Email account hacked - spam sent - cannot change any user information

Posted on 2008-10-01
Medium Priority
Last Modified: 2012-05-05
My email account on outlook express was apparently hacked yesterday, resulting in a great deal of spammail being sent from my account. Aside from the nasty messages I got back from a lot of people who received the email, I can no longer change my email password, delete my user, export my messages, or anything relating to modifying any account or options.

Can someone help me get outlook express straightened out? I have run a number of online and offline spyware scanners and they have not found any spyware.

This morning an email went out to an email account with my userid and password. Outlook express will not allow me to change my password.


The messages I am getting are from Mail Xplosive:

>>From: "davyk" <davyk@hargray.com>
>>Subject: Congratulations!!! ( Reply to: frankhills.desk3@hotmail.com )
>>Date: Tue, 30 Sep 2008 12:23:58 -0400
>>MAIL Xplosive !                  P.I.D.N:(mx/1.08/pd)
>>You have every reason to be happy, because you are the selected winner of
>>the first ever MAIL Xplosive ! promotion. Your email address has won you a
>>prize money of £1000,000.00 GBP. Do note that this was done randomly, and
>>you emerged as the first ever winner, congrats ! Do not be confused you
>>are the rightfull winner.
>>For further information on how to collect your prize money, do send an
>>email containing your;
>>Full name................
>>Contact Address..........
>>Telephone Number.........
>>NAME: Frank Hillsborough
>>EMAIL: frankhills.desk3@hotmail.com
>>or call ; +447031980597
>>NOTE: Make sure you add your P.I.D.N (personal identification number) to
>>your reply email. ( You can find your personal identification number at
>>the top right corner of this email )
>>The MAIL XPLOSIVES ! team wishes to congratulate you.
>>MAIL XPLOSIVES,  making the world a wealthy place.

Question by:mvssysprog
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2

Expert Comment

ID: 22613309
try and log in to hotmail directly at www.hotmail.com and if you can log in to your account change your password.  If you can not log in then go to the forgot password link, you may have a chance of resetting it if your questions/answers haven't been changed.  Otherwise try and let everyone know that someone "hacked" your email account and to block you email address.

Author Comment

ID: 22613365
Thanks for responding.. Unfortunately, my email account is with Hargray.com (small local ISP).
I have a call into Hargray to change that password, but the problem is that I am still hacked. I need to be able to get the hacked software off my system.


LVL 20

Expert Comment

ID: 22614042
While sometimes email is sent with your return address even when someone doesn't actually have control of your account, your statement that you couldn't change your email password indicates something else is going on. (I presume from your second message that you now have control of your password.) If there's a program on your system, what you need to do is find that and remove it. I'd suggest a couple of things:

1) Get a two-way firewall, which tells you whenever a new program is trying to access the Internet from your computer. I use and recommend ZoneAlarm (www.zonealarm.com), which offers both a free and a paid version; for home users, the free version is fine. (You should turn off the Windows firewall in Control Panel if you're using that, as the firewalls can compete with each other.) This will prevent a program on your computer from sending email without your knowledge.

2) Run a complete antivirus scan with a fully up-to-date AV program. (If you don't have one, go to www.avast.com or free.grisoft.com for free AV programs.)

Are you seeing copies of the messages that people are receiving in your Sent folder of OE? If you are, then somehow OE itself has been hijacked, which is quite unusual; more often, rogue email is sent directly by the malware. The way to deal with that is going to be a bit different.
Cyber Threats to Small Businesses (Part 1)

This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations.  Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.


Author Comment

ID: 22614123
Thank you very much for responding. This really is very curious though.
I am not seeing the sent emails in my outlook express sent folder. Rather when I go into webmail, all of the spam messages are there in the sent folder. They are not in my sent folder in outlook express.

I have run Nortons antivirus full scan, trendmicro housecall online scan, and Panda's online scan as well as a number of spyware scans (spyware doctor, spybot search and destroy, superantispyware, Anti-malware and a couple of others) and none of them found anything.

It is very frustrating. I have sygates firewall up and running that I got years ago. Would that suffice still? It has protected me just fine until this attack.

I appreciate any suggestions you can offer.

LVL 20

Accepted Solution

ElrondCT earned 2000 total points
ID: 22614154
OK, if they're in the Sent folder of your webmail and not in OE, that means that your online access, not OE, was hacked. There is nothing on your computer to find.

Once the password has been changed (and hopefully to something non-trivial--not a single English word, for instance), you should be protected from a repeat.

Author Closing Comment

ID: 31501925
Thank you... I changed the password to hopefully something much more difficult to figure out....I really appreciate it.

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Some of the most commonly posted questions in the "Virus & Malware" Zones are related to the family of rogue malware with the date "2012" somewhere in the title. Examples: XP Antispyware 2012 XP Antivirus 2012 XP Security 2012   XP Home Sec…
Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question