My sister e-mailed me with this:"Someone must've snagged your account. I keep getting e-mails with your name on, but when I click on, it's some bogus e-mail. Always with downloads, which I know enough not to open."The e-mails landed in her spam account. When she clicked "reply," the e-mail address wasn't mine.I run AVG Anti-virus, Malwarebytes and Super-antispyware (in addition to Microsoft security updates for Windows XP).Is the spam coming from my computer? Or did someone get my name from a list somewhere and is using it for spam with embedded malware?Is there anything I can do?Thanks,Wendy
Hey Wendy,,,What e-mail do you use?? An e-mail client on your PC or do you use Web-Mail???TK...
<What e-mail do you use?? An e-mail client on your PC or do you use Web-Mail???>Sorry, I'm so ignorant that I don't know what this means.I use Microsoft Outlook on my computer and a paid ISP that handles my e-mail (not a free e-mail like Yahoo).Wendy
<What e-mail do you use?? An e-mail client on your PC or do you use Web-Mail???>Sorry, I'm so ignorant that I don't know what this means.If you were using your web browser to do email, that would decrease (but not eliminate) the chance that the problem is created by malware on your computer.But it has other disadvantages.I use Microsoft Outlook on my computer and a paid ISP that handles my e-mail (not a free e-mail like Yahoo).Basically, there are three ways that this problem could be happening. They take different approaches.1) There's malware on your computer doing it. Clean your computer.2) Someone has hacked your account at your email provider. Change your password, before they do.3) Someone is forging email headers to make things look like they come from you. Sadly, the closest thing to a solution here is to change your email address and ask your friends to auto-delete everything they receive from the old address. But that is a big bother. The good news is that addresses used for this purpose "age" and there should be a decreasing volume over time unless the forger happens to swipe the same address pairing again.(How do they swipe them? Mostly, for pairings like this, from emails that get repeatedly forwarded to large groups of people - PLEASE never do that, if you absolutely must then at least use the "bcc" option. Or from any other place they can find that shows people's email addresses and connections to other people.)(Really, I wish the people who make email software would make "bcc" the default. Or at a bare minimum create a setting permitting the user to make it the default.)
Hey Wendy,,,,Well, warrl pretty much already told you what the possibilities are!Do as warrl suggested, go and change you Password at you e-mail provider ASAP, and then run full Virus-Scan and Full MalwareBytes-Scan on you PC.Run the Scans in Windows-Safe Mode.Then you could wait awhile to see if the problem goes away, and if it doesn't then you probably need to create a new e-mail account and inform you ISP that the old one has been hacked and for them to delete it.Don't think there is much else you can do...TK...
(Really, I wish the people who make email software would make "bcc" the default. Or at a bare minimum create a setting permitting the user to make it the default.)OH YEAH, I've been saying that for awhile too! But people would complain about getting multiple emails with the same info from different people. NBD, it takes one click to delete, pretty easy. Jokes, chain e-mails and "If you really care, pass it on to 10 of your friends" are the worse. Most of the time those are Urban Legend anyway. I'd rather delete the multiple e-mails than deal with an infected computer.
Wendy there is one potential cause of this that has nothing to do with you. Some other person, who has your email address has had their PC hacked. SPAMers do not want to send out emails under their own name - so they send them out with someone else's. It is not uncommon for them to just grab a name from a hacked PC and send away. My wife's email got hacked last year. Eventually they sent out over 77,000 emails using one return address selected from her address book.Run the tests and take the security steps to make sure your PC is clean. In the whole area, keep in mind the most important thing for security is your email. Pick a good password and do not use the password for anything else. Good passwords have 10 to 14 characters. They have at least 1 UPPER case, 1 lower case and 1 numeral. Obviously you want something you can remember. Here are some ideas - Year of high school graduation plus name of person for your first romantic kiss -- DaleJones19xx. Your childhood address -- 2922BegoleStreet. You can find several if you think about it. In today's world, you really should think about a Password manager. I have over 300 different logins and there is no way I could remember them all. After we got hacked, each site have a strong password and we do not have and duplicate password. My wife and I live in a house with both Macs and PCs. We use 1Password which even syncs to our iPhones and iPads. This is the PC board, so I don't know if you are Mac or Windows. On the Windows side RoboForm used to have a good reputation - don't really know today since my primary PC is a Mac.GordonAtlanta
I agree with Gordon. It's likely that some person who corresponds with both you and your sister was hacked.Since the messages aren't coming from your computer, nor using your server account, there's nothing you can do to stop them.Imagine that someone was sending threatening letters through the US Mail, and that person was writing your name and address in the corner of the envelope, making it look like you had sent them.You wouldn't be able to stop them, because our mail system doesn't track the sender of a letter.What's happening is simply the electronic equivalent of what I just described.
