Gmail messages coming from myself, but not from me...

[jnelsoninjax]

Just today I have received about 4 or 5 messages in my primary gmail account all from myself, but when I look at the headers the messages are coming via a server novabrasilfm.com.br

I have TFA on my account and I have not had anything come up, except my own logging in from my cell phone, so I am wondering what if anything I should do?

[mkol]

Change your password your account might have been compromised.

[jnelsoninjax]

8 minutes ago, mkol said:

Change your password your account might have been compromised.

Just checked all the logins from the last 28 days and it is all from me, and like I said, I have two factor authorization enabled, partly to keep my ex-wife out of my email!

[TAZMINATOR]

8 minutes ago, jnelsoninjax said:

Just today I have received about 4 or 5 messages in my primary gmail account all from myself, but when I look at the headers the messages are coming via a server novabrasilfm.com.br

I have TFA on my account and I have not had anything come up, except my own logging in from my cell phone, so I am wondering what if anything I should do?

Don't worry about it. They do all the time.. It's spam. They are trying to get your attention.

 

5 minutes ago, mkol said:

Change your password your account might have been compromised.

That's good tip but doesn't work that way because some people can send email and they use your email address in 'From' field. But after the email is sent,  The header will use person's email or message ID or IP address. 

 

If it happens again, just add the address or IP address to the filter so they will be deleted as soon as they are arrived to your inbox. Or you can use any keyword from the subject line or body to filter it out.

[xendrome]

They are just spoofing the from e-mail, delete/spam them.

[jnelsoninjax]

1 minute ago, TAZMINATOR said:

Don't worry about it. They do all the time.. It's spam. They are trying to get your attention.

 

That's good tip but doesn't work that way because some people can send email and they use your email address in 'From' field. But after the email is sent,  The header will use person's email or message ID or IP address. 

 

If it happens again, just add the address or IP address to the filter so they will be deleted as soon as they are arrived to your inbox. Or you can use any keyword from the subject line or body to filter it out.

Alright, I was kind of thinking along that same line, so I'll just spam the IP address, problem solved!

[oldtimefighter]

I think the owner of the server at novabrasilfm.com.br (which appears to be a legit FM station in Brazil) should have more worries then you. Any of your contacts get this spam from "you"? If not, I wouldn't worry about it.

 

18 minutes ago, mkol said:

Change your password your account might have been compromised.

The OP already said has TFA on his account so I don't think changing his password will have much effect (not a bad idea if the OP is really worried).

 

EDITED

[BinaryData]

3 minutes ago, oldtimefighter said:

I think the owner of the sever at novabrasilfm.com.br (which appears to be a legit FM station in Brazil) should have more worries then you. Any of your contacts get this spam from "you"? If not, I wouldn't worry about it.

 

The OP already said has TFA on his account so I don't think changing his password will have much effect (not a bad idea if the OP is really worried).

And TFA hasn't ever been broken before? *looks suspiciously at PayPal...* 

[oldtimefighter]

1 minute ago, BinaryData said:

And TFA hasn't ever been broken before? *looks suspiciously at PayPal...* 

This is NOT PayPal and the OP did say the logs showed his logons so how it could only work properly for his logons I wouldn't know. I did say the OP can change his password if he is really worried but it doesn't look like an issue with his account but just spoofed spam.

[sc302 Veteran]

bah...just spoofed.  nothing you can do. 

 

nothing is compromised.  other than mkol's account for suggesting it is .  It is just going to happen again, and again nothing you can do about it.  You did the best you could by looking at the headers and confirming, the next best thing would be to mark it as spam.  It happens even with the best spam filters.

[BinaryData]

1 hour ago, oldtimefighter said:

This is NOT PayPal and the OP did say the logs showed his logons so how it could only work properly for his logons I wouldn't know. I did say the OP can change his password if he is really worried but it doesn't look like an issue with his account but just spoofed spam.

You completely missed it. 2FA has been broken before, and I used PayPal as an example. 

 

OP: I'm not sure how the hell this got through the Google Spam Filters. I don't get crap like this in my primary box. Might want to double check your settings, and look into it more.

[xendrome]

4 minutes ago, BinaryData said:

You completely missed it. 2FA has been broken before, and I used PayPal as an example. 

 

OP: I'm not sure how the hell this got through the Google Spam Filters. I don't get crap like this in my primary box. Might want to double check your settings, and look into it more.

Any links to PayPal 2FA being broken in the past, I can't find anything.

[sc302 Veteran]

19 minutes ago, BinaryData said:

 

 

OP: I'm not sure how the hell this got through the Google Spam Filters. I don't get crap like this in my primary box. Might want to double check your settings, and look into it more.

They can tighten up security, but then you can't use mail clients to be able to login and compose emails utilizing pop or imap.  So who do they want to upset the least?  Inconvenience users with the occasional spam that comes through or inconvenience users who use desktop mail clients?  I would take the spam in their case, in my case I don't have pop or imap enabled so I can deny the ability to spoof on my mail filter. 

[Circaflex]

14 minutes ago, xendrome said:

Any links to PayPal 2FA being broken in the past, I can't find anything.

http://henryhoggard.co.uk/blog/Paypal-2FA-Bypass

 

it started in 3/2016, but it seems paypal has fixed the 2fa bug and paid a bounty to the security researcher

[sc302 Veteran]

7 minutes ago, Circaflex said:

http://henryhoggard.co.uk/blog/Paypal-2FA-Bypass

 

it started in 3/2016, but it seems paypal has fixed the 2fa bug and paid a bounty to the security researcher

day month year is the format of the timeline....european ridiculousness....started in the beginning of october.   The give away is 21/10/16....there aren't 21 months in the year.  We go by month/day/year..I believe that is because we used to depict months as the actual names or abbreviation to the names.  They go from what changes the most to what changes the least...the day changes more than the month and the month changes more than the year...they would probably write out seconds,minutes, hours in the same way and screw everything up and the rest of us would have no clue as to what happened when.  standards people, standards...pick one and stay with it, don't change things because you want to and not let the rest of the world have a say in it.  It really messes the rest of us up until we catch up, then you decide to change it again.  Can't we all stay on the same page?  I really wouldn't care either metric or SAE...just pick one and move on...why must there be a fight about it...and why on gods green earth is there a mix on some products?

[Circaflex]

24 minutes ago, sc302 said:

day month year is the format of the timeline....european ridiculousness....started in the beginning of october.   The give away is 21/10/16....there aren't 21 months in the year.  We go by month/day/year..I believe that is because we used to depict months as the actual names or abbreviation to the names.  They go from what changes the most to what changes the least...the day changes more than the month and the month changes more than the year...they would probably write out seconds,minutes, hours in the same way and screw everything up and the rest of us would have no clue as to what happened when.  standards people, standards...pick one and stay with it, don't change things because you want to and not let the rest of the world have a say in it.  It really messes the rest of us up until we catch up, then you decide to change it again.  Can't we all stay on the same page?  I really wouldn't care either metric or SAE...just pick one and move on...why must there be a fight about it...and why on gods green earth is there a mix on some products?

haha good catch, i thought something was fishy that it would take that many months for it to be closed haha, my bad I shouldve read into it some more rather than skimming over.