My email account has been hacked. How do I solve the problem?

ringway

MB Enthusiast
SUPPORTER
Joined
Nov 29, 2008
Messages
7,292
Location
In a World of My Own.
Car
2017 Audi RS6 Avant Performance Edition. Range Rover Supercharged - Lovely!
I've recieved many spam emails from email contacts over the years, but now I'm the one sending out the "Buy Viagra" and "Stop Smoking" emails to people on my email list.

Any ideas how I can get rid of this problem, please?


TIA.


Paul.
 

Kingy68

Active Member
Joined
Sep 14, 2011
Messages
213
Car
C220 Sport 125
Change your password. Usually a good start and often sorts it.
 

grober

MB Master
Joined
Jun 22, 2003
Messages
28,466
Location
Perth, Scotland
Car
W204 C200CDI Estate
Change your mailer programme and use a different email address.
 

Spinal

MB Enthusiast
Joined
Sep 14, 2004
Messages
4,790
Location
Uxbridge
Car
Smart, S320 and C180 with 3-pointed stars amongst others
Three options:
- Your email account is compromised and they are using your account to send out information
- The email "from" field is spoofed, and they aren't REALLY coming from you
- Your machine has malware on it that is using your programs (outlook?) to send emails

So question is, what email is it? Is it webmail (e.g. hotmail) or do you connect via outlook/outlook express?
M.
 
OP
OP
ringway

ringway

MB Enthusiast
SUPPORTER
Joined
Nov 29, 2008
Messages
7,292
Location
In a World of My Own.
Car
2017 Audi RS6 Avant Performance Edition. Range Rover Supercharged - Lovely!
Three options:
- Your email account is compromised and they are using your account to send out information
- The email "from" field is spoofed, and they aren't REALLY coming from you
- Your machine has malware on it that is using your programs (outlook?) to send emails

So question is, what email is it? Is it webmail (e.g. hotmail) or do you connect via outlook/outlook express?
M.

Hi Michele, it's Yahoo! Mail.

I must say that most of the spam email I have recieved in the past has been from people with an AOL account. I did use AOL many years ago and although the account is not closed, I rarely access it, except to conduct test emails with Yahoo!
 

BTB 500

MB Club Veteran
SUPPORTER
Joined
Aug 7, 2005
Messages
19,248
Location
Berkshire
Car
R129 SL500, W639 Vito 120, S203 C230
More likely the sender address is being spoofed then ... i.e. they aren't actually coming from you. As mentioned, change the password ASAP anyway (preferably to a 'strong' one containing at least numbers and letters).
 

Harrythedog

MB Enthusiast
SUPPORTER
Joined
May 8, 2011
Messages
2,227
Location
Tynemouth
Car
GLC 250 Sport Premium+
They may possibly have just stolen your contacts list and using a spoof sender address. If you set up a false email address ie virus @ here.com in your contact list, then if you get a failed sender notice that'll mean the messages are being initiated from your computer.
 

BTB 500

MB Club Veteran
SUPPORTER
Joined
Aug 7, 2005
Messages
19,248
Location
Berkshire
Car
R129 SL500, W639 Vito 120, S203 C230
Check your 'Sent' and 'Trash' folders - if they are really being sent from your account there will probably be copies in there. This is unlikely with a web email client like Yahoo though ... most likely scenario IMHO is that they have got a Contacts list from someone you know who uses Outlook, and are sending to addresses in that - spoofing in your email address (picked at random from the Contacts list) as the 'sender'.
 
OP
OP
ringway

ringway

MB Enthusiast
SUPPORTER
Joined
Nov 29, 2008
Messages
7,292
Location
In a World of My Own.
Car
2017 Audi RS6 Avant Performance Edition. Range Rover Supercharged - Lovely!
Check your 'Sent' and 'Trash' folders - if they are really being sent from your account there will probably be copies in there. This is unlikely with a web email client like Yahoo though ... most likely scenario IMHO is that they have got a Contacts list from someone you know who uses Outlook, and are sending to addresses in that - spoofing in your email address (picked at random from the Contacts list) as the 'sender'.


Ah!

None in sent folder.

One in trash folder that I deleted yesterday.
 

Benzowner

MB Enthusiast
SUPPORTER
Joined
Jun 21, 2004
Messages
2,789
Location
Bristol
Car
Qashqai Acenta Premium 1.6Diesel
The other thing you may experience is "Non delivered E Mails" from postmaster. Had the same probem a couple of years ago on Hotmail. changed my .com to a .co.uk, deleted my contacts list, changed my password and left the .com alone. It eventually cleared itself or they gave up and all is now ok. A tip regarding your password, if you are as forgetful as I am with passwords, use the same password as you have but change say an S for a 5, an o for an 0(zero) and maybe either start or finish the password with a capital. Makes a nice safe password or Pa55w0rd up
 

fatdazza

Active Member
Joined
Feb 20, 2010
Messages
438
Location
Cambridge
Car
Vauxhall Chevette
I've recieved many spam emails from email contacts over the years, but now I'm the one sending out the "Buy Viagra" and "Stop Smoking" emails to people on my email list.

Any ideas how I can get rid of this problem, please?


TIA.


Paul.

Wow, Viagra can stop you smoking? :D
 

neilz

MB Enthusiast
Joined
Nov 14, 2009
Messages
1,533
Location
London
Car
W140 S320L, 1997, Black with Black Bird's Eye Maple trim
I don't agree with a few comments above. Done a hell of a lot of research into spams and scams (I actively combat fraud). Often the causes are:

1) Malicious software from a dodgy site gets downloaded onto your PC (keylogging software) and your username and password are sent over to those responsible. They use bulk email software to send those emails by logging in with your details

2) You knowingly download some free screensaver etc. software which comes with sendmail software which sends emails from your computer itself (much less common, though). But in this case the email address wouldn't be yours - it would be a spoofed one

3) Your email address just happened to be a random one the emails were sent from BUT what is the chance a random letter and number combination by the spammers leads to your email address being randomly generated? Now what's the chance that you friends etc. happen to get the email (these emails are often sent to small-ish groups)?

