{"id":1076,"date":"2021-01-25T11:21:20","date_gmt":"2021-01-25T10:21:20","guid":{"rendered":"https:\/\/dotinum.com\/blog\/?p=1076"},"modified":"2025-09-19T13:33:04","modified_gmt":"2025-09-19T11:33:04","slug":"break-in-into-an-email-box-and-ransom-what-to-do","status":"publish","type":"post","link":"https:\/\/dotinum.com\/blog\/break-in-into-an-email-box-and-ransom-what-to-do\/","title":{"rendered":"Break-in into an email box and ransom \u2013 what to do?"},"content":{"rendered":"\n<p style=\"text-align: center;\"><em><strong>TL;DR<\/strong> This article explains how to recognize and handle fraudulent emails claiming that your account has been hacked and that you must pay ransom. In most cases, these messages are not real hacks but <strong data-start=\"208\" data-end=\"229\">spoofing attempts<\/strong>\u2014the scammer only fakes the sender\u2019s address. The guide shows how to check message headers in Gmail, Thunderbird, and Outlook to identify the true sender and verify whether the email came from your server. It also provides tips on using tools like <a class=\"decorated-link\" href=\"https:\/\/ripe.net\" target=\"_new\" rel=\"noopener\" data-start=\"477\" data-end=\"505\">RIPE.net<\/a><\/em><\/p>\n<p>\u00a0<\/p>\n\n\n\n<nav aria-label=\"Table of Contents\" class=\"wp-block-table-of-contents\"><ol><li><a class=\"wp-block-table-of-contents__entry\" href=\"https:\/\/dotinum.com\/blog\/break-in-into-an-email-box-and-ransom-what-to-do\/#is-it-possible-that-a-hacker-broke-in-into-my-email-box-and-send-me-an-e-mail\">Is it possible that a hacker broke-in into my email box and send me an e-mail?<\/a><\/li><li><a class=\"wp-block-table-of-contents__entry\" href=\"https:\/\/dotinum.com\/blog\/break-in-into-an-email-box-and-ransom-what-to-do\/#how-to-check-the-headers-of-messages\">How to check the headers of messages?<\/a><ol><li><a class=\"wp-block-table-of-contents__entry\" href=\"https:\/\/dotinum.com\/blog\/break-in-into-an-email-box-and-ransom-what-to-do\/#gmail\">Gmail<\/a><\/li><li><a class=\"wp-block-table-of-contents__entry\" href=\"https:\/\/dotinum.com\/blog\/break-in-into-an-email-box-and-ransom-what-to-do\/#thunderbird\">Thunderbird<\/a><\/li><li><a class=\"wp-block-table-of-contents__entry\" href=\"https:\/\/dotinum.com\/blog\/break-in-into-an-email-box-and-ransom-what-to-do\/#outlook\">Outlook<\/a><\/li><li><a class=\"wp-block-table-of-contents__entry\" href=\"https:\/\/dotinum.com\/blog\/break-in-into-an-email-box-and-ransom-what-to-do\/#fake-e-mails\">Fake e-mails<\/a><\/li><\/ol><\/li><li><a class=\"wp-block-table-of-contents__entry\" href=\"https:\/\/dotinum.com\/blog\/break-in-into-an-email-box-and-ransom-what-to-do\/#break-in-on-the-mailbox-summary\">&#8220;Break-in&#8221; on the mailbox &#8211; summary<\/a><\/li><li><a class=\"wp-block-table-of-contents__entry\" href=\"https:\/\/dotinum.com\/blog\/break-in-into-an-email-box-and-ransom-what-to-do\/#faq\">FAQ<\/a><ol><li><a class=\"wp-block-table-of-contents__entry\" href=\"https:\/\/dotinum.com\/blog\/break-in-into-an-email-box-and-ransom-what-to-do\/#what-is-spoofing\">What is spoofing?<\/a><\/li><li><a class=\"wp-block-table-of-contents__entry\" href=\"https:\/\/dotinum.com\/blog\/break-in-into-an-email-box-and-ransom-what-to-do\/#how-can-i-check-who-really-sent-the-email\">How can I check who really sent the email?<\/a><\/li><li><a class=\"wp-block-table-of-contents__entry\" href=\"https:\/\/dotinum.com\/blog\/break-in-into-an-email-box-and-ransom-what-to-do\/#where-do-i-find-headers-in-gmail-thunderbird-and-outlook\">Where do I find headers in Gmail, Thunderbird, and Outlook?<\/a><\/li><li><a class=\"wp-block-table-of-contents__entry\" href=\"https:\/\/dotinum.com\/blog\/break-in-into-an-email-box-and-ransom-what-to-do\/#what-if-the-hacker-actually-has-my-password\">What if the hacker actually has my password?<\/a><\/li><\/ol><\/li><\/ol><\/nav>\n\n\n\n<p class=\"wp-block-paragraph\"><span data-preserver-spaces=\"true\">Did you receive an e-mail with information that your account has been hacked? The hacker threatens to reveal embarrassing recordings from the webcam of your computer, on which you watch pornography? Is he demanding a ransom for \u201ckeeping a secret\u201d and not sending the videos to your colleagues? Most likely you have fallen victim to fraud, therefore,&nbsp;&nbsp;<\/span><strong><span data-preserver-spaces=\"true\">don\u2019t fulfill the demands and don\u2019t send money \u2013 at first, check who is the actual sender of the email.&nbsp;<\/span><\/strong><span data-preserver-spaces=\"true\">The below tips will help you.<\/span><a class=\"editor-rtfLink\" href=\"https:\/\/blog.mserwis.pl\/wp-content\/uploads\/2019\/03\/w%C5%82amanie-do-konta.png\" target=\"_blank\" rel=\"noopener\"><span data-preserver-spaces=\"true\"><\/span><\/a><\/p>\n\n\n\n<!