General discussion

E-mail account compromised. How do I stop the spammers?

Mar 2, 2012 6:23AM PST
Question:
E-mail account compromised. How do I stop the spammers?


First of all, I want to thank you and all the forum members for the
great suggestions over the past few years.

I do, however, have a problem that I don't recall being discussed.
Several weeks ago my e-mail account was hacked. My address book was
compromised. I and several of my contacts began receiving e-mail,
presumably from me, with links to inappropriate content. I became
aware of this at first by receiving "returned e-mail" notices to
addresses that don't exist any more, for example my daughter's e-mail
at a university she has graduated from. Shortly thereafter, I began
receiving e-mail from current contacts, asking why I would send them
such content. I have never responded to the phishing attempt by
clicking on the link. I don't open any of the e-mail--just right-click
and mark as junk. I have tried to mark all such e-mail as junk. I
have (tried to) block e-mail from the sender and his domain. The help
center at my ISP wasn't much help. They suggested resetting
passwords (already done) and creating a new e-mail address. I
was not permitted to eliminate my old address with them. The problem
persists. I still get the c__p from the same source. I still get the
returned e-mail daemons from my ISP to outdated recipients.

Now here's the rub. I have an antivirus program running (current
updates), firewall, and antiphishing/spam software--all regularly
updated. I use Norton products for protection. I have tried using
the e-mail rules settings in my e-mail program. It's as if none of it
exists to this phisher.

Other than going to another ISP, with a new identity, are there
any steps I haven't thought of that I can take to get rid of this
jerk? And how can I prevent this from happening in the future. I'd
really like to know how my e-mail account was compromised. Thank you.

--Submitted by Robert F.

Discussion is locked

Follow
Reply to: E-mail account compromised. How do I stop the spammers?
PLEASE NOTE: Do not post advertisements, offensive materials, profanity, or personal attacks. Please remember to be considerate of other members. If you are new to the CNET Forums, please read our CNET Forums FAQ. All submitted content is subject to our Terms of Use.
Reporting: E-mail account compromised. How do I stop the spammers?
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Comments
- Collapse -
PASSWORD!!!!
Mar 2, 2012 9:21AM PST

I have had similar experiences to yours on occasion. Yahoo! advice is that, "you should immediately change your email password and that is really about all you can do." (I have YAHOO! email). Changing the email password did stop the infractions and lasted for a couple of years before it happened again. I again changed the password immediately. That has been two or three years ago now. I am of the belief that if the hacker cannot "de-code" your password, they cannot gain access to your account. Are you using a strong password on your email account?

- Collapse -
password
Mar 2, 2012 8:56PM PST

My password is more than 9 characters, including caps, numbers and symbols. What I AM guilty of though, is not changing it very often. THAT's gonna change!

- Collapse -
Addressbook compromised
Mar 9, 2012 9:08AM PST

An interesting point that might help with this problem.
Last year I added a new entry to my addressbook and then immediately shut down my computer and left town. About two hours later I received a phone call from that person last added and he had received an e-mail with the usual viagra ad. Of course, many others in my addressbook--possibly all of them--received the embarrasing e-mail, also.

I use ATT.net (Yahoo) webmail, and I assume, since it is now on my smartphone as well as my two computers and anywhere else I log on, that the addressbook is actually kept on the ATT server - or both there and on my devices? I have no idea. I have had multiple attacks, have changed my password each time, and eventually ATT started requiring a new sign-in every two weeks.

Thoughts?

- Collapse -
Changing Password is Not Exactly A Solution.
Mar 9, 2012 10:48PM PST

This is a malware problem. If your computer has been compromised (not your email), and you are either in your email program (outlook for example), malware accesses your contact list, which is not protected, and then opens up a port and sends.
Changing passwords won't help because you have already opened up and are using the email client. You can keep changing the password and the malware will still be able to send emails.

This problem is less likely if you use a browser for accessing your emails. Yahoo or Gmail for example .

Clean your computer with Spybot, and CCleaner etc.. (tons of info already on Cnet), and then consider using just a browser based email.

Of course there is/are no perfect solutions to preventing breaches. Another option is to set up a NEW email account and have separate accounts for you need to provide email addresses online, vs. the email that you give out to friends and business associates etc..

- Collapse -
browser based email
Mar 10, 2012 1:16AM PST

You suggested using a browser based email. How do I do this? The browsers I use are Firefox, Chrome, and Internet Explorer. I don't see how they might access my email.

- Collapse -
Nearly All Internet Service Providers Offer:
Mar 10, 2012 2:03AM PST

.. online email access. Verizon Netmail for example, through a browser such as firefox, chrome, etc..
As I said, you can also use Gmail, hotmail, yahoo mail for example, and access from a web interface.
This is becoming more and more common all the time.
Benefits include being able to access email from anywhere or any other computer, without having to set up an email client.

Point is when you use a client on your computer, have your contacts on that computer, have your read emails on that computer, there is a chance of that data being hijacked.
WEB BASED email, is safer in some respects. Like I said, there is no perfect solution.

