Email sending out spam
Once upon a time (about 15 years ago!) our ISP was AOL, and as such my whole family have @aol.com emails. I don't use my @aol.com email too often, but it's used for a lot of website registrations etc.
Over the past 6 months, this email has been sending out spam about once a month for no apparent reason. I have changed my password regularly to a complete random combination of letters, numbers, symbols etc but it still continues to send spam every few weeks. Virus scans etc have picked up nothing. I haven't visited any of the websites it's been spamming, but they don't appear to be anything too awful (thankfully). Any idea how this email address is still sending out spam? There's no way they can be guessing my password and it isn't a virus on my PC. I'm completely confused :bored::bored: |
I would suggest that it's not your email that's sending out the spam, but rather that your email address is 'spoofed' so it looks as if it is yours.
|
Bugger, I'm guessing there's nothing that can be done against this?
The emails are being sent to my actual contacts, is that possible from spoofing? Thanks |
The emails are being sent to my actual contacts |
I only ever use my AOL email via their website, and I'd like to think I'm fairly careful with what I have on my laptop etc.
To rule this out, last time I changed my password on AOL, I only ever logged in to read my emails using my iPhone, but it still sent spam. |
There are at least two possibilities:
ONE: Someone, at some past date, hacked into your account and copied your address book. It's not uncommon. Those hacked details are now being used to send e-mails to your contacts, almost certainly not from your account. There's nothing you can do about it directly. You could close down that AOL account and tell everyone to dump any messages from it. TWO: You have a virus on your PC which is sending out that stuff. If one of the recipients of the spams is a bit pooter-savvy, he/she can look at the headers on the spam and see where it came from. That would clarify whether it's ONE or TWO above. |
Thanks for the reply, I'll have a look into it :ok:
|
750 - an age-old trick - put an entry in your address book like '0thisis [email protected]' (or whichever email host you wish)
If you get a bounce from this address, then it is YOUR AOL account that is sending the spam from YOUR address book. If not, relax and accept the wonderful world of email. |
I was once told to start ones' address book with the entry !0000, which was supposed to block any attempt from "outside" to illegally copy your list ?
Did it, but don't know if it works or not ? ( I also believe that if one doesn't keep a light bulb in the ceiling socket, then all the electricity leaks out over the floor ! ) |
I was once told to start ones' address book with the entry !0000, which was supposed to block any attempt from "outside" to illegally copy your list ? snopes.com: How to Protect Your Address Book SD |
False. |
A quick look at the headers of one of the spam emails should give some idea as to whether it's your machine or not.
|
Originally Posted by llondel
(Post 8410733)
A quick look at the headers of one of the spam emails should give some idea as to whether it's your machine or not.
Originally Posted by Keef
If one of the recipients of the spams is a bit pooter-savvy, he/she can look at the headers on the spam and see where it came from.
|
It's been spamming one of my 'proper' email addresses, so I can look at the header there.
What exactly am I looking for :\? Thanks! |
The from address - not the one you 'see' in your client (which may be 'spoofed') but in the header? If in doubt, cut and paste it here and the doctor will see you shortly.
|
Ah yes, it's showing from my actual email address rather than a contact 'nickname'.
Looks like I'll have to live with it for a while :ok: Maybe they'll give up eventually... |
Depending which mail client you use, there will be something you can click to display the whole message.
If you see something that just says "From: [email protected] To: [email protected]", maybe with a date and time, then you can't tell anything from that. What you are looking for will be something like this: From - Fri Mar 28 14:08:30 2014 X-Account-Key: account11 X-UIDL: UID7993-1219148700 X-Mozilla-Status: 0001 X-Mozilla-Status2: 00000000 X-Mozilla-Keys: Return-Path: <[email protected]> Delivered-To: [email protected] Received: from Postfix-filter-42a77884ce2a0a03efc6bb50a6dcdb21 (localhost [127.0.0.1]) by smtp-in-75.livemail.co.uk (Postfix) with SMTP id B620565420D for <[email protected]>; Fri, 28 Mar 2014 14:04:21 +0000 (GMT) Received: from smtp-in-110.livemail.co.uk (smtp-in-110.livemail.co.uk [213.171.216.171]) by smtp-in-75.livemail.co.uk (Postfix) with ESMTP id 28174654205 for <[email protected]>; Fri, 28 Mar 2014 14:04:18 +0000 (GMT) Received: from Postfix-filter-42a77884ce2a0a03efc6bb50a6dcdb21 (localhost.localdomain [127.0.0.1]) by smtp-in-110.livemail.co.uk (Postfix) with SMTP id A59CBD8193 for <[email protected]>; Fri, 28 Mar 2014 14:04:18 +0000 (GMT) Received: from 110.Red-80-37-212.staticIP.rima-tde.net (110.Red-80-37-212.staticIP.rima-tde.net [80.37.212.110]) by smtp-in-110.livemail.co.uk (Postfix) with ESMTP id 5FA11D8195 for <[email protected]>; Fri, 28 Mar 2014 14:04:18 +0000 (GMT) Received: from 192.168.0.250 ([192.168.0.250]) Message-ID: <F2CE492568CC4D2D8AEDFAC3716F68BF@home-jjkol10> From: "Gabriel Marlow" <[email protected]> To: "Benjamin Davidson" <[email protected]> Subject: Check vacancies in our company Date: Fri, 28-Mar-2014 14:07:06 GMT You can see from that one that it started at 192.168.0.250 which is an address on someone's local network. If your message had that, and if don't have a local network, or if yours isn't 192.169.0.something, then you'd know already that the message didn't come from you. The local network sent it through 80.37.212.110 - although there is no indication of the transfer from local network to mail server. "Whois" reveals where 80.37.212.110 is located. If the equivalent on your address isn't at the server address, then it's not yours. if the problem IS in your PC, then you need to get it seen to immediately if not sooner. If you can't decipher the headers, post them here or PM them to me and the sleuthing will begin... |
You have to be prepared for the earlier Received: headers to be forged, start at the top and work backwards through the ones you think you can trust. There is a bit of an art to it.
|
PM sent Keef :ok:
|
All times are GMT. The time now is 16:29. |
Copyright © 2024 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.