--more-->\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"640\" height=\"685\" src=\"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/break-in.jpg\" alt=\"screenshot  of message from hacker\" class=\"wp-image-1077\" srcset=\"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/break-in.jpg 640w, https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/break-in-280x300.jpg 280w, https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/break-in-336x360.jpg 336w\" sizes=\"auto, (max-width: 640px) 100vw, 640px\" \/><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\"><span data-preserver-spaces=\"true\">With such e-mails, the scammers try to extort data or money.<\/span><\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"is-it-possible-that-a-hacker-broke-in-into-my-email-box-and-send-me-an-e-mail\"><strong><span data-preserver-spaces=\"true\">Is it possible that a hacker broke-in into my email box and send me an e-mail?<\/span><\/strong><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span data-preserver-spaces=\"true\">\u201c<\/span><strong><span data-preserver-spaces=\"true\">A hacker\u201d, who rather should be referred to as a scammer, didn\u2019t hack your account, but only faked the sender\u2019s address.<\/span><\/strong><span data-preserver-spaces=\"true\">&nbsp;The tools allowing to change the sender are available on the Internet for free. In such a case, the scammer only needs to know your e-mail and very often it is available to the public. Spammers take advantage of this scam to extort confidential data or, as in that case, money. Such fraud is called&nbsp;<\/span><strong><span data-preserver-spaces=\"true\">spoofing.<\/span><\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span data-preserver-spaces=\"true\">Can I check who the real sender of the email is?<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span data-preserver-spaces=\"true\">You can detect false e-mail by checking the&nbsp;<\/span><strong><span data-preserver-spaces=\"true\">headers of messages<\/span><\/strong><span data-preserver-spaces=\"true\">. The most important information is in the&nbsp;<\/span><strong><span data-preserver-spaces=\"true\">\u201cReceived\u201d<\/span><\/strong><span data-preserver-spaces=\"true\">&nbsp;section.<\/span><strong><span data-preserver-spaces=\"true\">&nbsp;<\/span><\/strong><span data-preserver-spaces=\"true\">It concerns the e-mail server from which the message was sent. If this is not the server responsible for handling e-mail on your domain, you are dealing with a scam.<\/span><\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"how-to-check-the-headers-of-messages\"><strong><span data-preserver-spaces=\"true\">How to check the headers of messages?<\/span><\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"gmail\"><span data-preserver-spaces=\"true\">Gmail<\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span data-preserver-spaces=\"true\">Open the message and click the button \u201cmore\u201d on the right side of a screen. Select &#8220;Show Original&#8221; from the menu that appears.<\/span><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1020\" height=\"355\" src=\"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/gmail.jpg\" alt=\"screenshot of gmail account\" class=\"wp-image-1078\" srcset=\"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/gmail.jpg 1020w, https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/gmail-300x104.jpg 300w, https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/gmail-768x267.jpg 768w, https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/gmail-640x223.jpg 640w\" sizes=\"auto, (max-width: 1020px) 100vw, 1020px\" \/><figcaption class=\"wp-element-caption\">Where to check the header of messages in Gmail?<\/figcaption><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\"><span data-preserver-spaces=\"true\"><span data-preserver-spaces=\"true\">The header will be displayed in a new window.<\/span><\/span><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"958\" height=\"656\" src=\"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/headers.jpg\" alt=\"headers\" class=\"wp-image-1079\" srcset=\"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/headers.jpg 958w, https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/headers-300x205.jpg 300w, https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/headers-768x526.jpg 768w, https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/headers-526x360.jpg 526w\" sizes=\"auto, (max-width: 958px) 100vw, 958px\" \/><figcaption class=\"wp-element-caption\">The example of headers sent by a trusted sender.