[Webinar] Streamline your web hosting managementRegister Today

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 242
  • Last Modified:

SPAM Generated from Corporate Account

I have a user that was sending out SPAM, one being the Nigerian Scam.  It was sending emails (as I saw these in her send items folder) with the sender address of her account name.  There was a large recipient list of all different domains with the same user name.  It appeared some one these were legitimate email addressesas some replied back.  Then a flood of NDR's came in.  All this added to a backup of email delivery along with being blocked by some outside mail servers.  I'm looking to find out how this could of happend.  Our environment is very secure.   No viruses detected.  User has only 4 email addresses in her address book.  Could the user really have created this issue by clicking on an url within one of the email received?
1 Solution
sounds like a mass mailer is lurking in the machine somewhere, altho i've never heard of any mass mailers that would put the spam into sent items.

have you run a full virus scan?
Alan HardistyCo-OwnerCommented:
Please download and scan her machine with MalwareBytes - www.malwarebytes.org
Remove anything that it uncovers.
Mandeep KhalsaCommented:
If the user's PC is infected with mass mailer you should be able to view outgoing requests on port 25 using WireShark or something similar. If that is the case malwarebytes (like alanhardisty suggested) should be a good starting point. Also you might want to run HijackThis and ComboFix to see what else is happening with the PC.

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now