Jump to content

Recommended Posts

Posted

Ok, today i received an email in my Inbox in my Yahoo account titled 'January 75% off" and it's yet another Viagra spam email.

However, it appeared to have been sent from me which is why it managed to bypass the spam filter and go into my inbox.

I hit the reply button and sure enough, my email address came up as the reply address.

I sent the email to the spam folder - and then changed my password on my email account.

Not 4 hours later, and i receive exactly the same email again - apparently from my own email addy.

It is a Canadian Pharmacy which can be found at www.evendad.com

I googled it and there are some blog posts about it but i dont really understand them.

Have i been hacked?

I' m loathe to post the full email header here so some of the board experts can look at it, for obvious reasons.

Ideas please !

Posted
Ok, today i received an email in my Inbox in my Yahoo account titled 'January 75% off" and it's yet another Viagra spam email.

However, it appeared to have been sent from me which is why it managed to bypass the spam filter and go into my inbox.

I hit the reply button and sure enough, my email address came up as the reply address.

I sent the email to the spam folder - and then changed my password on my email account.

Not 4 hours later, and i receive exactly the same email again - apparently from my own email addy.

It is a Canadian Pharmacy which can be found at www.evendad.com

I googled it and there are some blog posts about it but i dont really understand them.

Have i been hacked?

I' m loathe to post the full email header here so some of the board experts can look at it, for obvious reasons.

Ideas please !

SPAMMERS have ways of spoofing email addresses .. they just got yours somehow.

Posted

I'm hearin ya Klikster. I think i have had spam emails before which 'look' like they've come from one address, but actually have come from another.

The worry i have is that when i hit the 'reply' button, it will send the email back to me. So it looks like it really HAS come from me. If you see what i mean?

I am doubly concerned because i received another email from them (me) AFTER i had changed my email password.

Should i be worried?

Posted

I ve done a quick bit of digging and Google came up with this site, http://www.siteadvisor.com/sites/evendad.c...ostid/?p=683175 which gives some advice about Canadian Pharmacy being run by Criminals ! Yikes.

Here is a line from the above site which concerns me, "Their spam messages violate the CAN-SPAM act because they have forged "from" and "reply to" addresses, are sent from hijacked computers without the knowledge or permission of the owners, do not include valid information identifying who has sent the spam or how to opt out, and do not honor opt-out requests on their websites. Addresses are collected by bots spidering the internet for email addresses"

What does the bit i have highlighted in bold mean? Has my computer been hijacked and if so what can i do about it?

I immediately changed my password, but that is no guarantee is suppose.

I also use ZoneAlarm Pro as my firewall which should stop malicious entry to my PC.

I'll see if i can get zone alarm to scan my PC. And AVG too.

Posted

They have obtained your email address somewhere and are using it to spam others - when the spam is reported (by those not knowing about spam) they may report you are the spammer and it could get back to your ISP - but in most cases people will, rightly, be more interested in reporting the web site links in the message. You have done what you can with the password change and firewalls (believe Zone Alarm prevents outgoing).

Posted

Ahem.. I think it's much less sinister than that.

They have your email address - obviously, since they are able to send you an email. So they just spoofed the reply to address with your own address. That is very easy to do, there is absolutely no verification by the email system about the reply-to. Basically, if you know how, you can fill in anything. Like [email protected], or your own email. Apparently, the "payload" of the spam is in the message itself, not the reply-to. To really get scammed, you have to visit their website which I strongly advise you not to do.

So nothing to see here, move along.

If you would like a near-100% spam filter use a GMail account. I was just recently scanning the thousands of messages in my SPAM folder on GMail, and lo and behold, each and every one was spam. That's a false negative rate of 0, pretty impressive. I just today received the first spam message in my inbox on GMail in months. Detection rate is therefore over 99.99%, one out of 10 thousand roughly came through.

Here's what to do:

- Run some anti virus program to make sure

- Run some anti spyware program

- Forget about that email

For future reference, there is one thing in the email that can not be spoofed - that's the IP addresses. If you have a mail program that can show all headers, you can see the IP address of the machine that sent the message in the first place, and the IP addresses of all the intermediate email-forwarding servers. The important thing is that, unlike almost everything else in an email, this cannot be spoofed. You could take that list and compare it with your own IP address (which you get via whatismyip.com). That way you can make 100% sure it didn't come from you.

Also even more elaborate, you can send yourself an email, and compare the IP addresses with the one that you think was sent from your computer. Only if they are the same was it really sent from your computer.

Posted
For future reference, there is one thing in the email that can not be spoofed - that's the IP addresses. If you have a mail program that can show all headers, you can see the IP address of the machine that sent the message in the first place, and the IP addresses of all the intermediate email-forwarding servers. The important thing is that, unlike almost everything else in an email, this cannot be spoofed. You could take that list and compare it with your own IP address (which you get via whatismyip.com). That way you can make 100% sure it didn't come from you.

Also even more elaborate, you can send yourself an email, and compare the IP addresses with the one that you think was sent from your computer. Only if they are the same was it really sent from your computer.

Thanks Nikster. I feel a bit more reassured now.

One thing i m curious about regarding the IP address. I thought that my ADSL router assigned a different IP address every time i logged on. In which case, the IP address may be different. Or am i barking up the wrong tree?

Posted
I got exactly the same email yesterday from myself apparently, so did a million others I expect!

Can get worse! On some of my e-mail accounts i get messages from the mail daemon about undeliverable mails I supposedly tried to send...

These messages are spam and bounce back to me because they are being sent to non existing e-mails...

Very good way of getting your e-mail blocked....

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.



×
×
  • Create New...