<\/figcaption><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"thunderbird\"><span data-preserver-spaces=\"true\">Thunderbird<\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span data-preserver-spaces=\"true\">Open the message and click the button \u201cOther\u201d on the right side. Select &#8220;View Source&#8221; from the drop-down list.<\/span><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"142\" src=\"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/thunderbird-1024x142.jpg\" alt=\"screen from thunderbird\" class=\"wp-image-1081\" srcset=\"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/thunderbird-1024x142.jpg 1024w, https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/thunderbird-300x42.jpg 300w, https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/thunderbird-768x107.jpg 768w, https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/thunderbird-640x89.jpg 640w, https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/thunderbird.jpg 1029w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\">&nbsp;Where to check the headers of messages in Thunderbird?<\/figcaption><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\"><span data-preserver-spaces=\"true\">The header will be displayed in a new window.<\/span><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"796\" height=\"701\" src=\"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/thunderbird-screen.jpg\" alt=\"thunderbird screen\" class=\"wp-image-1082\" srcset=\"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/thunderbird-screen.jpg 796w, https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/thunderbird-screen-300x264.jpg 300w, https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/thunderbird-screen-768x676.jpg 768w, https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/thunderbird-screen-409x360.jpg 409w\" sizes=\"auto, (max-width: 796px) 100vw, 796px\" \/><figcaption class=\"wp-element-caption\"><a href=\"https:\/\/blog.mserwis.pl\/wp-content\/uploads\/2019\/03\/thunderbird-1.png\" target=\"_blank\" rel=\"noreferrer noopener\"><\/a>The example of headers sent by a trusted sender.<\/figcaption><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"outlook\"><span data-preserver-spaces=\"true\">Outlook<\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span data-preserver-spaces=\"true\">Open up a message. Click on &#8220;File&#8221; in the top menu, then select &#8220;Properties&#8221;.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a class=\"editor-rtfLink\" href=\"https:\/\/blog.mserwis.pl\/wp-content\/uploads\/2019\/03\/OUTLOOK_2019-03-27_10-13-21.png\" target=\"_blank\" rel=\"noopener\"><span data-preserver-spaces=\"true\"><\/a><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1018\" height=\"639\" src=\"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/outlook.jpg\" alt=\"\" class=\"wp-image-1083\" srcset=\"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/outlook.jpg 1018w, https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/outlook-300x188.jpg 300w, https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/outlook-768x482.jpg 768w, https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/outlook-574x360.jpg 574w\" sizes=\"auto, (max-width: 1018px) 100vw, 1018px\" \/><figcaption class=\"wp-element-caption\">Where to check the headers of messages in Outlook?<\/figcaption><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\"><span data-preserver-spaces=\"true\">The header will be displayed in a new window, at the bottom of a page.<\/span><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"642\" height=\"551\" src=\"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/outlook-screen.jpg\" alt=\"\" class=\"wp-image-1084\" srcset=\"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/outlook-screen.jpg 642w, https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/outlook-screen-300x257.jpg 300w, https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/outlook-screen-419x360.jpg 419w\" sizes=\"auto, (max-width: 642px) 100vw, 642px\" \/><figcaption class=\"wp-element-caption\">The example of headers sent by a trusted sender.<\/figcaption><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"fake-e-mails\"><strong><span data-preserver-spaces=\"true\">Fake e-mails<\/span><\/strong><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span data-preserver-spaces=\"true\">All the examples so far have shown the headers of e-mails sent by real and trusted senders. What do the headers of messages from a scammer look like?