My email account has been hacked. How do I solve the problem?

Discussion in 'PC and I.T support/Advice posts' started by ringway, Dec 1, 2011.

  1. ringway

    ringway MB Club Veteran

    Messages:
    6,545
    Joined:
    Nov 29, 2008
    Location:
    In a World of My Own.
    Car:
    Audi A6 Avant 3.0 Bi TDI - A Fantastic Car! Range Rover Supercharged - Lovely! Also R32 & S4.
    I've recieved many spam emails from email contacts over the years, but now I'm the one sending out the "Buy Viagra" and "Stop Smoking" emails to people on my email list.

    Any ideas how I can get rid of this problem, please?


    TIA.


    Paul.
     
  2. Kingy68

    Kingy68 Hardcore MB Enthusiast

    Messages:
    213
    Joined:
    Sep 14, 2011
    Car:
    C220 Sport 125
    Change your password. Usually a good start and often sorts it.
     
    1 person likes this.
  3. Merc Owner 2B

    Merc Owner 2B Hardcore MB Enthusiast

    Messages:
    1,009
    Joined:
    Dec 3, 2009
    Location:
    Leicestershire
    Car:
    2012 ML250 Sport BlueTec
  4. Merc Owner 2B

    Merc Owner 2B Hardcore MB Enthusiast

    Messages:
    1,009
    Joined:
    Dec 3, 2009
    Location:
    Leicestershire
    Car:
    2012 ML250 Sport BlueTec

    Not in this case. Looks like he is sending the offending emails from within his system
     
    1 person likes this.
  5. grober

    grober MB Club Veteran

    Messages:
    26,875
    Joined:
    Jun 22, 2003
    Location:
    Perth, Scotland
    Car:
    W204 C200CDI Estate
    Change your mailer programme and use a different email address.
     
    1 person likes this.
  6. Spinal

    Spinal Hardcore MB Enthusiast

    Messages:
    4,793
    Joined:
    Sep 14, 2004
    Location:
    Uxbridge
    Car:
    Smart, S320 and C180 with 3-pointed stars amongst others
    Three options:
    - Your email account is compromised and they are using your account to send out information
    - The email "from" field is spoofed, and they aren't REALLY coming from you
    - Your machine has malware on it that is using your programs (outlook?) to send emails

    So question is, what email is it? Is it webmail (e.g. hotmail) or do you connect via outlook/outlook express?
    M.
     
    1 person likes this.
  7. OP
    OP
    ringway

    ringway MB Club Veteran

    Messages:
    6,545
    Joined:
    Nov 29, 2008
    Location:
    In a World of My Own.
    Car:
    Audi A6 Avant 3.0 Bi TDI - A Fantastic Car! Range Rover Supercharged - Lovely! Also R32 & S4.

    Hi Michele, it's Yahoo! Mail.

    I must say that most of the spam email I have recieved in the past has been from people with an AOL account. I did use AOL many years ago and although the account is not closed, I rarely access it, except to conduct test emails with Yahoo!
     
  8. BTB 500

    BTB 500 MB Club Veteran

    Messages:
    18,545
    Joined:
    Aug 7, 2005
    Location:
    Berkshire
    Car:
    R129 SL500, W639 Vito 120, S203 C230
    More likely the sender address is being spoofed then ... i.e. they aren't actually coming from you. As mentioned, change the password ASAP anyway (preferably to a 'strong' one containing at least numbers and letters).
     
    1 person likes this.
  9. Harrythedog

    Harrythedog Hardcore MB Enthusiast

    Messages:
    1,918
    Joined:
    May 8, 2011
    Location:
    Tynemouth
    Car:
    GLC 250 Sport Premium+
    They may possibly have just stolen your contacts list and using a spoof sender address. If you set up a false email address ie virus @ here.com in your contact list, then if you get a failed sender notice that'll mean the messages are being initiated from your computer.
     
