Work emails being intercepted & edited !?!!

Status
Not open for further replies.

medhead

Suspended
Joined
Feb 13, 2008
Messages
20,288
Points
0
Umm so apparently a close family member has evidence that his work emails have been intercepted, edited to give the opposite meaning (eg approved becomes not approved) and then released to the recipient.
 

penegal

Senior Member
Joined
May 17, 2009
Messages
5,677
Points
990
Qantas
Platinum
Virgin
Gold
Re: The totally off-topic thread

Umm so apparently a close family member has evidence that his work emails have been intercepted, edited to give the opposite meaning (eg approved becomes not approved) and then released to the recipient.

That is a very serious accusation... and extremely concerning if true... :(
 

medhead

Suspended
Joined
Feb 13, 2008
Messages
20,288
Points
0
The totally off-topic thread

That is a very serious accusation... and extremely concerning if true... :(

Yes very serious. The evidence apparently has been passed on to the global head office and they are investigating.

He has been having hassles with some people for a while.

I've only heard this third hand via another family member.
 

robd

Established Member
Joined
Nov 8, 2011
Messages
2,270
Points
470
Re: The totally off-topic thread

Yes very serious. The evidence apparently has been passed on to the global head office and they are investigating.

He has been having hassles with some people for a while.

I've only heard this third hand via another family member.

Sounds very sinister.
 

Pushka

Veteran Member
Joined
Jan 26, 2011
Messages
28,294
Solutions
4
Points
3,350
Qantas
Platinum
Virgin
Red
The totally off-topic thread

That involves not just accessing another person's email account which happens, but changing the intent of those emails is pretty dire.

But wouldn't the original (correct) emails have already been sent? Otherwise there isn't an email to change?
 

medhead

Suspended
Joined
Feb 13, 2008
Messages
20,288
Points
0
The totally off-topic thread

Sounds very sinister.

There just seems to have been an ongoing campaign against this person for 3 or more years. Hassles at work. I've read some of the stuff in the passed 6 months that is used against him and it's pretty weak. I guess someone may have decided creating problems is a good way to further their case.

That involves not just accessing another person's email account which happens, but changing the intent of those emails is pretty dire.

But wouldn't the original (correct) emails have already been sent? Otherwise there isn't an email to change?

I have no idea how it could be done. But this would be by someone who has access to control how the sent email is handled by the servers and such.
 

Pushka

Veteran Member
Joined
Jan 26, 2011
Messages
28,294
Solutions
4
Points
3,350
Qantas
Platinum
Virgin
Red
Re: The totally off-topic thread

There just seems to have been an ongoing campaign against this person for 3 or more years. Hassles at work. I've read some of the stuff in the passed 6 months that is used against him and it's pretty weak. I guess someone may have decided creating problems is a good way to further their case.



I have no idea how it could be done. But this would be by someone who has access to control how the sent email is handled by the servers and such.

That would mean some good involvement from IT also. I'm just thinking about our server and how it could be done. The way I'm thinking is that emails have been saved in a draft folder and then that was accessed by the third party, altered and then sent.

Usually once the "send" is clicked it goes through the server and is sent to the recipient within seconds.
 

anat0l

Enthusiast
Joined
Dec 30, 2006
Messages
11,672
Points
1,175
Re: The totally off-topic thread

Umm so apparently a close family member has evidence that his work emails have been intercepted, edited to give the opposite meaning (eg approved becomes not approved) and then released to the recipient.

That's pretty serious - as mentioned it's likely some sort of hack/intercept and misrepresentation. They were probably sinister enough to cook up the audit logs too, so it would be more difficult to track them.

Looks like he'll have to rely mostly on the telephone for a bit.
 
Virgin Wines Australia Has Exceptional Red, White & Sparkling Wines On Offer. See Online. See Our Exclusive Wine Selections From Around Australia & Around The World. Shop Now! Advent Calendar 2021. Better Wines for Less. Cancel Anytime. No Membership Fees.

AFF Supporters can remove this and all advertisements

OATEK

Established Member
Joined
Apr 12, 2013
Messages
4,411
Points
985
Re: The totally off-topic thread

That would mean some good involvement from IT also. I'm just thinking about our server and how it could be done. The way I'm thinking is that emails have been saved in a draft folder and then that was accessed by the third party, altered and then sent.

Usually once the "send" is clicked it goes through the server and is sent to the recipient within seconds.

It is possible to manage the mail flow for an individual through the exchange interface (assuming a Windows Server is used). But even so, there would be some log file entries when someone was making the changes to hold the email for editing, and it is hard to hack the log files as they are generally backed up. So it should be possible to to track who is doing things if it is in the server. And locking the PC when leaving the desk is a good way to prevent someone accessing the drafts folder when the user is away.
 

