Author |
Message |
matador
Not quite a Newb
Joined: 28 Dec 2009
Posts: 26
|
Posted:
Tue Nov 23, 2010 12:18 am |
|
Over the past few days I've noticed highly suspicious activity in my main email account, which is a web-based hotmail account. As over this time period, I've had large numbers of delivery notification failures to my hotmail inbox which contain spam like messages featuring an attachment and word salad( I have not opened any of the attachments sent to my mail box), I've also noticed that the spam emails are ether forwarded to other people throughout the world, or are sent directly from me. This is suspicious enough for me, however today when I went to check my morning mail, I found that my inbox had an even larger number of spam attachment emails sent(again ether from me directly or forwarded from my box.In addition, even more alarming when I went to check my sent box I've confirmed that a sizable quantity of these spam messages where sent using my hotmail account.
I don't see how my account could have been compromised, as I have very strong and very regularly updated antivirus, anti-hacking, anti-phishing, etc the works in terms of protection. Also I follow good web protocol and never open anything from an unfamiliar sender etc, never look at sketchy inappropriate websites.
So I'm trying to figure out how my hotmail account could have been compromised like this?
However recently my university has come under frequent spam, phishing, hacking, an denial of service attacks so that is one possible cause of this I figure? Especially, since my university's web browser requires you to download a program every time you log on in order to access the internet.
* Mind you this is my personal email, not my baiting one. Also I don't think it was a lad who has been messing with it(although maybe a vlad because some of the messages have been coming back in Russian). |
|
|
|
|
scambuster3
Elite Baiter
Joined: 11 Jan 2008
Posts: 1099
Location: South East tip of Australia Down under, where a Dingo ate my Lads WU slip
|
Posted:
Tue Nov 23, 2010 12:21 am |
|
maybe change your password ?????? |
_________________ When it comes to scammers I bait with 1080, shoot from the hip and aim for between the eyes
Bank accounts sent to mysterious Alan = 477
Winner of Inspector Gadget 2009 fake checks contest, thanks IG
Winner of Inspector Gadget 2008 Bank account contest, thanks IG
"You are going to scam your passport page "
"CENTRAL BANK OF NIGER1A has scanned this email for viruses, vandals and malicious content."
"The Central Bank of Nigerian will put you in jail for life. You must return that money or you will face a brutal consequences."
"I KNOW U ARE JUST A TIME WASTER AND A BULL SHITTER."
"Hope you are not a joker because I don't waste my time and job on jokers"
"Time wasters are not authorized to contact us"
|
|
|
|
gerald.fird
Baiting Guru
Joined: 24 Mar 2010
Posts: 2135
Location: Ladland
|
Posted:
Tue Nov 23, 2010 12:23 am |
|
The word "botnet" rings in my head when I read this. |
_________________ = 309
x226 x36
X17
Mrs. CHIPIWA MAZIVA - Johannesburg to Cape Town - 1800 miles round-trip
"IDIOT DEY FOOL YOURSELF........ YOU NON GET WORK DATS WHY U DE FIND FOLLOW UP..... ILLITERATE
TAKE MY ID MAKE U ADD ME
MAKE I SHOW U MY WEBMAIL... U WILL NO DAT AM NOT HUNGRY... HUNGER GO KILL UR GENERATION" |
|
|
|
matador
Not quite a Newb
Joined: 28 Dec 2009
Posts: 26
|
Posted:
Tue Nov 23, 2010 1:47 am |
|
scambuster3 wrote: |
maybe change your password ?????? |
Already done, |
|
|
|
|
windypops
Baiting Guru
Joined: 25 Jan 2005
Posts: 6059
Location: Planet X
|
Posted:
Tue Nov 23, 2010 8:43 am |
|
Sounds like someone is spoofing using your email, but that woulcdn't show up in your sent folder.
I'm not ofay with hotmail workings. Does it have any kind of log file you can view? |
_________________ "No amount of semen donation will save this situation" Sanny Sanny
"We must disagree to agree" Raji Musa
If it's LADS you want. GoTo: http://www.yopmail.com/
and sign in with either ladmail or kentbrockman
|
|
|
|
pete515
Elite Baiter
Joined: 19 Apr 2008
Posts: 1301
|
Posted:
Tue Nov 23, 2010 8:55 am |
|
As windypops wrote either your email address is being spoofed or you have a spambot.
1. Change the password which you've already done.
2. Have a look in the 'sent' box to see if you are the originator of the messages.
3. If you are then you have a spambot and you'll need to check your computer. It is amazingly easy to fall prey to spambots despite taking all precautions. You can get them by visiting rogue web sites as well as clicking on attachments in your email.