Is the spam coming from my computer? Or did someone get my name from a list somewhere and is using it for spam with embedded malware?Is there anything I can do?I own a domain and every 2-4 years I suddenly start getting a lot of bounced e-mail messages. Only problem: That e-mail never was sent from the domain or by me. Someone simply grabbed the domain name, put it into their spamware blaster, and sent a lot of messages. After a day or three, it goes away. It is nothing you did, it is just bad luck.
You are lucky that you have not suffered two significant slap downs. Typically the firm hosting your domain will shut down or seriously limit your ability to send email. But far worse is other ISPs (Think Time Warner, Gmail, Comcast, HotMail) will put your domain on a SPAM list and just trash every single email with your domain as the return address.I strongly suggest you do 3 things NOW.#1 Change your account password at the company hosting your domain name.#2 Change the password for each email address - this also will be done at the company hosting your domain name.#3 Change the password at your registrar. With certainty - do not reuse any of the above passwords and make darn sure the above passwords are strong. (When Hostgator reset our passwords they used a 16 character long random alpha numeric string which I promptly reset to something of my choosing.)For someone to send email through your account, they must have your password - that is why you change the email password. You change your account password so the bad guys can't control your password for their purposes. The registrar is the firm use used to buy/lease your domain name. For example, my domain name is "TwoCybers.com" and I pay GoDaddy.com for rights to that domain. My domain is hosted by HostGator. I think it important to have the Registrar and hosting companies as separate organizations. What we really care about is using our domain names, but if for some reason Hostgator stops me from using my domain, I can move to another company through my Registrar and the changes take effect in a matter of hours or less. Although such issues are very unlikely, if they happen it is likely some administrative issue and those can be difficult to resolve. GordonAtlanta
For someone to send email through your account, they must have your password - that is why you change the email password.I do not think they are sending *through* her account or ISP. I think they are *spoofing* the e-mail address and sending through a totally different (multiple/international) domain that can not be traced because it is routed through one or more anonymizing e-mail web sites.
I periodically check my computers' Address Book.Twice I have found an entry that I never saw before & deleted it.
Did your sister check the email address of the bogus messages she says have your name on them?I have been receiving a few emails over the past month that show the names of people I know, but the email addresses were bogus, so I know whoever had been forging those emails knew enough to put familiar names on the emails but not smart enough to change the actual email address, so one has to look at the headers to see that it really isn't from that person.As others have said, in many cases the spammed emails picked up your name and possibly your email address from someone else's computer or even from a newsgroup and is forging their spam email headers to claim it is from you when it isn't.
Instead of just deleting these bogus e-mails,I always identify them as'Junk',trying to train the PC to assign that status to them in future mailings.
Thanks to you and everyone for your advice.<I strongly suggest you do 3 things NOW.#1 Change your account password at the company hosting your domain name.>OK, I just did this.<#2 Change the password for each email address - this also will be done at the company hosting your domain name.#3 Change the password at your registrar. >I don't understand the meaning of #2 and #3. To my knowledge, I don't have a domain name or registrar...but so much goes on that I don't know about that it's possible.As OrmontUS (my big brother Jeff) says, "I'm so confused."Wendy
Wendy I a sorry, I did not read things closely enough or got your post confused with another. I just reviewed the thread and there is no basis for suggestions #2 or #3.Again I am sorry.GordonAtlanta
Best Of |
Favorites & Replies |
Start a New Board |
My Fool |
BATS data provided in real-time. NYSE, NASDAQ and NYSEMKT data delayed 15 minutes.
Real-Time prices provided by BATS. Market data provided by Interactive Data.
Company fundamental data provided by Morningstar. Earnings Estimates, Analyst Ra