    1 person likes this.
  10. BTB 500

    BTB 500 MB Club Veteran

    Messages:
    18,545
    Joined:
    Aug 7, 2005
    Location:
    Berkshire
    Car:
    R129 SL500, W639 Vito 120, S203 C230
    Check your 'Sent' and 'Trash' folders - if they are really being sent from your account there will probably be copies in there. This is unlikely with a web email client like Yahoo though ... most likely scenario IMHO is that they have got a Contacts list from someone you know who uses Outlook, and are sending to addresses in that - spoofing in your email address (picked at random from the Contacts list) as the 'sender'.
     
    1 person likes this.
  11. OP
    OP
    ringway

    ringway MB Club Veteran

    Messages:
    6,545
    Joined:
    Nov 29, 2008
    Location:
    In a World of My Own.
    Car:
    Audi A6 Avant 3.0 Bi TDI - A Fantastic Car! Range Rover Supercharged - Lovely! Also R32 & S4.


    Ah!

    None in sent folder.

    One in trash folder that I deleted yesterday.
     
  12. Benzowner

    Benzowner Hardcore MB Enthusiast

    Messages:
    2,599
    Joined:
    Jun 21, 2004
    Location:
    Bristol
    Car:
    Qashqai Acenta Premium 1.6Diesel
    The other thing you may experience is "Non delivered E Mails" from postmaster. Had the same probem a couple of years ago on Hotmail. changed my .com to a .co.uk, deleted my contacts list, changed my password and left the .com alone. It eventually cleared itself or they gave up and all is now ok. A tip regarding your password, if you are as forgetful as I am with passwords, use the same password as you have but change say an S for a 5, an o for an 0(zero) and maybe either start or finish the password with a capital. Makes a nice safe password or Pa55w0rd up
     
    1 person likes this.
  13. fatdazza

    fatdazza Hardcore MB Enthusiast

    Messages:
    438
    Joined:
    Feb 20, 2010
    Location:
    Cambridge
    Car:
    Vauxhall Chevette

    Wow, Viagra can stop you smoking? :D
     
    1 person likes this.
  14. OP
    OP
    ringway

    ringway MB Club Veteran

    Messages:
    6,545
    Joined:
    Nov 29, 2008
    Location:
    In a World of My Own.
    Car:
    Audi A6 Avant 3.0 Bi TDI - A Fantastic Car! Range Rover Supercharged - Lovely! Also R32 & S4.

    :p
     
  15. neilz

    neilz Hardcore MB Enthusiast

    Messages:
    1,534
    Joined:
    Nov 14, 2009
    Location:
    London
    Car:
    W140 S320L, 1997, Black with Black Bird's Eye Maple trim
    I don't agree with a few comments above. Done a hell of a lot of research into spams and scams (I actively combat fraud). Often the causes are:

    1) Malicious software from a dodgy site gets downloaded onto your PC (keylogging software) and your username and password are sent over to those responsible. They use bulk email software to send those emails by logging in with your details

    2) You knowingly download some free screensaver etc. software which comes with sendmail software which sends emails from your computer itself (much less common, though). But in this case the email address wouldn't be yours - it would be a spoofed one

    3) Your email address just happened to be a random one the emails were sent from BUT what is the chance a random letter and number combination by the spammers leads to your email address being randomly generated? Now what's the chance that you friends etc. happen to get the email (these emails are often sent to small-ish groups)?

    Now, the fact the emails are being sent to your contact list suggests (1) - your email account had to be compromised for them to have access to your contact list. The bulk email software they use tends to be illegal rather than the commercially available ones, there could be a lot of software involved or it could all be done manually in Microsoft Outlook with someone physically snooping around your inbox.

    Advice: Change your password and check the IP address of the most recent login (often displayed on the page when you've logged in at the bottom) then copy it into Whois - IP Address - Domain Name Lookup and see if it's even from your part of the world!

