 |
|
Mar 26, 2011, 08:49 AM // 08:49
|
#1 |
|
Academy Page
Join Date: Dec 2006
Profession: A/
|
Hotmail self spam
Hey
I have a problem, since a few days my hotmail account automatically sends phishing emails to other people. a lot of these email adresses do not exist so i get a lot of notifications that the mails did not arrive. I scanned my computer with avast and malware bytes and it found nothing. Is there any way i can find the cause and solve it? I believe it is my responsibility to stop the phishing through my account from going on. |
|
|
|
Mar 26, 2011, 10:09 AM // 10:09
|
#2 |
|
Pre-Searing Cadet
Join Date: Jan 2008
Profession: W/Mo
|
Elfblade,
Mine started doing that a week ago. I deleted my entire contact list and it stopped. I also used Avast and Adaware to scan my computer and found nothing. Hope that helps. |
|
|
|
|
Mar 26, 2011, 11:21 AM // 11:21
|
#4 |
|
Academy Page
Join Date: Dec 2006
Profession: A/
|
hey,
i decided to change my password and for 4 hours the mails have stopped, I hope this is the fix. |
|
|
|
|
Mar 26, 2011, 02:56 PM // 14:56
|
#5 |
|
Pre-Searing Cadet
Join Date: Dec 2010
Guild: The Imperial Guards of Obsidian
Profession: E/
|
I had this two years ago and fixed it one year ago. I think somehow a web-company which through a scam managed to get your e-mail & password has managed to hack into your account and thereby managed to Spam e-mails to all your contacts. Making a secure password and never using it for anything else should definitely resolve the issue.
|
|
|
|
|
Mar 26, 2011, 04:14 PM // 16:14
|
#6 |
|
The Fallen One
Join Date: Dec 2005
Location: Oblivion
Guild: Irrelevant
Profession: Mo/Me
|
Unfortunately, once your account is compromised, it's over. You'll need to make a new email asap. They can spoof your email from here on out and will send all your friends and family malware and adware links as well as scam/phishing emails.
__________________
|
|
|
|
|
Mar 26, 2011, 06:11 PM // 18:11
|
#7 |
|
Grotto Attendant
Join Date: Apr 2007
|
Possibility 1: Your PC is compromised. Solution: Scan with a better AV (I'd suggest Avira or Nod32) and something to look for rootkits (SanityCheck replaces Rootkit Revealer which has not been updated since WinXP).
Possibility 2: Your hotmail account has been compromised. Solution: Change the password. Possibility 3: It's just spoofing. It's not hard to make an e-mail look like it comes from any address you feel like. The spoofer does not need access to your PC or your e-mail account; they only need to know what your e-mail address is. Solution: Do nothing; apologize to friends who get the e-mails. |
|
|
|
|
Mar 26, 2011, 06:17 PM // 18:17
|
#8 | |
|
Lion's Arch Merchant
Join Date: Nov 2008
Guild: Shadowed Ones
Profession: E/A
|
Quote:
As others have said make sure your computer is virus free then change your password. You do not have to delete/abandon your email account. This exact thing has happened to me and from the moment I changed the password until now (2+ years later) it hasn't happened. |
|
|
|
|
|
Mar 26, 2011, 06:54 PM // 18:54
|
#9 |
|
Academy Page
Join Date: Dec 2006
Profession: A/
|
ok since 8.28 no more e mails sent to others and i do not receive and failed send e-mails for the last 10 hours. I guess changing my password helped. i downloaded the toolkit and downloaded some of the programs. its weird but malwarebytes found a trojan at the second system scan and i removed it. thanks for all the replies with info.
|
|
|
|
|
Mar 26, 2011, 06:55 PM // 18:55
|
#10 | ||
|
The Fallen One
Join Date: Dec 2005
Location: Oblivion
Guild: Irrelevant
Profession: Mo/Me
|
Quote:
Clearly you haven't read up on the Hotmail spoofing. They essentially get your account credentials and then send email from many different accounts through your email. The emails never show up in your sent box, etc. They are spoofed to appear to come from you. It takes quite a bit of digging on the part of the recipients to know it isn't from you. Interesting though that the emails were failed. That does indicate the account's password was compromised. However, if your relatives and friends still receive emails after this point... then the scenario I described has happened. Quote:
__________________
Last edited by Lord Sojar; Mar 26, 2011 at 06:59 PM // 18:59.. |
||
|
|
|
|
Mar 26, 2011, 11:33 PM // 23:33
|
#11 | |
|
Lion's Arch Merchant
Join Date: Nov 2008
Guild: Shadowed Ones
Profession: E/A
|
Quote:
So, although they could easily steal the emails and keep using that email address as their sent address they wouldn't gain anything. It is very easy for hotmail to know if it is real or not. They only gain the benefit if they are sending it through the hotmail servers. Anyway, my point was the person who started the thread shouldn't just abandon their account. It is very easy to fix the worst of it, and hotmail will most likely put any mail your contacts get - which are spoofed to be from you - straight into that person's junk mail. Also I don't see why hotmail would be the only one with this issue, so it would be interesting if you found out why. |
|
|
|
|
|
Mar 27, 2011, 03:08 AM // 03:08
|
#12 |
|
Grotto Attendant
Join Date: Apr 2007
|
Spoofing does not require ever having access to the subject e-mail account. You simply create a fake header identifying yourself as such.