- Collapse -
Settings in/on your email client such as thunderbird
Mar 10, 2012 2:08AM PST

To elaborate, if you use an email client like Thunderbird (as just one example), someone could write a script, or malware that you unknowingly download. IT then accesses your data and sends emails as if they were you.
SOMETHING I forgot to mention to the OP. It is possible that a friend could receive an email that appears to be from you, but in actuality could be from someone else's computer that you've sent mail to.

When sending to your recipients, that data is embedded in the body of the email. Malware can that that info from ANY other computer that mail was sent to, and if that computer is infected, could send mail that appears to come from someone completely different from what is shown in the header of the email.

This subject is simple, but the actual events that take place from point A to point B can be variable.

- Collapse -
web-based email....
Mar 10, 2012 7:33AM PST

You suggested using a web-based email such as hotmail or yahoo, but those are the addresses that I've had hacked, not the client I have on my computer.

I use SUPERAntiSpyware and CCleaner along with changing passwords.

- Collapse -
Answer to pbutler317
Mar 10, 2012 3:31PM PST

What exactly got hacked? Your contact list? Or were you still a victim of email forwarding when using web-based email?
BTW, this seems to be rampant on Social Networks such as Facebook as well, hence receiving a "status" from someone on your "friend" list that asks you to click on a link or an app etc..
Next thing you know, your computer is infected.
(I'm not saying the two are related. I'm simply pointing out the "globality" of the problem)
FACT IS: These bottom-Dwellers who write the malware code get their "props" from within their circles for whatever damage they can cause. The more widespread the better (for them).

ANYWAYS...

IF you have a web based email account AND you store your address book with the service (in the cloud), such as gmail, that data is reasonably safe by virtue of cloud storage/security.
BUT, it is possible that while you are accessing your email via your browser, that you could still be at risk IF, you have a virus/malware that is specific to email hijacking.
I recommend NOT leaving your browser open on your email page. Get your emails and LOG OFF.
This is good advice whether you are using a client or going web-based. When not in front of your 'puter, "sleep" it.

Keeping clean:
keep all of your anti-virus, and "cleaner" software up to date AND run it on a regular basis.. ALSO, remember to dump your internet history, passwords, cookies, etc..

Sadly, as quickly as malware holes are plugged, they are just as quick to write the next generation of garbage code to keep honest people frustrated and worried about their personal data.

For casual use I would also suggest that your email contact list only carry recipients' names and email info and nothing more. (ie., phone, address)

- Collapse -
EXACTLY, this happened to me/us
Mar 12, 2012 8:23AM PDT

Webserf,
I agree. I had a "mailing list" that was part of a business group, and some of us were getting spam emails that appeared to be from one of the group, but as it turns out, the computer guy in our group was able to confirm that the computer that was sending the emails was NOT what was showing in the emails.
In other words, the supposed sender was not even in town at the time of receiving the email! His computer was OFF.
The actual "drone" computer was cleaned out and problem solved!

- Collapse -
Windows XP Standby status
Mar 24, 2012 4:31AM PDT

Webserf suggests sleeping the computer when you leave it. As I understand Windows XP at least, sleep mode is almost a full shut-down, whereas I typically use standby mode which is easier to wake and faster to get me back up online.

Is there a difference in security risk between the two?
If I do not sign out of a program does it remain exposed when I am on standby?

Thanks for your great input.

- Collapse -
Are you asking
Mar 24, 2012 4:39AM PDT

if you risk getting spam emails when the computer is in sleep mode?

If so, then the answer is no, it makes no difference whether you get spam or not.

If you are talking about other security risks when the computer is in sleep mode, then this discussion is not the right place to ask. This discussion is about reducing spam emails. So please create your own new discussion, and don't forget to supply full details as requested.

Mark

- Collapse -
web-based e-mail
Mar 25, 2012 6:52AM PDT

Mark, I was hoping for webserf to reply...

In any event, my query was a follow-on to his statement and is in respect of spam e-mail or other obtrusive stuff - when I use (Win XP) standby, is there any greater risk of access to my e-mail or PC than if I were in sleep mode? I think not, but am willing to learn if I am wrong...

- Collapse -
I"M VERY SORRY!
May 30, 2012 12:18AM PDT

@ColdWest,
I'm very sorry to have missed this follow up question.
Of course a lot of time has gone by and by now you've gotten your answer, but just in case,

NO, there is no difference. When in sleep/stand by, the computer is not actively connected to the internet thus preventing continued access by any mal/rogue-ware.

Again, thanks for your confidence in my answer(s), and I hope you are having a continued safe computing experience!

Cheers, Webserf

- Collapse -
browser based email reply
Mar 10, 2012 2:20AM PST

What this essentially means is that you log on to your email account via your preferred web browser and not an email client or application installed on your pc. So this can be any of those you listed (Firefox, Chrome, Internet Explorer). Open your browser and go to your Internet Service Providers (ISP) home site, many people use gmail (https://mail.google.com/), AT&T (https://mail.yahoo.com/), Comcast (http://xfinity.comcast.net/), and there are many, many others. To find yours, just search your ISP name with "mail" and it should immediately pull back the link to where you can log on. Hope this helps.

- Collapse -
email client
Mar 10, 2012 7:58AM PST

I wonder if uninstalling and reinstalling the client would fix this...

