Browsers, E-mail, & Web Apps

General discussion

E-mail account compromised. How do I stop the spammers?

by Lee Koo (ADMIN) CNET staff/forum admin / March 2, 2012 6:23 AM PST
Question:
E-mail account compromised. How do I stop the spammers?


First of all, I want to thank you and all the forum members for the
great suggestions over the past few years.

I do, however, have a problem that I don't recall being discussed.
Several weeks ago my e-mail account was hacked. My address book was
compromised. I and several of my contacts began receiving e-mail,
presumably from me, with links to inappropriate content. I became
aware of this at first by receiving "returned e-mail" notices to
addresses that don't exist any more, for example my daughter's e-mail
at a university she has graduated from. Shortly thereafter, I began
receiving e-mail from current contacts, asking why I would send them
such content. I have never responded to the phishing attempt by
clicking on the link. I don't open any of the e-mail--just right-click
and mark as junk. I have tried to mark all such e-mail as junk. I
have (tried to) block e-mail from the sender and his domain. The help
center at my ISP wasn't much help. They suggested resetting
passwords (already done) and creating a new e-mail address. I
was not permitted to eliminate my old address with them. The problem
persists. I still get the c__p from the same source. I still get the
returned e-mail daemons from my ISP to outdated recipients.

Now here's the rub. I have an antivirus program running (current
updates), firewall, and antiphishing/spam software--all regularly
updated. I use Norton products for protection. I have tried using
the e-mail rules settings in my e-mail program. It's as if none of it
exists to this phisher.

Other than going to another ISP, with a new identity, are there
any steps I haven't thought of that I can take to get rid of this
jerk? And how can I prevent this from happening in the future. I'd
really like to know how my e-mail account was compromised. Thank you.

--Submitted by Robert F.
Post a reply
Discussion is locked
You are posting a reply to: E-mail account compromised. How do I stop the spammers?
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: E-mail account compromised. How do I stop the spammers?
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
PASSWORD!!!!
by john3347 / March 2, 2012 9:21 AM PST

I have had similar experiences to yours on occasion. Yahoo! advice is that, "you should immediately change your email password and that is really about all you can do." (I have YAHOO! email). Changing the email password did stop the infractions and lasted for a couple of years before it happened again. I again changed the password immediately. That has been two or three years ago now. I am of the belief that if the hacker cannot "de-code" your password, they cannot gain access to your account. Are you using a strong password on your email account?

Collapse -
password
by friedman-robert / March 2, 2012 8:56 PM PST
In reply to: PASSWORD!!!!

My password is more than 9 characters, including caps, numbers and symbols. What I AM guilty of though, is not changing it very often. THAT's gonna change!

Collapse -
Addressbook compromised
by skennedy10 / March 9, 2012 9:08 AM PST
In reply to: PASSWORD!!!!

An interesting point that might help with this problem.
Last year I added a new entry to my addressbook and then immediately shut down my computer and left town. About two hours later I received a phone call from that person last added and he had received an e-mail with the usual viagra ad. Of course, many others in my addressbook--possibly all of them--received the embarrasing e-mail, also.

I use ATT.net (Yahoo) webmail, and I assume, since it is now on my smartphone as well as my two computers and anywhere else I log on, that the addressbook is actually kept on the ATT server - or both there and on my devices? I have no idea. I have had multiple attacks, have changed my password each time, and eventually ATT started requiring a new sign-in every two weeks.

Thoughts?

Collapse -
Changing Password is Not Exactly A Solution.
by webserf / March 9, 2012 10:48 PM PST
In reply to: PASSWORD!!!!

This is a malware problem. If your computer has been compromised (not your email), and you are either in your email program (outlook for example), malware accesses your contact list, which is not protected, and then opens up a port and sends.
Changing passwords won't help because you have already opened up and are using the email client. You can keep changing the password and the malware will still be able to send emails.

This problem is less likely if you use a browser for accessing your emails. Yahoo or Gmail for example .

Clean your computer with Spybot, and CCleaner etc.. (tons of info already on Cnet), and then consider using just a browser based email.

Of course there is/are no perfect solutions to preventing breaches. Another option is to set up a NEW email account and have separate accounts for you need to provide email addresses online, vs. the email that you give out to friends and business associates etc..