4. If you are not the originator and you are being spoofed there isn't much you can do I'm afraid. |
_________________ LOTS
David Mark - Lagos/Yankari SSC
David Mark -3 years
Simon Dormoo - 1 year+, a standard 419er who became my love lad
x2 ME Foundation Home, Bank of Afrique
"..a strange voice like a wild pussy cat yelled at me and then paused......It was terrible, I nearly threw my phone away, and it scared me." Lad talks to a fax machine.
"mother remember I trusted you with all my hearth, remember I fouled with my blood that I am ready to take you as my biological mother remember I gave you my hope, my spirit and soul that you will lie to me or cheat me" Elinah Kipkalya
"you sun of a beach ".."you foolish and bustard stinking dead dog". More from the fragrant Elinah 4 weeks later. |
|
|
|
spot
Moderator
Joined: 25 Aug 2005
Posts: 9149
Location: Criminal Disruption Department.
|
Posted:
Tue Nov 23, 2010 9:45 am |
|
@matador
You have described exactly something that happened to a friend's Hotsnail account.
We did just about everything that the others have suggested, but the spam sending still continued
What we ended up doing was to delete all the contacts in the Contact List, changed the password again and it stopped. |
_________________ x32
|
|
|
|
Morgain Le Fay
Baiting Guru
Joined: 14 Oct 2010
Posts: 5800
Location: Taking my new .38 special to the range
|
Posted:
Tue Nov 23, 2010 2:42 pm |
|
I have a friend who has recently had problems with hotmail. He has scanned and rescanned for virus and whatever but the problem persists. I am trying to convince him to rid himself of HotMail and go to Gmail. |
|
|
|
|
pete515
Elite Baiter
Joined: 19 Apr 2008
Posts: 1301
|
Posted:
Tue Nov 23, 2010 4:32 pm |
|
Spambots can be really hard to trace. As people have commented even changing the password may not help. The reason is that the bot becomes active during the email session and uses the existing legit logon to spread their spam. Check the outbox for spambot activity.
I'm not advocating one AV checker against another but if one doesn't find anything another might. One particularly good one is Super Anti Spyware (SAS) which is free. Don't use an online AV scanner - they'll misidentify anything in order to persuade you to buy them.
When something similar happened to me the malware was actually a "hosting worm" which allowed other spambots or malware to connect to it to use its "services".
However I think we are getting slightly off topic. This is are spam not scan. |
_________________ LOTS
David Mark - Lagos/Yankari SSC
David Mark -3 years
Simon Dormoo - 1 year+, a standard 419er who became my love lad
x2 ME Foundation Home, Bank of Afrique
"..a strange voice like a wild pussy cat yelled at me and then paused......It was terrible, I nearly threw my phone away, and it scared me." Lad talks to a fax machine.
"mother remember I trusted you with all my hearth, remember I fouled with my blood that I am ready to take you as my biological mother remember I gave you my hope, my spirit and soul that you will lie to me or cheat me" Elinah Kipkalya
"you sun of a beach ".."you foolish and bustard stinking dead dog". More from the fragrant Elinah 4 weeks later. |
|
|
|
evil_sheep
Compulsive Self Abuser
Joined: 15 Jul 2010
Posts: 1100
Location: 419eater Passport office.
|
Posted:
Wed Nov 24, 2010 4:14 pm |
|
pete515 wrote: |
Don't use an online AV scanner - they'll misidentify anything in order to persuade you to buy them. |
http://housecall.trendmicro.com/ is the answer. |
_________________ x11 x3
"I thank you for your quick massage this morning. " - Prince Abdul Hakeem
"u lied. i know u as black man" - Timothy Fred
"Get out. If you mail me again, i will destroy your mailbox." - Clydesdale Bank PLC.
"picece of shit gett off here junkie" "arse hole like u" "u r a bullshit around the corner" "fuck off and die" "is that how you write ur father?" "do u need some crack from Brazil?" "please leave me alone" - Dr. Mohamed Gaza
FREE BEER!
"Baiting is like sex. If it does go pear-shaped, pull out, get a new email address and try again from a different angle." - Me |
|
|
|
ateabanah
Gone fishin'
Joined: 07 Oct 2010
Posts: 101
Location: anywhere but here.
|
Posted:
Wed Nov 24, 2010 4:31 pm |
|
I'm more of an Avast person. It has a boot up scan [which i never use but useful if you have sneaky startup apps]monitors port 80, as well as mail clients and other comm ports. Pretty nifty, and free also.
If you think you have something embedded in your system, Malwarebytes is a pretty good program for cleaning things up if it gets a little messy. |
|
|
|
|
|