<\/span><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"647\" height=\"220\" src=\"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/fake-emails.jpg\" alt=\"\" class=\"wp-image-1085\" srcset=\"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/fake-emails.jpg 647w, https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/fake-emails-300x102.jpg 300w, https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/fake-emails-640x218.jpg 640w\" sizes=\"auto, (max-width: 647px) 100vw, 647px\" \/><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\"><span data-preserver-spaces=\"true\">The e-mail wasn\u2019t sent by the email server but by the other one \u2013 from Russia. The message is from a scammer.<\/span><\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"break-in-on-the-mailbox-summary\"><strong><span data-preserver-spaces=\"true\">&#8220;Break-in&#8221; on the mailbox &#8211; summary<\/span><\/strong><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span data-preserver-spaces=\"true\">Spoofing is one of the most popular scams which happen in e-mails. The scammer supposedly sends a message from your e-mail address to your inbox, because of that you may think that he hacked your account. In fact, he sends an email from a completely different server and doesn\u2019t have access to your email. For such a scam just an e-mail address is needed, that\u2019s why it is so popular.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span data-preserver-spaces=\"true\">You can check which server sent the message. You will do it in the message headers. The key header is \u201creceived\u201d \u2013 there is information about the server from which the sender sent the e-mail. If this is not the server responsible for handling e-mail on your domain, you are dealing with a scam. Now you can safely delete the message.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span data-preserver-spaces=\"true\">The following website&nbsp;<\/span><a class=\"editor-rtfLink\" href=\"https:\/\/ripe.net\/\" target=\"_blank\" rel=\"noopener\"><u><span data-preserver-spaces=\"true\">&nbsp;https:\/\/ripe.net<\/span><\/u><\/a><span data-preserver-spaces=\"true\"> can help with the identification of a sender, this website allows to search the worldwide databases of IP addresses. The server\u2019s IP address is one of the elements of a header analyzed above.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span data-preserver-spaces=\"true\">After entering the website, type in the top left corner e.g. 193.17.41.99, and click on a search symbol. Additionally, you can choose to search in all available databases (Search resource objects in all available databases).<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span data-preserver-spaces=\"true\">In the netname box, the name of the company which uses or shares a given internet connection (e.g. O2-NET), country symbol, and other additional data will be visible. One should remember that legally operating e-mail server operators don\u2019t have any reason to hide their data in such databases, thus we can easily identify the e-mail of a sender and legally operating a server of the e-mail account administrator. This will allow us to check whether the mail was sent from our e-mail server.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span data-preserver-spaces=\"true\">This can only happen when we use the same e-mail password for different places on the web (e.g. different online stores). The password together with an e-mail may trickle out, for example, from a poorly protected online store.<\/span>\u00a0<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"faq\">FAQ<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"what-is-spoofing\">What is spoofing?<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">It\u2019s a technique where scammers fake the \u201cFrom\u201d field in an email, making it look like the message comes from your address.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"how-can-i-check-who-really-sent-the-email\">How can I check who really sent the email?<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">By examining the email headers, especially the \u201cReceived\u201d field, which shows the server the message was sent from.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"where-do-i-find-headers-in-gmail-thunderbird-and-outlook\">Where do I find headers in Gmail, Thunderbird, and Outlook?<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Gmail<\/strong>: Open the message \u2192 click \u201cMore\u201d \u2192 \u201cShow original.\u201d<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Thunderbird<\/strong>: Open the message \u2192 \u201cOther\u201d \u2192 \u201cView Source.\u201d<\/p>\n\n\n\n<p><strong>Outlook<\/strong>: Open the message \u2192 \u201cFile\u201d \u2192 \u201cProperties.