"Spam (purportedly) sent from my account. Solution?" Topic

10 Posts

All members in good standing are free to post here. Opinions expressed here are solely those of the posters, and have not been cleared with nor are they endorsed by The Miniatures Page.

Please don't call someone a Nazi unless they really are a Nazi.

For more information, see the TMP FAQ.

Back to the Computer Stuff Plus Board

Areas of Interest

General

Featured Hobby News Article

3Dprintable Based Battle Oval Lord Available

Bearded Orc

Featured Showcase Article

Elmer's Xtreme School Glue Stick

Is there finally a gluestick worth buying for paper modelers?

Featured Workbench Article

Basing with DryDex Spackling

Using pink stuff for basework.

Featured Profile Article

The Simtac Tour

The Editor is invited to tour the factory of Simtac, a U.S. manufacturer of figures in nearly all periods, scales, and genres.

Current Poll

Most Overrated Ruleset (Tiebreaker Round)

Featured Book Review

Tracing Your Ancestors Using DNA

Whatisitgood4atwork	10 Jul 2012 7:47 p.m. PST
Hi all, I have had a hotmail account for many years. It is my primary private addy. Today I found that everyone in my address book has received spam for some weight loss product, purporting to be from me at my hotmail address. Open the email and you are taken to a screen saying 'you are here because a friend recommended you', and are then hit with a wight loss pill ad. As some of my friends are indeed a bit overweight I do not want them to think I sent them this stuff. I became aware of it when I received a number of 'undeliverable' messages from postmaster@hotmail. So I checked my 'sent' file and the original messages were not sent from my account. I've sent out an apology to everyone in my address book and asked them to let me know if it happens again. Of course I immediately changed my password. Will this be enough to thwart them or is there something else I should do? Thanks. PS I have just found out that this may be related to some SOBs cracking the LinkedIn database, which would explain it.
Editor in Chief Bill	10 Jul 2012 8:15 p.m. PST
1. Anyone can send email that appears to come from your (or anyone else's) email address. 2. But if they really got to your address book, then your hotmail account is compromised. At the least, immediately change your password there.
Whatisitgood4atwork	10 Jul 2012 8:23 p.m. PST
Thanks. Yes, they got my address book. I have already done the least. I am wondering if there is something more I can or should do.
napthyme	10 Jul 2012 10:46 p.m. PST
if you use messenger also uninstall it and re-install. there is a lot of virus's that target it and use it as a back door into hotmail.
GarrisonMiniatures	10 Jul 2012 11:18 p.m. PST
Happened to me recently – I look on it as part of having an account, it's going to happen. 1) Open a different account, say Gmail. 2) Transfer all your contacts over to the new account. 3) Delete all contacts from old account. 4) Change password onold account. 5) Complete anti virus sweep. 6) Change password again. 7) Wait a while before you transfer anything back into old account. It's my equivalent of nuking from (e)space.
Whatisitgood4atwork	10 Jul 2012 11:32 p.m. PST
Thanks napthyme, Garrison. I will do so.
Paul B	11 Jul 2012 3:34 a.m. PST
I had this happen – with me I was recommending some Korean electronics supplier to all my contacts. I noticed that somehow they had changed a setting that said I was away on vacation and should forward messages to my contacts – you might want to check to see if they've done something similar to you.
Condor	18 Jul 2012 10:03 a.m. PST
If you suspect that your email account was hacked but cannot find and new emails in your sent folder, then the problem is worse than you thought and nothing to do with hacking into your account. I figured out how it was done awhile ago, but Yahoo won't do anything about it. Here is how the hacker works the system: 1. Set up a sniffer on an email server. 2. Collect emails coming and going through that server. 3. Extract the header information. Over 99% of emails are transmitted using SMTP (Simple Mail Transport Protocol). You can actually read an email packet. 4. Extract the sender and receiver information. 5. Save this data for later. 6. Create a bogus email with links to sites with malware. 7. Use the previously collect sender and receiver information to complete the emails. 8. Insert the bogus emails into the email stream. 9. The bogus emails are treated like any other email by the mail server and delivered to unsuspecting victims. Because the emails were usually sent between people that know each other the addresses are often in the other's friends list and are not filtered as junk. The most common email server used for this attack is the Yahoo email server in Los Angeles, CA. Yahoo won't do anything without a court order because they fear that any action on their part may make them look culpable. This explains why the emails do not show up in your sent folder, and also explains why changing your email password may have little affect. This process has a name, "Spoofing". Spoofing is often used to make one node (computer, router or hub) appear as another node by stealing the other node's IP address, name and MAC address. It also applies to emails and phone calls claiming to be from someone that they are not. Good luck getting your email address back.
Condor	18 Jul 2012 10:09 a.m. PST
BTW, Yahoo just admitted that a file containing user accounts and passwords was stolen when the system was breached. They paid $1,000,000. USD for a file that contained information regarding email accounts and passwords from Yahoo, Verizon, Comcast, AOL, Hotmail and at least 5 other major email providers.
SECURITY MINISTER CRITTER	19 Jul 2012 7:24 a.m. PST
See this! link