How to put an end to e-mail addess hijacking and friends being spammed?
Somehow my sister has done something that has compromised her address book in her e-mail, and spam is being sent from her e-mail address to everyone she knows. I am about ready to block her e-mail address and stop accepting messages from her.
Would changing her password stop it? How does one’s e-mail address become compromised in this manner?
Observing members:
0
Composing members:
0
12 Answers
it’s a virus so she needs to clean it up pronto using antivirus software. AVG is a good free package I have used.
To verify if, in fact, the mail is coming from your sister, have her send a legitimate email and you check the full header to see the IP address. Look at the full headers in the spam mail. Does the addres match? If yes then it is likely on her machine. If no, then it is most likely a spambot spoofig her address. Set a filter to accept her mail only if the IP is correct.
Year ago some slime used my randomly selected email address to send out a ton of spam. There was no virus. It was a spoof. I killed the address and started over. That’s why it is best to use throwaway addresses.
Or it could be all your friends need larger genitals, the drugs to fill them, and the illicit gold funds from Nigeria to pay for them.
If they have her address book then her e-mail has been hacked.
Change her password, ASAP.
Delete her entire address book, ASAP.
Don’t feel bad, it happens quite easily.
Side note, tell anyone who responds to her that they clicked on said e-mails, that they need to change their password IMMEDIATELY
She still should scan it for viruses too
Just to clarify, I mean the IP address something that looks like. 192.123.456.789.
If that matches, great! You have a chance of cleaning up your pc.
Change the file name for the email program. That will likely cause the other program to crash and leave you an error message.
You can hope the problem is on her computer. In my case the slimebag sent out a pile of emails with my return address. I suddenly received hundreds of emails from people saying they did not appreciate receiving such email and calling me all kinds of things. (No money by the way.)
Of course, I forwarded the email with full headers and IP info to the various agencies: FTC, Hotmail, Spamhaus, etc. and the admin of the initiating IP address. I don’t know it if did anything other than make be feel better. I copied my contact list and made a new address.
@worriedguy In my experience you probably at least got the spammer’s account shut down. Many if not most hosting providers are quick to suspend accounts on even basic evidence of spamming and to subsequently cancel the accounts unless the account holder shows that they are innocent or have mended their ways. Sadly, it’s very, very, easy for a spammer to just move to another account with the same or another provider and to keep up their old tricks. This assumes they are actually sending the spam through their own account, which many do not.
To stop email hijacking among friends (that is, known regular correspondents) consider encrypting all email between such correspondents. Gather face to face, sign each others’ keys, and then configure your email client or MTA to reject mail from each address without the proper key.
There is a lot you can do about this sort of thing if you run your own email server. It’s not so hard as it used to be, but it’s still harder than using GMail- so most folks won’t do it.
There’s relatively little you can do when you don’t have your own server, and most of it has been covered by others in this thread.
@koanhead The email was not actually sent from my account. The slime just spoofed my return address in the “Sender” line. When they send a spam email to a million addresses, 99.98% of the people will just throw it away. 0.01% are dumb enough to go to the link, and 0.01% get pissed off and write terrible things to the sender. It was awful. My mailbox was instantly filled with email that got through my filter because it was actually addressed to me. That was about 6–7 years ago and things have gotten better.
But slimebags are still slimebags. That never changes.
@worriedguy I understand, and that’s how it happens in a lot of cases. You did the right things, and I didn’t mean to imply otherwise. The second part of my answer was intended as a general answer to the OP, and not as a criticism of your actions.
For everyone: I do recommend reporting to spamcop in addition to the other reporting that @worriedguy mentioned.
I am that .01% that is pissed off enough at this point to block my sister’s e-mails. Mostly because she doesn’t understand what a pain this is becoming.
Answer this question
This question is in the General Section. Responses must be helpful and on-topic.