- Collapse -
No easy answer: SPOOFING.
Mar 10, 2012 3:39PM PST

Reinstalling might help, but it depends.

Scenario. You receive an email from "Joe". BUT, Joe's computer didn't actually send it. "Fred" who is also on both of your email lists, well it's his friend's "Steve" computer that's infected and so it's Steve's computer that sent the email to you, "spoofing" the sender's name.
.
So, you can see the difficulty in running down who exactly has the virus.
ANYONE who is a recipient of an email where several people are sent the same email, can then be victim of this sort of problem.

I've STOPPED sending useless stuff like jokes to multiple recipients, and although that's part of the fun of being online, it can cause problems sometimes. Also when sending to multiple recipients, ALWAYS use the Blind Carbon Copy option when possible. It could help at least a bit.

- Collapse -
Yes, Your email still can be accessed
Mar 12, 2012 7:51AM PDT

The hacker can first hack into your computer, without your AV (antivirus) detecting it. No worries, most likely its will be detected and deleted or quarantined by your AV. If you update it daily, use AV like Kaspersky, Bitdefender, AVG. I recommend Kaspersky. It will install a keylogger which will record anything use type.
The keylogger will note down easpecially the accounts you log into like Email, Bank Accounts, Payments, Credit Card number that you used for online shopping.... etc.
Also it take information about your computer like name, users,etc. most important your ip address and mac address which identifies your computer. The malware can also take screenshots and then crash your computer.

- Collapse -
Have Yahoo remember the wrong pasword
Mar 13, 2012 8:57AM PDT

Change your password in Yahoomail then have it remeber that pasword then change your password again but leave Yahoo remembering your old password. Each time you sign in Yahoo will Autocomplete the wrong password which you then clear with the backspace button and enter the correct password but NEVER have yahoo remember new correct password. Then if spyware does get as far as your mailbox they will keep getting the incorrect password you have had Yahoo remember.

- Collapse -
Email account comprimised
Mar 2, 2012 10:11AM PST

First: I don't believe it was your email account that was compromised, it was your password. It should be changed ASAP. This won't stop what's already lost, but it will prevent any future access.
Second: My computer wasn't hacked, but a friend's was. It wasn't until I received an email from someone I recognized as been in my friend's address book, that I realized what had happened. It took me three months of forwarding each email (with full headers) to the internet provider (abuse@ *****.***) hosting the email distribution. The full header allowed the internet provider to trace the distribuyion source of the stolen info and shut it down.
Third: The only true defense that I would know is to establish a very secure (obscure) password, or preferrably, change it frequently.
Hope my experience helps.

- Collapse -
Email Phishing
Mar 2, 2012 12:29PM PST

I have G mail and Yahoo accounts for more than a decade. Such compromise had not occurred so far. I have been changing my passwords frequently at least once in six months to stronger ones adding numbers, special characters , asterics, big case letters and so on.To me,I think that is the reason my emails accounts had NOT ( TOUCH WOOD) been compromised so far. I suggest your readers may also adopt the same to keep the accounts safe. .

- Collapse -
Funny
Mar 10, 2012 2:26AM PST

I'm sorry, but I can't help myself, I got to say this. It's "knock on wood" not "touch wood", lol. When I read that I almost spit out my coffee because my mind is always on the edge of the gutter. I immediately got an inappropriate visual. LOL... Laugh

- Collapse -
"Knock Wood" Correction
Mar 10, 2012 3:16AM PST

FYI - the saying can be "knock wood" or "knock on wood" It refers to the apotropaic tradition (Apotropaic magic is a type of magic intended to "turn away" harm or evil influences, as in deflecting misfortune or averting the evil eye) in western folklore of literally touching/knocking on wood, or merely stating that you are, in order to avoid "tempting fate" after making a favourable observation, a boast, or speaking of one's own death.

- Collapse -
Interesting!
Mar 10, 2012 5:28AM PST

Well thanks for that...I love finding out the origins of sayings. Wink So with that, I have learned 3 new things today and all thanks to CNET and it's awesome forum commentators. And the day isn't over yet! LOL.

- Collapse -
Woody?
Mar 10, 2012 3:43PM PST

I always found it interesting that there is a kid's cartoon character named "WOODY".
Now that's MY juvenile sense of humor!

Gotta Love Cnet though, it a great place to learn and maybe even throw out some knowledge sometimes. ...and even a little levity from time to time!

- Collapse -
Sheriff Woody!
Mar 11, 2012 4:26AM PDT

Absolutely! Not only the cartoon character "Woody Woodpecker" but the main character from Toy Story, Sheriff Woody. Gotta love it!

- Collapse -
Sheriff Woody
Mar 15, 2012 9:22PM PDT

It's "cease and desist".

- Collapse -
Oh yeah!
Mar 16, 2012 4:57AM PDT

LOL...whoops...it most certainly is.

- Collapse -
silly
Mar 16, 2012 7:18AM PDT

don't over state your case, we are not as educated, as you.

- Collapse -
Completely off topic....
Mar 10, 2012 7:41AM PST

CNET Forums

Forum Info