PDA

View Full Version : [Help - Web] Strange, my email is spamming people



RaShayRitto
10-01-2009, 06:12 AM
so i just checked my inbox and it is full of those automated emails you get when you send an email to an incorrect address. all of them were spam messages like "hey i saw you online meet me at this site" and stuff like that. all of them were sent to emails starting with the letter J

i checked my sentbox, and there is was! an email with that message and a bunch of recipients in the "to" box! how in the world did a spammer use my email to send this stuff out? i'm pretty careful about security so this comes as a real surprise. the time of the email is around 5:40am which is a little after i woke up and no one was here using my ps3

Aku no Hikari
10-01-2009, 05:22 PM
This is too bad. >.<;;

This could happen when you access your e-mail using a desktop client, and you have saved both your username and password. If you get a rootkit or something on your computer, it can easily access your e-mail and send out spam without you noticing it. It could also happen if a hacker gets your username/password and accesses your e-mail and sends spam, whether manually or using automated software. I advice you to immediately change your password, as well as the passwords of all your other e-mail accounts.

Note that if the threat is on your computer, changing the password will be useless because the keylogger will still catch your new password. Just google "keylogger detection" to see ways ways to find out whether or not your computer is infected, and remove it in case it's found.

TIP: If you use Gmail, you can see the last few times your e-mail was accessed below your inbox, and which IP addresses were used to access it.

RaShayRitto
10-01-2009, 07:51 PM
yeah its gmail, i'll see if there are any random IPs on the list

____
10-02-2009, 01:21 AM
That doesn't necessarily mean someone gained access to your account, although it is a great concern.

Maybe this will help? I don't know if you have already seen this article from Gmail help, but here's the link. Either way, you should report it to Gmail.

http://mail.google.com/support/bin/answer.py?answer=50200&cbid=8qb8e3m340va&src=cb&lev=answer#

RaShayRitto
10-04-2009, 11:29 AM
ugh! update: spammers got into my facebook account too! >=(

i have to explain to some people i never talk to why i'm sending them links to "work from home" scams

Aku no Hikari
10-04-2009, 07:26 PM
I haven't visited AF for a couple days... and I don't know if it's too late to say this, but... If you still have the IP addresses of the spammer, you can look it up to know at least where's the spammer from and what's their ISP. Just use this (or any other) "who is" service:

http://cqcounter.com/whois/

(the website requires you to fill some stupid Captcha image, but anyways...)

Though this may not be helpful, but you may want to report it to their ISP or something.


ugh! update: spammers got into my facebook account too! >=(

You found out what they got, but you still haven't found out HOW they got it. If there's a keylogger on your computer then no matter how many times you change your password they they'll keep getting it again and again every time you change it. I suggest that you try the following (assuming you use Windows XP):

- Open My Computer, open the C drive
- OPTIONAL if you see "These files are hidden", click Show the contents of this folder
- Click Tools -> Folder Options, go to the View tab
- Select Show hidden files and folders
- Uncheck both Hide extensions for known file types and Hide protected operating system files
- Click OK

Now you should see all hidden and system files. If:

- you don't see any hidden/system files
OR
- you see them for a moment and then they disappear again

then it's a definite sign that you have a rootkit on your computer. Try double checking the Folder options and see if they were set again to hide system files then it's a definite sign.

To remove the rootkit, you can either go format and reinstall Windows and everything (which is what I recommend) or you can go kill yourself and try removing it manually. I don't think I should write a guide on how to remove a rootkit now, since I'm still not sure if what you have is a rootkit or something else. But if you want, I'll be glad to help. ^_^

Anyway, if you detect any suspicious files, try to scan them with this:

http://www.kaspersky.com/scanforvirus

If anything is detected, you can do some Google search and find out how to remove it yourself. Just be careful and AVOID downloading any of those "automatic rootkit removal" scams. You don't want to have TWO rootkits instead of one. o_O;

If you have a rootkit, the only safe and reliable way of removing it is either manually or by formatting everything. But that's just my opinion.