Solved

"Live Health Club" - scam or virus and how do I fix it?

Posted on 2011-09-24
11
999 Views
Last Modified: 2013-11-22
My friends are all getting emails from me to join "Live health club".  Is this a virus or just a scam?  How do I fix it?  How did it happen to me?
I'm using gmail.
0
Comment
Question by:Dwight Baer
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 2
11 Comments
 
LVL 21

Expert Comment

by:Papertrip
ID: 36593684
Are you sure they are being sent from your gmail account?  Have your friends supplied you with any headers of these mails?
0
 

Author Comment

by:Dwight Baer
ID: 36593704
Various friends have reported emails from me, all asking them to join "Live Health Club".

How do I view the header of an email?
0
 

Author Comment

by:Dwight Baer
ID: 36593707
I do have two gmail accounts, but the other one I use only rarely, and my friends aren't reporting that any rogue "invitations" are coming from that account.
0
DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

 
LVL 21

Accepted Solution

by:
Papertrip earned 300 total points
ID: 36593709
Various friends have reported emails from me, all asking them to join "Live Health Club".
Just because the mail says it's "From" you doesn't mean that is actually is from you ;)
How do I view the header of an email?
That is dependent upon what your mail client is.

The only thing you can do about this at this point is to change your gmail password along with any other accounts you have that have address books associated to them.
0
 
LVL 21

Assisted Solution

by:Papertrip
Papertrip earned 300 total points
ID: 36593714
In Gmail it's easy, just click the dropdown menu next to "Reply" in the upper right-hand corner and click "Show original".

For me to troubleshoot this issue via looking at the headers would require you to get the headers from the actual message -- what I'm getting at is if you friend forwards you one of the mails, it won't have the info I need.
0
 

Author Comment

by:Dwight Baer
ID: 36593741
OK, I will have access to one of those emails received by a friend.  I will post the header later this evening.  Meanwhile I have changed my gmail password, thanks for that suggestion.
0
 
LVL 38

Assisted Solution

by:younghv
younghv earned 200 total points
ID: 36593818
This sounds more like "Spoofing" to me.
Good Wiki write-up if you'd like to read more:

http://en.wikipedia.org/wiki/E-mail_spoofing
0
 

Author Comment

by:Dwight Baer
ID: 36594260
OK, I have uploaded the header file as "original.doc"

I hope it is helpful in figuring how this happened.

I did read the wikipedia article mentioned above, and when comparing the "original"  header from this spam  email to another legitimate email from the purported sender, I can see who is sending this.

So ... Other than changing the gmail password, what can be done to prevent this happening again?  How did it likely happen in the first place?

original.doc
0
 
LVL 21

Assisted Solution

by:Papertrip
Papertrip earned 300 total points
ID: 36594487
So, in hindsight I probably should have googled for livehealthclub spam, but just went the standard mail troubleshooting route instead.

After reviewing the headers, everything as far as the source of the mail looks legit -- the mail really is coming livehealthclub.com mail servers.

I then checked google and guess what -- you are not the only one with this problem.  After reading a few posts and doing some of my own testing like signing up for a fake account, I found what could be the source of this issue.  They have very misleading email/password fields... basically they try to fool you to put in your email address and email password, instead of the password you want for livehealthclub.com.

It would seem that at some point that you, or someone who knows your gmail info, went through the sign-up process for livehealthclub.com.  Now that they have your email address and contacts, they will forge mails that look like they are from you so that your friends click on the link, goto livehealthclub.com, put in their email/password, and the chain continues.

The solution to this is change your gmail password, and stay away from shady sites like livehealthclub.com -- what the hell does that mean anyways :p  Definitely shady.  As far as future mails to your friends from livehealthclub.com that seem to come from you, there is nothing you can do -- your address book has already been compromised.
0
 
LVL 38

Assisted Solution

by:younghv
younghv earned 200 total points
ID: 36594964
"How did it likely happen in the first place?"

The scam they are running appears to be nothing more than a new twist on the old "Social Engineering" trick - which has always been one of the most effective ways to get private information from computer users. (http://en.wikipedia.org/wiki/Social_engineering_(security))

Once they had the username/password to your Gmail account, they had full access to your actual Contacts/Email Address Book and could start spamming your friends.

I learned a long time ago to create a completely phony Gmail account and use it only when I'm required to provide one to sign up to a web site. The phony account has no personal information in it and is never used to send email to real people.
0
 

Author Closing Comment

by:Dwight Baer
ID: 36595103
Thank you so much, all your comments were very helpful.  I was so impressed that you went out and actually tried to sign up for one of their accounts.  Wish I could give you more points!
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as high-speed processing of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OVERVIEW This guide provides information on the process performed when the Symantec Endpoint Protection (SEP) client checks in with the Symantec Endpoint Protection Manager (SEPM). AUDIENCE Information Technology personnel responsible for suppo…
Have you ever tried to find someone you know on Facebook and searched to find more than one result with the same picture? Perhaps someone you know has told you that they have a 'facebook stalker' or someone who is 'posing as them' online and ta…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question