Collapse -
browser based email
by ratmouth / March 10, 2012 1:16 AM PST

You suggested using a browser based email. How do I do this? The browsers I use are Firefox, Chrome, and Internet Explorer. I don't see how they might access my email.

Collapse -
Nearly All Internet Service Providers Offer:
by webserf / March 10, 2012 2:03 AM PST
In reply to: browser based email

.. online email access. Verizon Netmail for example, through a browser such as firefox, chrome, etc..
As I said, you can also use Gmail, hotmail, yahoo mail for example, and access from a web interface.
This is becoming more and more common all the time.
Benefits include being able to access email from anywhere or any other computer, without having to set up an email client.

Point is when you use a client on your computer, have your contacts on that computer, have your read emails on that computer, there is a chance of that data being hijacked.
WEB BASED email, is safer in some respects. Like I said, there is no perfect solution.

Collapse -
Settings in/on your email client such as thunderbird
by webserf / March 10, 2012 2:08 AM PST

To elaborate, if you use an email client like Thunderbird (as just one example), someone could write a script, or malware that you unknowingly download. IT then accesses your data and sends emails as if they were you.
SOMETHING I forgot to mention to the OP. It is possible that a friend could receive an email that appears to be from you, but in actuality could be from someone else's computer that you've sent mail to.

When sending to your recipients, that data is embedded in the body of the email. Malware can that that info from ANY other computer that mail was sent to, and if that computer is infected, could send mail that appears to come from someone completely different from what is shown in the header of the email.

This subject is simple, but the actual events that take place from point A to point B can be variable.

Collapse -
web-based email....
by pbutler317 / March 10, 2012 7:33 AM PST

You suggested using a web-based email such as hotmail or yahoo, but those are the addresses that I've had hacked, not the client I have on my computer.

I use SUPERAntiSpyware and CCleaner along with changing passwords.

Collapse -
Answer to pbutler317
by webserf / March 10, 2012 3:31 PM PST
In reply to: web-based email....

What exactly got hacked? Your contact list? Or were you still a victim of email forwarding when using web-based email?
BTW, this seems to be rampant on Social Networks such as Facebook as well, hence receiving a "status" from someone on your "friend" list that asks you to click on a link or an app etc..
Next thing you know, your computer is infected.
(I'm not saying the two are related. I'm simply pointing out the "globality" of the problem)
FACT IS: These bottom-Dwellers who write the malware code get their "props" from within their circles for whatever damage they can cause. The more widespread the better (for them).

ANYWAYS...

IF you have a web based email account AND you store your address book with the service (in the cloud), such as gmail, that data is reasonably safe by virtue of cloud storage/security.
BUT, it is possible that while you are accessing your email via your browser, that you could still be at risk IF, you have a virus/malware that is specific to email hijacking.
I recommend NOT leaving your browser open on your email page. Get your emails and LOG OFF.
This is good advice whether you are using a client or going web-based. When not in front of your 'puter, "sleep" it.

Keeping clean:
keep all of your anti-virus, and "cleaner" software up to date AND run it on a regular basis.. ALSO, remember to dump your internet history, passwords, cookies, etc..

Sadly, as quickly as malware holes are plugged, they are just as quick to write the next generation of garbage code to keep honest people frustrated and worried about their personal data.

For casual use I would also suggest that your email contact list only carry recipients' names and email info and nothing more. (ie., phone, address)

Collapse -
EXACTLY, this happened to me/us
by webnetserf / March 12, 2012 8:23 AM PDT
In reply to: Answer to pbutler317

Webserf,
I agree. I had a "mailing list" that was part of a business group, and some of us were getting spam emails that appeared to be from one of the group, but as it turns out, the computer guy in our group was able to confirm that the computer that was sending the emails was NOT what was showing in the emails.
In other words, the supposed sender was not even in town at the time of receiving the email! His computer was OFF.
The actual "drone" computer was cleaned out and problem solved!

Collapse -
Windows XP Standby status
by ColdWest / March 24, 2012 4:31 AM PDT
In reply to: Answer to pbutler317

Webserf suggests sleeping the computer when you leave it. As I understand Windows XP at least, sleep mode is almost a full shut-down, whereas I typically use standby mode which is easier to wake and faster to get me back up online.

