Hotmail self spam
Elfblade
Hey
I have a problem, since a few days my hotmail account automatically sends phishing emails to other people. a lot of these email adresses do not exist so i get a lot of notifications that the mails did not arrive.
I scanned my computer with avast and malware bytes and it found nothing.
Is there any way i can find the cause and solve it? I believe it is my responsibility to stop the phishing through my account from going on.
I have a problem, since a few days my hotmail account automatically sends phishing emails to other people. a lot of these email adresses do not exist so i get a lot of notifications that the mails did not arrive.
I scanned my computer with avast and malware bytes and it found nothing.
Is there any way i can find the cause and solve it? I believe it is my responsibility to stop the phishing through my account from going on.
Shinigami Hades
Elfblade,
Mine started doing that a week ago. I deleted my entire contact list and it stopped. I also used Avast and Adaware to scan my computer and found nothing.
Hope that helps.
Mine started doing that a week ago. I deleted my entire contact list and it stopped. I also used Avast and Adaware to scan my computer and found nothing.
Hope that helps.
BFG
Seems that your account was compromised in some way. Change your hotmail password. Next, download and install the kit found here.
Elfblade
hey,
i decided to change my password and for 4 hours the mails have stopped, I hope this is the fix.
i decided to change my password and for 4 hours the mails have stopped, I hope this is the fix.
Geordina
I had this two years ago and fixed it one year ago. I think somehow a web-company which through a scam managed to get your e-mail & password has managed to hack into your account and thereby managed to Spam e-mails to all your contacts. Making a secure password and never using it for anything else should definitely resolve the issue.
Lord Sojar
Unfortunately, once your account is compromised, it's over. You'll need to make a new email asap. They can spoof your email from here on out and will send all your friends and family malware and adware links as well as scam/phishing emails.
Chthon
Possibility 1: Your PC is compromised. Solution: Scan with a better AV (I'd suggest Avira or Nod32) and something to look for rootkits (SanityCheck replaces Rootkit Revealer which has not been updated since WinXP).
Possibility 2: Your hotmail account has been compromised. Solution: Change the password.
Possibility 3: It's just spoofing. It's not hard to make an e-mail look like it comes from any address you feel like. The spoofer does not need access to your PC or your e-mail account; they only need to know what your e-mail address is. Solution: Do nothing; apologize to friends who get the e-mails.
Possibility 2: Your hotmail account has been compromised. Solution: Change the password.
Possibility 3: It's just spoofing. It's not hard to make an e-mail look like it comes from any address you feel like. The spoofer does not need access to your PC or your e-mail account; they only need to know what your e-mail address is. Solution: Do nothing; apologize to friends who get the e-mails.
Cool Name
Quote:
Unfortunately, once your account is compromised, it's over. You'll need to make a new email asap. They can spoof your email from here on out and will send all your friends and family malware and adware links as well as scam/phishing emails.
|
As others have said make sure your computer is virus free then change your password. You do not have to delete/abandon your email account.
This exact thing has happened to me and from the moment I changed the password until now (2+ years later) it hasn't happened.
Elfblade
ok since 8.28 no more e mails sent to others and i do not receive and failed send e-mails for the last 10 hours. I guess changing my password helped. i downloaded the toolkit and downloaded some of the programs. its weird but malwarebytes found a trojan at the second system scan and i removed it. thanks for all the replies with info.
Lord Sojar
Quote:
This is just wrong. If he changes his password and security question how can they still access his account? There is a difference between making it look like the sender is someone else, and actually sending it from his account. If he is getting notifications saying the mail hasn't sent then that means they are sending it from his account, not just changing the email headers.
As others have said make sure your computer is virus free then change your password. You do not have to delete/abandon your email account. This exact thing has happened to me and from the moment I changed the password until now (2+ years later) it hasn't happened. |
Clearly you haven't read up on the Hotmail spoofing. They essentially get your account credentials and then send email from many different accounts through your email. The emails never show up in your sent box, etc. They are spoofed to appear to come from you. It takes quite a bit of digging on the part of the recipients to know it isn't from you.
Interesting though that the emails were failed. That does indicate the account's password was compromised. However, if your relatives and friends still receive emails after this point... then the scenario I described has happened.
Quote:
ok since 8.28 no more e mails sent to others and i do not receive and failed send e-mails for the last 10 hours. I guess changing my password helped. i downloaded the toolkit and downloaded some of the programs. its weird but malwarebytes found a trojan at the second system scan and i removed it. thanks for all the replies with info.
|
Cool Name
Quote:
Clearly you haven't read up on the Hotmail spoofing. They essentially get your account credentials and then send email from many different accounts through your email. The emails never show up in your sent box, etc. They are spoofed to appear to come from you. It takes quite a bit of digging on the part of the recipients to know it isn't from you.
Interesting though that the emails were failed. That does indicate the account's password was compromised. However, if your relatives and friends still receive emails after this point... then the scenario I described has happened. That trojan is what was doing it... you better hope it didn't already send out the credentials though, as at that point, they can just endlessly spoof the email... it's really annoying. Hotmail is the only one with this issue, and I forget exactly why, but it's a common scheme. |
So, although they could easily steal the emails and keep using that email address as their sent address they wouldn't gain anything. It is very easy for hotmail to know if it is real or not. They only gain the benefit if they are sending it through the hotmail servers.