    If it's not your IP address, then it's probably the spammer's (unless you have given others access to your inbox). The WHOIS search above should give an email address to contact to report abuse - if you're sure the IP address belongs to the spammer then send an email to that address saying so
     
    1 person likes this.
  16. Spinal

    Spinal Hardcore MB Enthusiast

    Messages:
    4,793
    Joined:
    Sep 14, 2004
    Location:
    Uxbridge
    Car:
    Smart, S320 and C180 with 3-pointed stars amongst others
    Agree with everything but that...

    At our SOC, we see more and more spammers relying on chain-letter lists.

    So instead of mailing a database of a million email addresses from a single email (e.g. bob@spoofed.com), to evade larger tracking (e.g. our GIN, or global intelligence network) they will send them from multiple email addresses.

    Nothing new until here... but recently, instead of selling databases of "just" email addresses, they now have "referrer" addresses, so spammers will spoof the email to come from a "friend".

    This way, they have a higher probability of being read (and going through whitelists).

    The way they get the referrer address is by harvesting chain letters - there usually is a large list of valid addresses contained, as well as "trusted" referrers...

    So while you comment would be very valid normally, recently we've stopped giving that advice - his email doesn't HAVE to be compromised because your friends have spam from you.

    M.
     
    1 person likes this.
  17. neilz

    neilz Hardcore MB Enthusiast

    Messages:
    1,534
    Joined:
    Nov 14, 2009
    Location:
    London
    Car:
    W140 S320L, 1997, Black with Black Bird's Eye Maple trim
    I know, that's very recent, and a scammer I was 'baiting' accidentally sent me a scan of one such list (along with a host of his aliases in the cc line) and when I questioned him he said it was a mistake. It had groups with arrows etc. (handwritten!). So they can spoof addresses, I think you're right about that with the successful Russian Viagra spam (the businesses are ultimately owned by the Russian Business Network as they call themselves (Russian Mafia)), lower level 419 scammers just buy the email address lists. What you need to consider is how they would get hold of chain letters -who would forward one to a criminal?
     
    1 person likes this.
  18. trapperjohn

    trapperjohn MB Club Veteran

    Messages:
    7,316
    Joined:
    Nov 19, 2008
    Location:
    Lancashire
    Car:
    124 300D 24V Estate
    So some of the very good jokes I send out (which come to me by email) from a couple of buddies. Am I risking my buddies and recipients internet/email safety by doing this.
     
  19. Merc Owner 2B

    Merc Owner 2B Hardcore MB Enthusiast

    Messages:
    1,009
    Joined:
    Dec 3, 2009
    Location:
    Leicestershire
    Car:
    2012 ML250 Sport BlueTec
    Yes I believe you are. I always send mine out with all recipients in the BCC line so even they are unaware of each other.

    I'd be interested to hear from our more knowledgable colleagues here if I am avoiding the harvesters?
     
    1 person likes this.
  20. neilz

    neilz Hardcore MB Enthusiast

    Messages:
    1,534
    Joined:
    Nov 14, 2009
    Location:
    London
    Car:
    W140 S320L, 1997, Black with Black Bird's Eye Maple trim
    BCC seems to mean the email is sent out as if individually to each person, CC means it's sent out to everyone as one email. I may be wrong. But I think that's getting a bit paranoid - I send out emails to groups of people and know as a fact I don't send spam out to my contacts (I have work and private email addresses I copy my emails to so I can forward them later if I want without having to search for the original email, and they never get spam sent to them).

    I still want to know how a chain email would fall into the hands of a spammer...

    Spammers also like hacking into mail servers and using them to send email. My website server ran Windows NT4 Server (yes, the 1996 edition) until recently and weekly I checked the logs and saw so many failed attempts to send spam. The "badmail" folder was full of copies of emails that couldn't be sent (only because I hadn't configured the SMTP add-on). They were all advertising viagra. Imagine if I HAD set the server up to send emails - it would have become a spambot out of my control. I now run Windows Server 2008 and the issue is just about gone. My point is your server (or computer!) can unknowingly be used to send spam.
     
    1 person likes this.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.