Re: User mailbox hacked?

  • From: Danny <nocmonkey@xxxxxxxxx>
  • To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
  • Date: Tue, 7 Jun 2005 18:46:39 -0400

On 6/6/05, J Daniel <jjdaniel@xxxxxxx> wrote:
> I have a user who is reporting that the e-mail messages in their inbox are
> being read by someone. Anytime they attempt to connect via Outlook (MAPI,
> cached, logging enabled) they report that all of their new messages that
> they have received appear to have been read.

What type of Exchange protocol access has been granted to the user? 
Just MAPI, or POP3, OWA, etc?
> My question..Has their mailbox been hacked? I have had them change their
> password but they still are having the problem.  Could it be some type of
> key logger on their machine or could it be something else?  Any help would
> be most appreciated.

Version of Outlook and Exchange?

If a complex password has been implemented, and it is thought that
email items are still being read by an *unauthorized* person, then
this person has somehow obtained the password or has been granted
mailbox rights through Exchange/Active Directory.


Other related posts: