I have gotten a few email delivery failure notices in the last couple of days for emails I am positive I did not send out. All originating from hotmail. Has my email been hacked? See below:
Delivery Status Notification (Failure)
1
Hide Details
FROM:
postmaster@hotmail.com
TO:
Hidden
Message flagged Friday, April 20, 2012 8:30 AM
----- Forwarded Message -----
This is an automatically generated Delivery Status Notification.
Delivery to the following recipients failed.
dianapure@hotmail.com
wygant sanders souhaite devenir votre ami sur Windows Live
Afficher l'invitation
Préférences de notification | Déclaration de confidentialité Microsoft
And:
Delivery Status Notification (Failure)
1
Hide Details
FROM:
postmaster@hotmail.com
TO:
Hidden
Message flagged Friday, April 20, 2012 2:40 AM
----- Forwarded Message -----
This is an automatically generated Delivery Status Notification.
Delivery to the following recipients failed.
CharlettePanascioncsj@hotmail.com
wygant sanders wants to be your friend on Windows Live
View invitation
Notifications preferences | SMS notifications | Microsoft privacy statement
Last edited by Richard Sinkler on 20 Apr 2012 9:49 am, edited 1 time in total.
Carter D10 8p/7k, Dekley S10 3p/4k C6 setup, Regal RD40 Dobro, Recording King Professional Dobro, NV400, NV112, Ibanez Gio guitar, Epiphone SG Special (open G slide and regular G tuning guitar) .
Just looked in my spam folder and found 31 more, 30 from hotmail and 1 from another .com site.
Carter D10 8p/7k, Dekley S10 3p/4k C6 setup, Regal RD40 Dobro, Recording King Professional Dobro, NV400, NV112, Ibanez Gio guitar, Epiphone SG Special (open G slide and regular G tuning guitar) .
Richard;
This could be a simple Joe Job, in which your email account has been harvested from your or a contact's infected PC. The bounces indicate that the recipient accounts are inactive, or misspelled. Since your account is listed as the From, or Return Path, you get the bounces and refusals.
Or ... your Yahoo account may have been hacked and is being used directly by a spambot to send to a list of recipients sent to it by the spammer behind this spam-blast.
You can find out if the account password was hacked (guessed, dictionary attacked, or obtained by a Trojan key-logger on your PC) by logging into your Yahoo account and changing the password to something not found in a dictionary, nor easily guessed.
If the bounces stop shortly thereafter, you have evidence that your email account was being used directly by spammers. But, if nothing changes, it is a Joe Job, using your Yahoo account name to deflect bounces and spam complaints to your innocent account.
The email headers (complete/full) would give more details about the routing of these messages, which a trained spam hunter could identify. Spam hunters usually get paid for their time analyzing other people's problems. Change your Yahoo password first.
Scan your computer for malware now. Use a current version, with current definitions, of your anti-virus program. Also, download Malwarebytes Anti-Malware, install and update it, then scan for threats.
Mkae sure you have installed all available Windows Updates and patches available for your OS. If you are still running XP, make sure you have upgraded to SP 3, which is the only version still receiving updates (until April 2014).
Finally, if "rls73154 @ yahoo.com" is actually your email account, you have just given it away to automatic forum scrapers and email harvesters by posting it as a clickable "mailto" link on this publicly viewable forum. I recommend that you open a new account (with a non-guessable, non-dictionary password), import your contact list, then delete that now-harvested account.
If you require professional assistance, contact me via the forum's PM service.
Last edited by Wiz Feinberg on 20 Apr 2012 10:30 am, edited 1 time in total.
Richard;
As a follow-up to my previous reply, you should know that if your PC is infected with a key logging Trojan, which is linked to the spambot sending these messages, changing your passwords will have no long term affect. The next time you login to Yahoo with a new password, the password used by the spambot will be updated as well.
You really need to make sure that your PC is not infected. This includes looking for rootkits and bootkits. This may require taking it to a professional who can remove your hard drive, hook it up in a testing machine and scan it as a slave drive.
Since I don't have a Hotmail account, it must be the "Joe Job" thing. I have Malware Bytes and will scan tonight when I leave for my gig.
