Sign in to follow this  
Followers 0
SteveO123

Email sent to incorrect domain name

4 posts in this topic

Hello,

Another newbie question, hopefully someone will be able to assist. My girlfriend recently sent out an email with some sensitive information to my gmail address (employment information, not boobies pics so don't ask me to forward it along) , however she accidentally sent it to gmal.com. The email has not been returned undeliverable from the gmal.com SMTP server. I did a WHOIS on the domain and its with a squatter company out of Hong Kong (is there a better term for sites that are based on domain misspellings?). My question is how likely this information can be used for malicious uses by the mail server administrator at gmal.com. The attached documents contained employment information such as resumes, company email addresses, phone number's etc but nothing too sensitive such as SSN's or anything. Any advice will be appreciated, thanks everyone!

603SteveO

0

Share this post


Link to post
Share on other sites

Basically, the email can be sitting right there for them to find on that site (gmal.com) so the fact of the matter is "yes" it can easily be seen and therefore used for any purposes.

The way MOST mail servers that I have worked with are set up, however, is that they discard all excess or undeliverable messages to bad addresses. This is much less strain on the server to attempt to send responses/replies of "undeliverable" back to every single piece of random SPAM that is floating out there, so most places no longer bother to reply about "undeliverable" mail. Most normal sites will simple discard/blackhole it and it will never be seen.

HOWEVER, that being said, this particular site is obviously an INTENTIONAL play off of gmail so their actual GOAL may be to intercept messages for this type of data. Depending on what the information was, I would take minor corrective actions myself if it were me (cancel credit card if necessary, etc...). I wouldn't bother changing phone numbers or email addresses until something happened to confirm that the information was, in fact, compromised.

0

Share this post


Link to post
Share on other sites

Thank you very much for your reply, it makes a lot of sense these days that servers would not waste resources sending back undeliverable messages due to massive amount of spam. Luckily, all the information attached was limited only name, phone number and email address. I suppose the worst that could happen in that case is an increase in spamming. My hope, however, is sites like this don't maliciously use the misspelling of gmail in order to intercept communications and rather just serve to offer useless advertisements to those looking to check in on their inbox.

0

Share this post


Link to post
Share on other sites
My hope, however, is sites like this don't maliciously use the misspelling of gmail in order to intercept communications and rather just serve to offer useless advertisements to those looking to check in on their inbox.

They're opportunists, obviously. If they aren't logging communications in order to find information they could profit off of, then it's simply because the idea hasn't occurred to them yet. It may be the mindset of what I do creeping in, but that's the first thing I think of when I think of someone having a domain name like gmal.com .

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0