Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

"Live Health Club" - scam or virus and how do I fix it?

Posted on 2011-09-24
11
Medium Priority
?
1,014 Views
Last Modified: 2013-11-22
My friends are all getting emails from me to join "Live health club".  Is this a virus or just a scam?  How do I fix it?  How did it happen to me?
I'm using gmail.
0
Comment
Question by:Dwight Baer
  • 5
  • 4
  • 2
11 Comments
 
LVL 21

Expert Comment

by:Papertrip
ID: 36593684
Are you sure they are being sent from your gmail account?  Have your friends supplied you with any headers of these mails?
0
 

Author Comment

by:Dwight Baer
ID: 36593704
Various friends have reported emails from me, all asking them to join "Live Health Club".

How do I view the header of an email?
0
 

Author Comment

by:Dwight Baer
ID: 36593707
I do have two gmail accounts, but the other one I use only rarely, and my friends aren't reporting that any rogue "invitations" are coming from that account.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 21

Accepted Solution

by:
Papertrip earned 1200 total points
ID: 36593709
Various friends have reported emails from me, all asking them to join "Live Health Club".
Just because the mail says it's "From" you doesn't mean that is actually is from you ;)
How do I view the header of an email?
That is dependent upon what your mail client is.

The only thing you can do about this at this point is to change your gmail password along with any other accounts you have that have address books associated to them.
0
 
LVL 21

Assisted Solution

by:Papertrip
Papertrip earned 1200 total points
ID: 36593714
In Gmail it's easy, just click the dropdown menu next to "Reply" in the upper right-hand corner and click "Show original".

For me to troubleshoot this issue via looking at the headers would require you to get the headers from the actual message -- what I'm getting at is if you friend forwards you one of the mails, it won't have the info I need.
0
 

Author Comment

by:Dwight Baer
ID: 36593741
OK, I will have access to one of those emails received by a friend.  I will post the header later this evening.  Meanwhile I have changed my gmail password, thanks for that suggestion.
0
 
LVL 38

Assisted Solution

by:younghv
younghv earned 800 total points
ID: 36593818
This sounds more like "Spoofing" to me.
Good Wiki write-up if you'd like to read more:

http://en.wikipedia.org/wiki/E-mail_spoofing
0
 

Author Comment

by:Dwight Baer
ID: 36594260
OK, I have uploaded the header file as "original.doc"

I hope it is helpful in figuring how this happened.

I did read the wikipedia article mentioned above, and when comparing the "original"  header from this spam  email to another legitimate email from the purported sender, I can see who is sending this.

So ... Other than changing the gmail password, what can be done to prevent this happening again?  How did it likely happen in the first place?

original.doc
0
 
LVL 21

Assisted Solution

by:Papertrip
Papertrip earned 1200 total points
ID: 36594487
So, in hindsight I probably should have googled for livehealthclub spam, but just went the standard mail troubleshooting route instead.

After reviewing the headers, everything as far as the source of the mail looks legit -- the mail really is coming livehealthclub.com mail servers.

I then checked google and guess what -- you are not the only one with this problem.  After reading a few posts and doing some of my own testing like signing up for a fake account, I found what could be the source of this issue.  They have very misleading email/password fields... basically they try to fool you to put in your email address and email password, instead of the password you want for livehealthclub.com.

It would seem that at some point that you, or someone who knows your gmail info, went through the sign-up process for livehealthclub.com.  Now that they have your email address and contacts, they will forge mails that look like they are from you so that your friends click on the link, goto livehealthclub.com, put in their email/password, and the chain continues.

The solution to this is change your gmail password, and stay away from shady sites like livehealthclub.com -- what the hell does that mean anyways :p  Definitely shady.  As far as future mails to your friends from livehealthclub.com that seem to come from you, there is nothing you can do -- your address book has already been compromised.
0
 
LVL 38

Assisted Solution

by:younghv
younghv earned 800 total points
ID: 36594964
"How did it likely happen in the first place?"

The scam they are running appears to be nothing more than a new twist on the old "Social Engineering" trick - which has always been one of the most effective ways to get private information from computer users. (http://en.wikipedia.org/wiki/Social_engineering_(security))

Once they had the username/password to your Gmail account, they had full access to your actual Contacts/Email Address Book and could start spamming your friends.

I learned a long time ago to create a completely phony Gmail account and use it only when I'm required to provide one to sign up to a web site. The phony account has no personal information in it and is never used to send email to real people.
0
 

Author Closing Comment

by:Dwight Baer
ID: 36595103
Thank you so much, all your comments were very helpful.  I was so impressed that you went out and actually tried to sign up for one of their accounts.  Wish I could give you more points!
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I recently had to create a utility which aim is to update McAfee's Virusscan and that had to be launched from a command line. I thought I’d share my experience with you. Why is it useful to be able to update an Antivirus from the command line?…
This article investigates the question of whether a computer can really be cleaned once it has been infected, and what the best ways of cleaning a computer might be (in this author's opinion).
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

885 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question