Anyway, my point was the person who started the thread shouldn't just abandon their account. It is very easy to fix the worst of it, and hotmail will most likely put any mail your contacts get - which are spoofed to be from you - straight into that person's junk mail.
Also I don't see why hotmail would be the only one with this issue, so it would be interesting if you found out why.
Chthon
Spoofing does not require ever having access to the subject e-mail account. You simply create a fake header identifying yourself as such.
Cool Name
Rushin Roulette
Quote:
Yes, but sending it in a way that makes him get emails saying it failed does require access.
|
eg. "guildwars @ guru.com" creates and sends an email to "guild @ wars.net" but lists "spam @ hotmail.com" as the sender and return email recipient, then anyone reading the email will see that it was sent from "spam @ hotmail.com".
If "guild @ wars.net" does not exist, then the Postsystem of wars.net will also send the answer back to "spam @ hotmail.com" to inform that the email address is incorrect.
Cool Name
Quote:
Im no techie, but even I know that is easily possible. The return email address only has to be the subjects ojne and the automatic return email goes to a different email than to the onje who sent it.
eg. "guildwars @ guru.com" creates and sends an email to "guild @ wars.net" but lists "spam @ hotmail.com" as the sender and return email recipient, then anyone reading the email will see that it was sent from "spam @ hotmail.com". If "guild @ wars.net" does not exist, then the Postsystem of wars.net will also send the answer back to "spam @ hotmail.com" to inform that the email address is incorrect. |
Also I am not just guessing. Right now I used a server running php and told it to send an email to me, using my own email (@hotmail.co.uk). It worked. However, hotmail automatically put it in to junk, because as I said above it is very easy for it know. Then I told the server to do the same thing but the target email is a false email and the fake "from" email was still my real email. I sent it but nothing got returned to my email. Now if I go into my actual hotmail and, I guess, send it through an authorised connection to a hotmail mail server then I get the email saying the email doesn't exist.
Now I think I've proved that what you send was wrong unless I've misunderstood something. But I'm still a bit confused. You say you aren't a "techie" but you are very happy to disagree with something which I would have thought is reasonably advanced knowledge. So I'm thinking you must have some evidence I don't.
So, simply, the failure email is sent by the mail server you used, to the place that actually sent it, not the "from" address. This means if the original poster is getting these failure emails then they are using his authentication credentials to use the hotmail mail servers. Hence if he changes his password, which he has, then he shouldn't get these emails anymore, which he doesn't. (But as someone above said, they could still use his email address to send mail to his contacts which might not go to junk, but it did when I tested it)
Liselle Morrow
Having been through this whole canoodle myself (first lots of spam mails, then my address getting spoofed and me receiving dozens of return-to-sender notifications and finally my address being fully compromised and actually starting to send out hundreds of spam mails per day), I can only give you the following advice:
Scan your PC from top to bottom
Once you're sure it's secure, change your email address' password
Wipe your contact list (export it to a backup copy if necessary, then wipe it)
After that unlink every service, everything you've ever signed up for that's important to keep from that email address (aka make a new email, or better yet several emails and link the services to those new ones instead).
And finally say goodbye to the old email.
If you can't ditch it completely, because something unlinkable is tied to it, then just unlink everything from it that you can, change the password to a randomly generated 15+ digit alphanumeric one that's used nowhere else (use of a password safe program makes this very easy) and keep logging into it and changing the password on a regular basis. Short of the spammer hacking the email server itself or you contracting a keylogger, they will have a very hard time getting in to your email again.
Scan your PC from top to bottom
Once you're sure it's secure, change your email address' password
Wipe your contact list (export it to a backup copy if necessary, then wipe it)
After that unlink every service, everything you've ever signed up for that's important to keep from that email address (aka make a new email, or better yet several emails and link the services to those new ones instead).
And finally say goodbye to the old email.
If you can't ditch it completely, because something unlinkable is tied to it, then just unlink everything from it that you can, change the password to a randomly generated 15+ digit alphanumeric one that's used nowhere else (use of a password safe program makes this very easy) and keep logging into it and changing the password on a regular basis. Short of the spammer hacking the email server itself or you contracting a keylogger, they will have a very hard time getting in to your email again.
Don Zardeone
Had this happen with a lot of people I know. Usually a password change fixes it. But not always.
I usually tell them to switch to gmail. Now while I don't see much of a difference between gmaila nd hotmail, I haven't had any of this happen to gmail contacts o.o
Also, use a different password everywhere.
And scan the pc. One person I know fixed it by... getting gmail and... buying a new pc X.x
I usually tell them to switch to gmail. Now while I don't see much of a difference between gmaila nd hotmail, I haven't had any of this happen to gmail contacts o.o
Also, use a different password everywhere.
And scan the pc. One person I know fixed it by... getting gmail and... buying a new pc X.x