Is there a difference in security risk between the two?
If I do not sign out of a program does it remain exposed when I am on standby?

Thanks for your great input.

Collapse -
Are you asking
by MarkFlax Forum moderator / March 24, 2012 4:39 AM PDT

if you risk getting spam emails when the computer is in sleep mode?

If so, then the answer is no, it makes no difference whether you get spam or not.

If you are talking about other security risks when the computer is in sleep mode, then this discussion is not the right place to ask. This discussion is about reducing spam emails. So please create your own new discussion, and don't forget to supply full details as requested.

Mark

Collapse -
web-based e-mail
by ColdWest / March 25, 2012 6:52 AM PDT

Mark, I was hoping for webserf to reply...

In any event, my query was a follow-on to his statement and is in respect of spam e-mail or other obtrusive stuff - when I use (Win XP) standby, is there any greater risk of access to my e-mail or PC than if I were in sleep mode? I think not, but am willing to learn if I am wrong...

Collapse -
I"M VERY SORRY!
by webserf / May 30, 2012 12:18 AM PDT

@ColdWest,
I'm very sorry to have missed this follow up question.
Of course a lot of time has gone by and by now you've gotten your answer, but just in case,

NO, there is no difference. When in sleep/stand by, the computer is not actively connected to the internet thus preventing continued access by any mal/rogue-ware.

Again, thanks for your confidence in my answer(s), and I hope you are having a continued safe computing experience!

Cheers, Webserf

Collapse -
browser based email reply
by Chaos-Katie / March 10, 2012 2:20 AM PST
In reply to: browser based email

What this essentially means is that you log on to your email account via your preferred web browser and not an email client or application installed on your pc. So this can be any of those you listed (Firefox, Chrome, Internet Explorer). Open your browser and go to your Internet Service Providers (ISP) home site, many people use gmail (https://mail.google.com/), AT&T (https://mail.yahoo.com/), Comcast (http://xfinity.comcast.net/), and there are many, many others. To find yours, just search your ISP name with "mail" and it should immediately pull back the link to where you can log on. Hope this helps.

Collapse -
email client
by Jonny_S / March 10, 2012 7:58 AM PST

I wonder if uninstalling and reinstalling the client would fix this...

Collapse -
No easy answer: SPOOFING.
by webserf / March 10, 2012 3:39 PM PST
In reply to: email client

Reinstalling might help, but it depends.

Scenario. You receive an email from "Joe". BUT, Joe's computer didn't actually send it. "Fred" who is also on both of your email lists, well it's his friend's "Steve" computer that's infected and so it's Steve's computer that sent the email to you, "spoofing" the sender's name.
.
So, you can see the difficulty in running down who exactly has the virus.
ANYONE who is a recipient of an email where several people are sent the same email, can then be victim of this sort of problem.

I've STOPPED sending useless stuff like jokes to multiple recipients, and although that's part of the fun of being online, it can cause problems sometimes. Also when sending to multiple recipients, ALWAYS use the Blind Carbon Copy option when possible. It could help at least a bit.

Collapse -
Yes, Your email still can be accessed
by kennethchow / March 12, 2012 7:51 AM PDT
In reply to: browser based email

The hacker can first hack into your computer, without your AV (antivirus) detecting it. No worries, most likely its will be detected and deleted or quarantined by your AV. If you update it daily, use AV like Kaspersky, Bitdefender, AVG. I recommend Kaspersky. It will install a keylogger which will record anything use type.
The keylogger will note down easpecially the accounts you log into like Email, Bank Accounts, Payments, Credit Card number that you used for online shopping.... etc.
Also it take information about your computer like name, users,etc. most important your ip address and mac address which identifies your computer. The malware can also take screenshots and then crash your computer.

Collapse -
Have Yahoo remember the wrong pasword
by luckyjohn888 / March 13, 2012 8:57 AM PDT
In reply to: PASSWORD!!!!

Change your password in Yahoomail then have it remeber that pasword then change your password again but leave Yahoo remembering your old password. Each time you sign in Yahoo will Autocomplete the wrong password which you then clear with the backspace button and enter the correct password but NEVER have yahoo remember new correct password. Then if spyware does get as far as your mailbox they will keep getting the incorrect password you have had Yahoo remember.

