple data breaches to see if your email address or phone number has been compromised.

haveibeenpwned.com

and check if your password has been seen in the wild here:

Have I Been Pwned: Pwned Passwords

Have I Been Pwned allows you to search across multiple data breaches to see if your email address or phone number has been compromised.

haveibeenpwned.com