Now, the fact the emails are being sent to your contact list suggests (1) - your email account had to be compromised for them to have access to your contact list. The bulk email software they use tends to be illegal rather than the commercially available ones, there could be a lot of software involved or it could all be done manually in Microsoft Outlook with someone physically snooping around your inbox.

Advice: Change your password and check the IP address of the most recent login (often displayed on the page when you've logged in at the bottom) then copy it into Whois - IP Address - Domain Name Lookup and see if it's even from your part of the world!

If it's not your IP address, then it's probably the spammer's (unless you have given others access to your inbox). The WHOIS search above should give an email address to contact to report abuse - if you're sure the IP address belongs to the spammer then send an email to that address saying so
 

Spinal

MB Enthusiast
Joined
Sep 14, 2004
Messages
4,790
Location
Uxbridge
Car
Smart, S320 and C180 with 3-pointed stars amongst others
Now, the fact the emails are being sent to your contact list suggests (1) - your email account had to be compromised for them to have access to your contact list. The bulk email software they use tends to be illegal rather than the commercially available ones, there could be a lot of software involved or it could all be done manually in Microsoft Outlook with someone physically snooping around your inbox.
Agree with everything but that...

At our SOC, we see more and more spammers relying on chain-letter lists.

So instead of mailing a database of a million email addresses from a single email (e.g. bob@spoofed.com), to evade larger tracking (e.g. our GIN, or global intelligence network) they will send them from multiple email addresses.

Nothing new until here... but recently, instead of selling databases of "just" email addresses, they now have "referrer" addresses, so spammers will spoof the email to come from a "friend".

This way, they have a higher probability of being read (and going through whitelists).

The way they get the referrer address is by harvesting chain letters - there usually is a large list of valid addresses contained, as well as "trusted" referrers...

So while you comment would be very valid normally, recently we've stopped giving that advice - his email doesn't HAVE to be compromised because your friends have spam from you.

M.
 

neilz

MB Enthusiast
Joined
Nov 14, 2009
Messages
1,533
Location
London
Car
W140 S320L, 1997, Black with Black Bird's Eye Maple trim
Agree with everything but that...

At our SOC, we see more and more spammers relying on chain-letter lists.

So instead of mailing a database of a million email addresses from a single email (e.g. bob@spoofed.com), to evade larger tracking (e.g. our GIN, or global intelligence network) they will send them from multiple email addresses.

Nothing new until here... but recently, instead of selling databases of "just" email addresses, they now have "referrer" addresses, so spammers will spoof the email to come from a "friend".

This way, they have a higher probability of being read (and going through whitelists).

The way they get the referrer address is by harvesting chain letters - there usually is a large list of valid addresses contained, as well as "trusted" referrers...

So while you comment would be very valid normally, recently we've stopped giving that advice - his email doesn't HAVE to be compromised because your friends have spam from you.

M.
I know, that's very recent, and a scammer I was 'baiting' accidentally sent me a scan of one such list (along with a host of his aliases in the cc line) and when I questioned him he said it was a mistake. It had groups with arrows etc. (handwritten!). So they can spoof addresses, I think you're right about that with the successful Russian Viagra spam (the businesses are ultimately owned by the Russian Business Network as they call themselves (Russian Mafia)), lower level 419 scammers just buy the email address lists. What you need to consider is how they would get hold of chain letters -who would forward one to a criminal?
 

trapperjohn

MB Enthusiast
Joined
Nov 19, 2008
Messages
7,305
Location
Lancashire
Car
124 300D 24V Estate
So some of the very good jokes I send out (which come to me by email) from a couple of buddies. Am I risking my buddies and recipients internet/email safety by doing this.
 

Merc Owner 2B

MB Enthusiast
Joined
Dec 3, 2009
Messages
1,009
Location
Leicestershire
Car
2012 ML250 Sport BlueTec
So some of the very good jokes I send out (which come to me by email) from a couple of buddies. Am I risking my buddies and recipients internet/email safety by doing this.
Yes I believe you are. I always send mine out with all recipients in the BCC line so even they are unaware of each other.

I'd be interested to hear from our more knowledgable colleagues here if I am avoiding the harvesters?
 

neilz

MB Enthusiast
Joined
Nov 14, 2009
Messages
1,533
Location
London
Car
W140 S320L, 1997, Black with Black Bird's Eye Maple trim
BCC seems to mean the email is sent out as if individually to each person, CC means it's sent out to everyone as one email. I may be wrong. But I think that's getting a bit paranoid - I send out emails to groups of people and know as a fact I don't send spam out to my contacts (I have work and private email addresses I copy my emails to so I can forward them later if I want without having to search for the original email, and they never get spam sent to them).

I still want to know how a chain email would fall into the hands of a spammer...

Spammers also like hacking into mail servers and using them to send email. My website server ran Windows NT4 Server (yes, the 1996 edition) until recently and weekly I checked the logs and saw so many failed attempts to send spam. The "badmail" folder was full of copies of emails that couldn't be sent (only because I hadn't configured the SMTP add-on). They were all advertising viagra. Imagine if I HAD set the server up to send emails - it would have become a spambot out of my control. I now run Windows Server 2008 and the issue is just about gone. My point is your server (or computer!) can unknowingly be used to send spam.
 

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

Top Bottom