Carter D10 8p/7k, Dekley S10 3p/4k C6 setup, Regal RD40 Dobro, Recording King Professional Dobro, NV400, NV112, Ibanez Gio guitar, Epiphone SG Special (open G slide and regular G tuning guitar) .
Richard Sinkler wrote:Since I don't have a Hotmail account, it must be the "Joe Job" thing. I have Malware Bytes and will scan tonight when I leave for my gig.
I don't recall saying you did have a Hotmail. I did ask if you have a Yahoo email account. If so, it may have been hacked, or key-logged and is being used to spam Hotmail and other email providers.
The recipients you listed in the bounces were Hotmail users. Your return path is listed as a Yahoo account. If your Yahoo account has been compromised by spammers, it will send to not only Hotmail members, but anybody listed in your contacts list, or to whom you have ever replied by email.
When I try to change my password in my yahoo account, I get sent to the AT&T page and that does me no good. I think I will scratch my Yahoo accounts and bid them a fond ado. Have been getting tired of them for a long time.
Any recommendations?
Carter D10 8p/7k, Dekley S10 3p/4k C6 setup, Regal RD40 Dobro, Recording King Professional Dobro, NV400, NV112, Ibanez Gio guitar, Epiphone SG Special (open G slide and regular G tuning guitar) .
You can find out if the account password was hacked (guessed, dictionary attacked, or obtained by a Trojan key-logger on your PC) by logging into your Hotmail account and changing the password to something not found in a dictionary, nor easily guessed.
Sorry Wiz. I thought this statement said to check my Hotmail account.
Carter D10 8p/7k, Dekley S10 3p/4k C6 setup, Regal RD40 Dobro, Recording King Professional Dobro, NV400, NV112, Ibanez Gio guitar, Epiphone SG Special (open G slide and regular G tuning guitar) .
Well, I made the decision to can Yahoo. Can't take their lousy help and support system any longer. Any recommendations. I have a Gmail account, but hesitate to use it with Google's change in privacy plans. Any info on mail.com. Somebody I know and trust uses it and loves it.
Carter D10 8p/7k, Dekley S10 3p/4k C6 setup, Regal RD40 Dobro, Recording King Professional Dobro, NV400, NV112, Ibanez Gio guitar, Epiphone SG Special (open G slide and regular G tuning guitar) .
You can use a real desktop email client with either, for incoming and outgoing mail. Once you choose your new service, you should receive setup instructions for your email client, for POP3 and SMTP, or your browser for Webmail.
Thank Wiz. I think I will try out my Gmail account. By desktop email client, are you talking about programs like Eudora, Outlook, etc...
Carter D10 8p/7k, Dekley S10 3p/4k C6 setup, Regal RD40 Dobro, Recording King Professional Dobro, NV400, NV112, Ibanez Gio guitar, Epiphone SG Special (open G slide and regular G tuning guitar) .
Richard Sinkler wrote:Thank Wiz. I think I will try out my Gmail account. By desktop email client, are you talking about programs like Eudora, Outlook, etc...
Yes. I personally prefer Windows Live Mail. I began using it a couple of years ago and upgraded to the latest version when I built my current Windows 7 machine. It easily imported all messages, folders and accounts from my previous setup, which was exported from Windows XP.
If you have email saved in Outlook Express .eml format, you can export it to Windows Live Mail, which uses the same format.
Don't you have your own domain, Richard? Why don't you create somename @ richardsinkler.net and read email on the server with Squirrel mail or locally with Thunderbird or Outlook?
Cal, I do have my own domain and have an email address for it. I don't want to use it as my general address, but I could create another. I have Eudora installed and was trying it out and that should work. I have been using Gmail since this crap with my Yahoo address surfaced, and I am, so far, pretty pleased with it. The thing I wish Eudora had was a calendar. I use my Yahoo calendar, and now the Gmail calendar, daily. My life would end without it .
The count of the failure notices is now 327.
Carter D10 8p/7k, Dekley S10 3p/4k C6 setup, Regal RD40 Dobro, Recording King Professional Dobro, NV400, NV112, Ibanez Gio guitar, Epiphone SG Special (open G slide and regular G tuning guitar) .
