[corobo]

> The scammer has already accessed your account because you fell for a phishing scam

> It's not your fault that they paid the wrong person.

How is this not the OP's fault? It's absolutely their fault - the fault that lead to their email being compromised

[ndespres]

I stated in the next paragraph that the situation could just as easily be reversed. We do not have any way to know in this situation whose mailbox was accessed, the OP, or their client.

[joezydeco]

Seems more likely it was the client. If the OP was hacked, the thief could have sent a completely legit email with correct headers and etc.

[PhasmaFelis]

If OP's mail was hacked, the attacker wouldn't have needed to use a confusingly-similar email address ("abicde@mydomain.com" instead of "abcde@mydomain.com"). They could have used OP's actual address.

[ndespres]

Good theory but not necessarily true. The attacker might still wish to use a spoofed domain to ensure that they get delivery of all replies.

In cases where Gmail and Office 365 accounts get hacked like this, the attacker will enable email forwarding to an address they can monitor for replies, and delete replies from the clients so that the compromised person does not see them. I am not sure if you can do this easily with a godaddy mailbox.

[corobo]

Did you edit it in? Either that paragraph was not there when I replied or I'm losing my ability to read

[dkersten]

You don’t know t was the OP’s email that was compromised. It could have been the clients or something else entirely.

[corobo]

Fair point that. I'd not considered all the possibilities