\u201d<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"what-if-the-hacker-actually-has-my-password\">What if the hacker actually has my password?<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">This can only happen if your password leaked from another site. Always use unique, strong passwords and enable two-factor authentication.<\/p>\n\n\n\n<h1 class=\"wp-block-heading\"><span data-preserver-spaces=\"true\">&nbsp;<\/span><\/h1>\n","protected":false},"excerpt":{"rendered":"<p>TL;DR This article explains how to recognize and handle fraudulent emails claiming that your account has been hacked and that you must pay ransom. In most cases, these messages are not real hacks but spoofing attempts\u2014the scammer only fakes the sender\u2019s address. The guide shows how to check message headers in Gmail, Thunderbird, and Outlook [&hellip;]<\/p>\n","protected":false},"author":7,"featured_media":1086,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_crdt_document":"","footnotes":""},"categories":[132],"tags":[85,87,84,88],"class_list":["post-1076","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-break-in","tag-email-box","tag-hacker","tag-headers-of-messages"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Break-in into an email box and ransom \u2013 what to do? - Blog Dotinum.com<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/dotinum.com\/blog\/break-in-into-an-email-box-and-ransom-what-to-do\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Break-in into an email box and ransom \u2013 what to do? - Blog Dotinum.com\" \/>\n<meta property=\"og:description\" content=\"TL;DR This article explains how to recognize and handle fraudulent emails claiming that your account has been hacked and that you must pay ransom. In most cases, these messages are not real hacks but spoofing attempts\u2014the scammer only fakes the sender\u2019s address. The guide shows how to check message headers in Gmail, Thunderbird, and Outlook [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/dotinum.com\/blog\/break-in-into-an-email-box-and-ransom-what-to-do\/\" \/>\n<meta property=\"og:site_name\" content=\"Blog Dotinum.com\" \/>\n<meta property=\"article:published_time\" content=\"2021-01-25T10:21:20+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-09-19T11:33:04+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/hacker.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"950\" \/>\n\t<meta property=\"og:image:height\" content=\"640\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Agnieszka Pawlak\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Agnieszka Pawlak\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Break-in into an email box and ransom \u2013 what to do? - Blog Dotinum.com","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/dotinum.com\/blog\/break-in-into-an-email-box-and-ransom-what-to-do\/","og_locale":"en_US","og_type":"article","og_title":"Break-in into an email box and ransom \u2013 what to do? - Blog Dotinum.com","og_description":"TL;DR This article explains how to recognize and handle fraudulent emails claiming that your account has been hacked and that you must pay ransom. In most cases, these messages are not real hacks but spoofing attempts\u2014the scammer only fakes the sender\u2019s address. The guide shows how to check message headers in Gmail, Thunderbird, and Outlook [&hellip;]","og_url":"https:\/\/dotinum.com\/blog\/break-in-into-an-email-box-and-ransom-what-to-do\/","og_site_name":"Blog Dotinum.com","article_published_time":"2021-01-25T10:21:20+00:00","article_modified_time":"2025-09-19T11:33:04+00:00","og_image":[{"width":950,"height":640,"url":"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/hacker.jpg","type":"image\/jpeg"}],"author":"Agnieszka Pawlak","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Agnieszka Pawlak","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/dotinum.com\/blog\/break-in-into-an-email-box-and-ransom-what-to-do\/#article","isPartOf":{"@id":"https:\/\/dotinum.com\/blog\/break-in-into-an-email-box-and-ransom-what-to-do\/"},"author":{"name":"Agnieszka Pawlak","@id":"https:\/\/dotinum.com\/blog\/#\/schema\/person\/b6f597e8623959d03aefc9644bae8a43"},"headline":"Break-in into an email box and ransom \u2013 what to do?","datePublished":"2021-01-25T10:21:20+00:00","dateModified":"2025-09-19T11:33:04+00:00","mainEntityOfPage":{"@id":"https:\/\/dotinum.com\/blog\/break-in-into-an-email-box-and-ransom-what-to-do\/"},"wordCount":1077,"commentCount":0,"publisher":{"@id":"https:\/\/dotinum.com\/blog\/#organization"},"image":{"@id":"https:\/\/dotinum.com\/blog\/break-in-into-an-email-box-and-ransom-what-to-do\/#primaryimage"},"thumbnailUrl":"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/hacker.jpg","keywords":["break-in","email-box","hacker","headers of messages"],"articleSection":["security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/dotinum.com\/blog\/break-in-into-an-email-box-and-ransom-what-to-do\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/dotinum.com\/blog\/break-in-into-an-email-box-and-ransom-what-to-do\/","url":"https:\/\/dotinum.com\/blog\/break-in-into-an-email-box-and-ransom-what-to-do\/","name":"Break-in into an email box and ransom \u2013 what to do? - Blog Dotinum.com","isPartOf":{"@id":"https:\/\/dotinum.