Collapse -
Email account comprimised
by bill c / March 2, 2012 10:11 AM PST

First: I don't believe it was your email account that was compromised, it was your password. It should be changed ASAP. This won't stop what's already lost, but it will prevent any future access.
Second: My computer wasn't hacked, but a friend's was. It wasn't until I received an email from someone I recognized as been in my friend's address book, that I realized what had happened. It took me three months of forwarding each email (with full headers) to the internet provider (abuse@ *****.***) hosting the email distribution. The full header allowed the internet provider to trace the distribuyion source of the stolen info and shut it down.
Third: The only true defense that I would know is to establish a very secure (obscure) password, or preferrably, change it frequently.
Hope my experience helps.

Collapse -
Email Phishing
by vallurvenkataraman / March 2, 2012 12:29 PM PST

I have G mail and Yahoo accounts for more than a decade. Such compromise had not occurred so far. I have been changing my passwords frequently at least once in six months to stronger ones adding numbers, special characters , asterics, big case letters and so on.To me,I think that is the reason my emails accounts had NOT ( TOUCH WOOD) been compromised so far. I suggest your readers may also adopt the same to keep the accounts safe. .

Collapse -
Funny
by Chaos-Katie / March 10, 2012 2:26 AM PST
In reply to: Email Phishing

I'm sorry, but I can't help myself, I got to say this. It's "knock on wood" not "touch wood", lol. When I read that I almost spit out my coffee because my mind is always on the edge of the gutter. I immediately got an inappropriate visual. LOL... Laugh

Collapse -
"Knock Wood" Correction
by llaprelle / March 10, 2012 3:16 AM PST
In reply to: Funny

FYI - the saying can be "knock wood" or "knock on wood" It refers to the apotropaic tradition (Apotropaic magic is a type of magic intended to "turn away" harm or evil influences, as in deflecting misfortune or averting the evil eye) in western folklore of literally touching/knocking on wood, or merely stating that you are, in order to avoid "tempting fate" after making a favourable observation, a boast, or speaking of one's own death.

Collapse -
Interesting!
by Chaos-Katie / March 10, 2012 5:28 AM PST

Well thanks for that...I love finding out the origins of sayings. Wink So with that, I have learned 3 new things today and all thanks to CNET and it's awesome forum commentators. And the day isn't over yet! LOL.

Collapse -
Woody?
by webserf / March 10, 2012 3:43 PM PST
In reply to: Interesting!

I always found it interesting that there is a kid's cartoon character named "WOODY".
Now that's MY juvenile sense of humor!

Gotta Love Cnet though, it a great place to learn and maybe even throw out some knowledge sometimes. ...and even a little levity from time to time!

Collapse -
Sheriff Woody!
by Chaos-Katie / March 11, 2012 4:26 AM PDT
In reply to: Woody?

Absolutely! Not only the cartoon character "Woody Woodpecker" but the main character from Toy Story, Sheriff Woody. Gotta love it!

Collapse -
Sheriff Woody
by dolfin2 / March 15, 2012 9:22 PM PDT
In reply to: Sheriff Woody!

It's "cease and desist".

Collapse -
Oh yeah!
by Chaos-Katie / March 16, 2012 4:57 AM PDT
In reply to: Sheriff Woody

LOL...whoops...it most certainly is.

Collapse -
silly
by dirty yank / March 16, 2012 7:18 AM PDT
In reply to: Sheriff Woody

don't over state your case, we are not as educated, as you.

Collapse -
Completely off topic....
by pbutler317 / March 10, 2012 7:41 AM PST
In reply to: Funny
Popular Forums
icon
Computer Help 47,885 discussions
icon
Computer Newbies 10,322 discussions
icon
iPhones, iPods, & iPads 3,188 discussions
icon
Security 30,333 discussions
icon
TVs & Home Theaters 20,177 discussions
icon
HDTV Picture Setting 1,932 discussions
icon
Phones 15,713 discussions
icon
Windows 7 6,210 discussions
icon
Networking & Wireless 14,510 discussions

CNET Magazine

The summer issue is here!

In the latest edition of our quarterly magazine, we look at how you can spend your summer getting fit and having fun. Pick up a copy on newsstands today or order it now.