Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1017
  • Last Modified:

"Live Health Club" - scam or virus and how do I fix it?

My friends are all getting emails from me to join "Live health club".  Is this a virus or just a scam?  How do I fix it?  How did it happen to me?
I'm using gmail.
0
Dwight Baer
Asked:
Dwight Baer
  • 5
  • 4
  • 2
5 Solutions
 
PapertripCommented:
Are you sure they are being sent from your gmail account?  Have your friends supplied you with any headers of these mails?
0
 
Dwight BaerStudentAuthor Commented:
Various friends have reported emails from me, all asking them to join "Live Health Club".

How do I view the header of an email?
0
 
Dwight BaerStudentAuthor Commented:
I do have two gmail accounts, but the other one I use only rarely, and my friends aren't reporting that any rogue "invitations" are coming from that account.
0
Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

 
PapertripCommented:
Various friends have reported emails from me, all asking them to join "Live Health Club".
Just because the mail says it's "From" you doesn't mean that is actually is from you ;)
How do I view the header of an email?
That is dependent upon what your mail client is.

The only thing you can do about this at this point is to change your gmail password along with any other accounts you have that have address books associated to them.
0
 
PapertripCommented:
In Gmail it's easy, just click the dropdown menu next to "Reply" in the upper right-hand corner and click "Show original".

For me to troubleshoot this issue via looking at the headers would require you to get the headers from the actual message -- what I'm getting at is if you friend forwards you one of the mails, it won't have the info I need.
0
 
Dwight BaerStudentAuthor Commented:
OK, I will have access to one of those emails received by a friend.  I will post the header later this evening.  Meanwhile I have changed my gmail password, thanks for that suggestion.
0
 
younghvCommented:
This sounds more like "Spoofing" to me.
Good Wiki write-up if you'd like to read more:

http://en.wikipedia.org/wiki/E-mail_spoofing
0
 
Dwight BaerStudentAuthor Commented:
OK, I have uploaded the header file as "original.doc"

I hope it is helpful in figuring how this happened.

I did read the wikipedia article mentioned above, and when comparing the "original"  header from this spam  email to another legitimate email from the purported sender, I can see who is sending this.

So ... Other than changing the gmail password, what can be done to prevent this happening again?  How did it likely happen in the first place?

original.doc
0
 
PapertripCommented:
So, in hindsight I probably should have googled for livehealthclub spam, but just went the standard mail troubleshooting route instead.

After reviewing the headers, everything as far as the source of the mail looks legit -- the mail really is coming livehealthclub.com mail servers.

I then checked google and guess what -- you are not the only one with this problem.  After reading a few posts and doing some of my own testing like signing up for a fake account, I found what could be the source of this issue.  They have very misleading email/password fields... basically they try to fool you to put in your email address and email password, instead of the password you want for livehealthclub.com.

It would seem that at some point that you, or someone who knows your gmail info, went through the sign-up process for livehealthclub.com.  Now that they have your email address and contacts, they will forge mails that look like they are from you so that your friends click on the link, goto livehealthclub.com, put in their email/password, and the chain continues.

The solution to this is change your gmail password, and stay away from shady sites like livehealthclub.com -- what the hell does that mean anyways :p  Definitely shady.  As far as future mails to your friends from livehealthclub.com that seem to come from you, there is nothing you can do -- your address book has already been compromised.
0
 
younghvCommented:
"How did it likely happen in the first place?"

The scam they are running appears to be nothing more than a new twist on the old "Social Engineering" trick - which has always been one of the most effective ways to get private information from computer users. (http://en.wikipedia.org/wiki/Social_engineering_(security))

Once they had the username/password to your Gmail account, they had full access to your actual Contacts/Email Address Book and could start spamming your friends.

I learned a long time ago to create a completely phony Gmail account and use it only when I'm required to provide one to sign up to a web site. The phony account has no personal information in it and is never used to send email to real people.
0
 
Dwight BaerStudentAuthor Commented:
Thank you so much, all your comments were very helpful.  I was so impressed that you went out and actually tried to sign up for one of their accounts.  Wish I could give you more points!
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

  • 5
  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now