Security News > 2021 > July > US email hacker gets his “computer trespass” conviction reversed
A couple of months after Y's departure, X received an email from another colleague, whom we shall call Z. and Z received a "Bounce" message from a external email address Q that Z hadn't copied in on the original email.
Smelling a rat, Z alerted Y to inform him about the mysterious "Q" in the email equation.
Back in 2013, presumably before his administrator privileges were revoked but after their falling-out, Y had modified X's email account settings so that a copy of all X's incoming email messages would be sent to the mysterious outside address, Q. Q, it transpired, was not only operated by Y but also had been "Routinely accessed from his cellphone."
As you probably know, abusing built-in mail forwarding rules in email systems is a common trick used by cybercrooks to keep tabs on what their victims are up to, especially in so-called Business Email Compromise scams.
Did Y's actions - siphoning off and looking at someone else's business email, even after his employment at that company had ended - really amount to obstruction, given that no emails were actually impeded?
That part of the Georgia computer crime statutes criminalises "Us[ing] a computer or computer network with the intention of examining any employment, medical, salary, credit, or any other financial or personal data relating to any other person with knowledge that such examination is without authority."
News URL
Related news
- Luna Moth extortion hackers pose as IT help desks to breach US firms (source)
- Hackers behind UK retail attacks now targeting US companies (source)
- Russian Hackers Exploit Email and VPN Vulnerabilities to Spy on Ukraine Aid Logistics (source)
- Chinese hackers breach US local governments using Cityworks zero-day (source)