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/dotinum.com\/blog\/break-in-into-an-email-box-and-ransom-what-to-do\/#primaryimage"},"image":{"@id":"https:\/\/dotinum.com\/blog\/break-in-into-an-email-box-and-ransom-what-to-do\/#primaryimage"},"thumbnailUrl":"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/hacker.jpg","datePublished":"2021-01-25T10:21:20+00:00","dateModified":"2025-09-19T11:33:04+00:00","breadcrumb":{"@id":"https:\/\/dotinum.com\/blog\/break-in-into-an-email-box-and-ransom-what-to-do\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/dotinum.com\/blog\/break-in-into-an-email-box-and-ransom-what-to-do\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/dotinum.com\/blog\/break-in-into-an-email-box-and-ransom-what-to-do\/#primaryimage","url":"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/hacker.jpg","contentUrl":"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/01\/hacker.jpg","width":950,"height":640},{"@type":"BreadcrumbList","@id":"https:\/\/dotinum.com\/blog\/break-in-into-an-email-box-and-ransom-what-to-do\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/dotinum.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Break-in into an email box and ransom \u2013 what to do?"}]},{"@type":"WebSite","@id":"https:\/\/dotinum.com\/blog\/#website","url":"https:\/\/dotinum.com\/blog\/","name":"Blog Dotinum.com","description":"Software house from Wroclaw, Poland with proven experience (since 2002) is open to work with more international customers. Learn about how we can help grow your online business.","publisher":{"@id":"https:\/\/dotinum.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/dotinum.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/dotinum.com\/blog\/#organization","name":"Blog Dotinum.com","url":"https:\/\/dotinum.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/dotinum.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2026\/04\/cropped-Projekt-bez-nazwy10.png","contentUrl":"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2026\/04\/cropped-Projekt-bez-nazwy10.png","width":250,"height":84,"caption":"Blog Dotinum.com"},"image":{"@id":"https:\/\/dotinum.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/dotinum.com\/blog\/#\/schema\/person\/b6f597e8623959d03aefc9644bae8a43","name":"Agnieszka Pawlak","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/5c8ab8e275fda9a05067c86ad1d766b9e3ef89ae02055ef6787d25309db6a02f?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/5c8ab8e275fda9a05067c86ad1d766b9e3ef89ae02055ef6787d25309db6a02f?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/5c8ab8e275fda9a05067c86ad1d766b9e3ef89ae02055ef6787d25309db6a02f?s=96&d=mm&r=g","caption":"Agnieszka Pawlak"},"description":"Marketing and graphic specialist in Dotinum. 5 years in marketing, over 10 in the graphic field. Outside Dotinum she curates content for 4 other brands. Loves games, reading, and baking.","url":"https:\/\/dotinum.com\/blog\/author\/agnieszka\/"}]}},"_links":{"self":[{"href":"https:\/\/dotinum.com\/blog\/wp-json\/wp\/v2\/posts\/1076","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dotinum.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dotinum.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dotinum.com\/blog\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/dotinum.com\/blog\/wp-json\/wp\/v2\/comments?post=1076"}],"version-history":[{"count":5,"href":"https:\/\/dotinum.com\/blog\/wp-json\/wp\/v2\/posts\/1076\/revisions"}],"predecessor-version":[{"id":1936,"href":"https:\/\/dotinum.com\/blog\/wp-json\/wp\/v2\/posts\/1076\/revisions\/1936"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/dotinum.com\/blog\/wp-json\/wp\/v2\/media\/1086"}],"wp:attachment":[{"href":"https:\/\/dotinum.com\/blog\/wp-json\/wp\/v2\/media?parent=1076"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dotinum.com\/blog\/wp-json\/wp\/v2\/categories?post=1076"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dotinum.com\/blog\/wp-json\/wp\/v2\/tags?post=1076"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}