Solved

my account is being spoofed

Posted on 2011-02-19
11
702 Views
Last Modified: 2012-05-11
I have a yahoo account. apparently everyone in my address book is receiving a viagra email. How can I stop this?
0
Comment
Question by:al4629740
11 Comments
 
LVL 14

Accepted Solution

by:
svgmuc earned 250 total points
ID: 34933541
Change the password.

Email accounts are "hacked" on a regular basis. Once they found out your password, an automated system (botnet) sends emails from your account.

I have had my yahoo account for a while and never received any complaints about me sending spam. I presume, they can only break easy passwords with word lists.
0
 
LVL 31

Assisted Solution

by:moorhouselondon
moorhouselondon earned 250 total points
ID: 34934286
As svgmuc says, but change it to something really really secure, letters and digits and no, PA55W0RD is too easy lol.  Yahoo allows access to account logins through an API, which makes dictionary hacking so much easier.  Yahoo don't seem to monitor failed logins through this route, otherwise this would never happen.

Check also that the hackers have not changed your "Secret Questions".  One of my clients got hacked and they changed the first of her secret questions, luckily she had a second question which was left untouched.

Put yourself in your address list so that you are among the first to know that you are in the business of promoting the benefits of viagra(tm).
0
 
LVL 34

Expert Comment

by:PsiCop
ID: 34947861
There is no way to stop anyone from sending E-Mail claiming to be from you.

Welcome to the Internet.
0
 

Author Comment

by:al4629740
ID: 34947884
what about the previous two posts, mr. psicop.
0
 
LVL 34

Expert Comment

by:PsiCop
ID: 34947923
Is the E-Mail actually being sent from your Yahell! account, or is it simply being sent with headers that claim to be from your account?
0
Swamped with email signature updates?

Have you been given a load of changes to make to your users’ email signatures? Having to manually implement multiple signatures for every department? Let Exclaimer save you from being swamped with email signature updates!

 
LVL 34

Expert Comment

by:PsiCop
ID: 34947932
There's nothing you can do to prevent someone from sending an E-mail claiming to be from you, but which is actually sent from elsewhere.

If someone is actually accessing your Yahell! account, then that's a horse of a different technicolor. You need to state precisely what is happening.
0
 

Author Comment

by:al4629740
ID: 34947959
not sure, I guess thats why I'm asking for your opinions
0
 
LVL 34

Expert Comment

by:PsiCop
ID: 34948021
There's no way for us to know which is happening.

If you have a sample of the E-Mail, with complete headers, you can post it here, after obscuring your E-mail address and anything else that tends to personally identify you (and don't bother with the body of the E-Mail, it's the headers that are important).

But short of that, we have no way of knowing which is happening to you.
0
 
LVL 45

Expert Comment

by:Craig Beck
ID: 34965634
Ask someone in your address book to forward a copy of the mail headers to you, then post them on here.

This will tell you all kinds of info... what email address the email claimed to be from, the IP address of the computer that sent the mail, the relay it used to get to the recipient, the time it was sent, etc...



Unfortunately there is no easy way to stop this, as some mail servers don't use SPAM filters or blacklists.  Traditional email was checked on the basis that all mail was legitimate unless the mail server receiving the mail could provide a valid reason why it should be blocked (using blacklists, spam filters, etc.)

More recently some email providers use technologies such as SPF to make the sender prove that the mail is legitimate.
0
 

Author Comment

by:al4629740
ID: 35023348
here is the header


Return-path: <SRS0=C0PNQh=VQ=aol.com=xxxxxxxxxxxx@aol.com>
Envelope-to: xxxxxxxxxxxxxxxxxx
Delivery-date: Sat, 19 Feb 2011 04:49:46 -0500
Received: from impinc03.yourhostingaccount.com ([10.1.13.103] helo=impinc03.yourhostingaccount.com)
	by mailscan07.yourhostingaccount.com with esmtp (Exim)
	id 1PqjRi-0005mM-Pn
	for al@tellap.com; Sat, 19 Feb 2011 04:49:46 -0500
Received: from imr-ma02.mx.aol.com ([64.12.206.40])
	by impinc03.yourhostingaccount.com with NO UCE
	id 9lpm1g02C0spQVs03lpmc9; Sat, 19 Feb 2011 04:49:46 -0500
X-EN-OrigIP: 64.12.206.40
X-EN-IMPSID: 9lpm1g02C0spQVs03lpmc9
Received: from imo-ma03.mx.aol.com (imo-ma03.mx.aol.com [64.12.78.138])
	by imr-ma02.mx.aol.com (8.14.1/8.14.1) with ESMTP id p1J9iQ3u007176;
	Sat, 19 Feb 2011 04:44:26 -0500
Received: from xxxxxxxxxxxx@aol.com
	by imo-ma03.mx.aol.com  (mail_out_v42.9.) id 9.ce5.74e3415d (43837);
	Sat, 19 Feb 2011 04:44:21 -0500 (EST)
Received: from smtprly-me03.mx.aol.com (smtprly-me03.mx.aol.com [64.12.95.104]) by cia-dc03.mx.aol.com (v129.9) with ESMTP id MAILCIADC032-b3104d5f90f31b4; Sat, 19 Feb 2011 04:44:21 -0500
Received: from TSTMAIL-D01 (tstmail-d01.sim.aol.com [205.188.58.129]) by smtprly-me03.mx.aol.com (v129.9) with ESMTP id MAILSMTPRLYME038-b3104d5f90f31b4; Sat, 19 Feb 2011 04:44:19 -0500
To: 1800FLOWERS@e.1800flowers.com, aarpnews@news.aarp.org,
        accountmanageremail@accountmanageremail.com, ahoward@dist159.com,
        akajanewms@yahoo.com, xxxxxxxxxxxxxxxx
Content-Transfer-Encoding: quoted-printable
Subject: holla
Date: Sat, 19 Feb 2011 04:44:19 -0500
X-MB-Message-Source: WebUI
X-AOL-IP: 65.27.34.47
X-MB-Message-Type: User
MIME-Version: 1.0
From: jvjideations@aol.com
Content-Type: text/plain; charset="us-ascii"
X-Mailer: AOL Webmail 33222-MOBILE
Received: from 65.27.34.47 by TSTMAIL-D01.sysops.aol.com (205.188.58.129) with HTTP (WebMailUI); Sat, 19 Feb 2011 04:44:19 -0500
Message-Id: <8CD9E30B6B2F57B-2124-226CA@TSTMAIL-D01.sysops.aol.com>
X-Spam-Flag:NO
X-AOL-SENDER: xxxxxxxxxxxx@aol.com
X-Antivirus: avast! (VPS 110219-2, 02/19/2011), Inbound message
X-Antivirus-Status: Clean

Open in new window

0
 

Author Closing Comment

by:al4629740
ID: 35098994
Thanks
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Nearly six years ago I was hired by a company to be their senior server engineer. One of my first projects was to implement Exchange Server 2007 on a Windows Server 2008 Single Copy Cluster for high availability. That was the easy part; read on to l…
Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
Familiarize people with the process of retrieving data from SQL Server using an Access pass-thru query. Microsoft Access is a very powerful client/server development tool. One of the ways that you can retrieve data from a SQL Server is by using a pa…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now