|
|
|
|
|
Mar 28, 2011, 09:19 AM // 09:19
|
#13 | |
|
Lion's Arch Merchant
Join Date: Nov 2008
Guild: Shadowed Ones
Profession: E/A
|
Quote:
|
|
|
|
|
|
Mar 28, 2011, 11:54 AM // 11:54
|
#14 | |
|
Forge Runner
Join Date: Sep 2007
Location: Right here
Guild: Ende
|
Edited out the email tags
Quote:
eg. "guildwars @ guru.com" creates and sends an email to "guild @ wars.net" but lists "spam @ hotmail.com" as the sender and return email recipient, then anyone reading the email will see that it was sent from "spam @ hotmail.com". If "guild @ wars.net" does not exist, then the Postsystem of wars.net will also send the answer back to "spam @ hotmail.com" to inform that the email address is incorrect. Last edited by Rushin Roulette; Mar 28, 2011 at 11:56 AM // 11:56.. |
|
|
|
|
|
Mar 28, 2011, 08:01 PM // 20:01
|
#15 | |
|
Lion's Arch Merchant
Join Date: Nov 2008
Guild: Shadowed Ones
Profession: E/A
|
Quote:
Also I am not just guessing. Right now I used a server running php and told it to send an email to me, using my own email (@hotmail.co.uk). It worked. However, hotmail automatically put it in to junk, because as I said above it is very easy for it know. Then I told the server to do the same thing but the target email is a false email and the fake "from" email was still my real email. I sent it but nothing got returned to my email. Now if I go into my actual hotmail and, I guess, send it through an authorised connection to a hotmail mail server then I get the email saying the email doesn't exist. Now I think I've proved that what you send was wrong unless I've misunderstood something. But I'm still a bit confused. You say you aren't a "techie" but you are very happy to disagree with something which I would have thought is reasonably advanced knowledge. So I'm thinking you must have some evidence I don't. So, simply, the failure email is sent by the mail server you used, to the place that actually sent it, not the "from" address. This means if the original poster is getting these failure emails then they are using his authentication credentials to use the hotmail mail servers. Hence if he changes his password, which he has, then he shouldn't get these emails anymore, which he doesn't. (But as someone above said, they could still use his email address to send mail to his contacts which might not go to junk, but it did when I tested it) |
|
|
|
|
|
Mar 28, 2011, 10:13 PM // 22:13
|
#16 |
|
Academy Page
Join Date: Aug 2006
Profession: D/
|
Having been through this whole canoodle myself (first lots of spam mails, then my address getting spoofed and me receiving dozens of return-to-sender notifications and finally my address being fully compromised and actually starting to send out hundreds of spam mails per day), I can only give you the following advice:
Scan your PC from top to bottom Once you're sure it's secure, change your email address' password Wipe your contact list (export it to a backup copy if necessary, then wipe it) After that unlink every service, everything you've ever signed up for that's important to keep from that email address (aka make a new email, or better yet several emails and link the services to those new ones instead). And finally say goodbye to the old email. If you can't ditch it completely, because something unlinkable is tied to it, then just unlink everything from it that you can, change the password to a randomly generated 15+ digit alphanumeric one that's used nowhere else (use of a password safe program makes this very easy) and keep logging into it and changing the password on a regular basis. Short of the spammer hacking the email server itself or you contracting a keylogger, they will have a very hard time getting in to your email again. |
|
|
|
|
Mar 28, 2011, 10:39 PM // 22:39
|
#17 |
|
Wilds Pathfinder
Join Date: Oct 2005
|
Had this happen with a lot of people I know. Usually a password change fixes it. But not always.
I usually tell them to switch to gmail. Now while I don't see much of a difference between gmaila nd hotmail, I haven't had any of this happen to gmail contacts o.o Also, use a different password everywhere. And scan the pc. One person I know fixed it by... getting gmail and... buying a new pc X.x |
|
|
|
 |
|
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT. The time now is 03:44 AM // 03:44.
jQuery(document).ready(checkAds()); function checkAds(){if (document.getElementById('adsense')!=undefined){document.write("_gaq.push(['_trackEvent', 'Adblock', 'Unblocked', 'false',,true]);");}else{document.write("