Originally Posted by
krypton_john
Yes, but you can usually tell from the headers where it really came from. The reply-to on the email was back to Dennis' email address - I expect that the hacker has changed the password and now simply owns Dennis' email account.
Indeed.
They already have peoples details, it is a case of using it and accessing via stale passwords.
You can't be compromised by replying to an email.
In some cases a simple phishing email is used to have someone believe their account has been accessed, people get a fright and unknowingly enter their passwords and email on a fake site.
This is very common and email fraud has become rife.
victims are often older gentleman who aren't as tech savvy and are more likely to get flustered.
If you run your pointer over the web addresses in these mails you can see they are from suspect domains.