Pushka

Veteran Member
Joined
Jan 26, 2011
Messages
28,294
Solutions
4
Points
3,350
Qantas
Platinum
Virgin
Red
The totally off-topic thread

It is possible to manage the mail flow for an individual through the exchange interface (assuming a Windows Server is used). But even so, there would be some log file entries when someone was making the changes to hold the email for editing, and it is hard to hack the log files as they are generally backed up. So it should be possible to to track who is doing things if it is in the server. And locking the PC when leaving the desk is a good way to prevent someone accessing the drafts folder when the user is away.

The first explanation involves quite significant IT manipulation into the server from someone who has those rights to do that. It requires a high level of password control. And time. And would mean that all emails from that address would be hijacked.

The draft folder was kind of a throwaway as I couldn't think of how else it could happen without the emails being sent correctly in the first place.
 
Last edited:

medhead

Suspended
Joined
Feb 13, 2008
Messages
20,288
Points
0
Re: The totally off-topic thread

<moved to other thread>

That would mean some good involvement from IT also. I'm just thinking about our server and how it could be done. The way I'm thinking is that emails have been saved in a draft folder and then that was accessed by the third party, altered and then sent.

Usually once the "send" is clicked it goes through the server and is sent to the recipient within seconds.

Yes, IT involvement. Part and parcel of the job. Not email client related, no drafts folder. But email server related. Something like the email is intercepted at the server level and edited before being delivered to the recipient. But as I said I have no idea how this would be done.

Apparently the evidence has been gathered. Will be interested to see what ends up happening.
 
Last edited by a moderator:

Pushka

Veteran Member
Joined
Jan 26, 2011
Messages
28,294
Solutions
4
Points
3,350
Qantas
Platinum
Virgin
Red
Re: The totally off-topic thread

Umm, yes IT involvement. Part and parcel of the job. Not email client related, no drafts folder. But email server related. Something like the email is intercepted at the server level and edited before being delivered to the recipient. But as I said I have no idea how this would be done.

That's pretty significant then.
 

anat0l

Enthusiast
Joined
Dec 30, 2006
Messages
11,672
Points
1,175
Re: The totally off-topic thread

Yes, IT involvement. Part and parcel of the job. Not email client related, no drafts folder. But email server related. Something like the email is intercepted at the server level and edited before being delivered to the recipient. But as I said I have no idea how this would be done.

Apparently the evidence has been gathered. Will be interested to see what ends up happening.

Although I can't comment on the exact mechanics, it would not be too hard to intercept email at the server level and edit it before forwarding on. Spam filters csn operate at this level, as do other services like bleeping out words or the like. Of course, such actions are scripted rather than a manual process.

Just hoping that when they investigate accounts, the perpetrator has not as well hacked the victim account to plant the false emails in place of the sent items. Or, perhaps the discrepancies will be hidden during the investigation but restored after the heat dies off. AFAIK the "Sent Items" is a direct copy rather than a 'send to self' instruction so it doesn't need to go through a mail server. Sending an email to someone and comparing the time they receive the message with the time sent from the sender's system would be interesting.

I guess there are subtle hints when people don't want you. To be honest, I don't hold a lot of faith in the investigation let alone disciplinary process (if there is one). Good luck to him.....
 

medhead

Suspended
Joined
Feb 13, 2008
Messages
20,288
Points
0
Re: The totally off-topic thread

Although I can't comment on the exact mechanics, it would not be too hard to intercept email at the server level and edit it before forwarding on. Spam filters csn operate at this level, as do other services like bleeping out words or the like. Of course, such actions are scripted rather than a manual process.

Just hoping that when they investigate accounts, the perpetrator has not as well hacked the victim account to plant the false emails in place of the sent items. Or, perhaps the discrepancies will be hidden during the investigation but restored after the heat dies off. AFAIK the "Sent Items" is a direct copy rather than a 'send to self' instruction so it doesn't need to go through a mail server. Sending an email to someone and comparing the time they receive the message with the time sent from the sender's system would be interesting.

I guess there are subtle hints when people don't want you. To be honest, I don't hold a lot of faith in the investigation let alone disciplinary process (if there is one). Good luck to him.....

I'm really interested to know what the evidence happens to be; he has the same level of access to the computer system as whoever would have done this, if not greater access.
 

serfty

Veteran Member
Moderator
Joined
Nov 16, 2004
Messages
44,069
Solutions
19
Points
3,300
Qantas
Platinum
Virgin
Platinum
Re: The totally off-topic thread

...

Apparently the evidence has been gathered. Will be interested to see what ends up happening.
What document versions remain in the "outbox" ?
 

medhead

Suspended
Joined
Feb 13, 2008
Messages
20,288
Points
0
What document versions remain in the "outbox" ?

I really don't know. Just got this third hand via another family member. Not sure when I'll have a chance to discuss with them directly. I guess one assumption might be the evidence is that 'outbox' version is different to the other persons inbox version. But then that would be incredibly stupid for someone to leave something so basic if they were doctoring emails.
 
Status
Not open for further replies.
Top