Is this a fake e-mail?

[Minorika]

So i got an email that wnt into the spam folder from do-not-reply@logmein.com which stated that a login attempt has failed .

I at first didnt think much of it but decided to take a look just to be sure.

The attempt was from Kharkiv in the ukraine.

Is this legit or just fake because the message contained my actual e-mail address?

I´m using outlook by the way.

[Lurick]

Yes it's fake

I get emails all day long about "Your Amazon order has been cancelled" or "Paypal login failed" that seem to originate from amazon.com or paypal.com respectively. Hover over the link and it's some shortened URL that will most likely take you to a fake site to steal your info. It's VERY simple to spoof a from email address.

[NowThatsDamp]

Anybody smart enough to hack into your stuff is smart enough to keep you from getting an email about it.

[LienusLateTips]

It's spoofing

[Minorika]

Just now, Lurick said:

Yes it's fake

I get emails all day long about "Your Amazon order has been cancelled" or "Paypal login failed" that seem to originate from amazon.com or paypal.com respectively. It's VERY simple to spoof a from email address.

Well the mail looked like this: (not my actual email)

Quote

https://es.emailfake.com/fastemails.us/hans.grtzwurst/1c23403cacf931b0352af78cc15bac24

 

In my email hans.grtzwurst@fastemails.us is replaced with my e-mail.

And Dresden, Germany is replaced with kharkiv, Ukraine.

[Lurick]

Just now, Minorika said:

Well the mail looked like this: (not my actual email)

 

In my email hans.grtzwurst@fastemails.us is replaced with my e-mail.

And Dresden, Germany is replaced with kharkiv, Ukraine.

Very easy to spoof an email address and take a target email and weave it into an automated message to make it look like a legit link.

Delete the email, log into LogMeIn directly, and check activity that way.

[Minorika]

Just now, Lurick said:

Very easy to spoof an email address and take a target email and weave it into an automated message to make it look like a legit link.

Delete the email, log into LogMeIn directly, and check activity that way.

ok will do

[Minorika]

Where can i see login activity on my logmein account? (teamviewer)

[Minorika]

ok i checked now and there was an actual login from Kharkiv, Ukraine.

what do i do since they know what my e-mail address is?

[demonix00]

Since the attempt to log in failed, it's highly likely that whomever tried to log in didn't know your password or was trying to brute force their way in and failed so there isn't anything you need to do (or if the failure was because logmein blocked it because it came from an unrecognised IP address, you should change the password and that for any accounts that share it if you was stupid enough to do that).

[Minorika]

3 minutes ago, demonix00 said:

Since the attempt to log in failed, it's highly likely that whomever tried to log in didn't know your password or was trying to brute force their way in and failed so there isn't anything you need to do (or if the failure was because logmein blocked it because it came from an unrecognised IP address, you should change the password and that for any accounts that share it if you was stupid enough to do that).

The login failed because of a wrong password, which i then changed and activated two way authentication.

And my Account isn´t shared.

[demonix00]

2 minutes ago, Minorika said:

The login failed because of a wrong password, which i then changed and activated two way authentication.

And my Account isn´t shared.

In that case, you didn't need to do anything but you've now got a second line of defence with 2FA enabled so if they do manage to get through the password, they'll still not be able to gain access.

[Minorika]

Just now, demonix00 said:

In that case, you didn't need to do anything but you've now got a second line of defence with 2FA enabled so if they do manage to get through the password, they'll still not be able to gain access.

ok thanks

Is there anything else i should do?

Like research who it was trough their ip address?

[Lurick]

12 hours ago, Minorika said:

ok thanks

Is there anything else i should do?

Like research who it was trough their ip address?

Nah, just make sure if the same email is tied to other important accounts that they are secure as well.

IP address spoofing and VPNs make it worthless to gather any useful information.