why junk mail from web mail accounts?

i often get junk mail (with just one link) from friends email ids (mainly yahoo mail).. they have no idea how their email was hijacked..

why does this happen and what is foolproof way to avoid this?
LVL 5
25112Asked:
Who is Participating?
 
Dave BaldwinFixer of ProblemsCommented:
You're probably on Facebook.  That's where spammers pick up people that are my 'friends' and send email with their name on it.  But it is usually not my friend's email address so those are not cases of hijacked email accounts.  A lot of spammers claim to have a Yahoo email address but I'm not even sure that is true.  I know how to fake that.  And my SPF records don't block all of them.

But Yahoo accounts do seem to get hijacked more than any other service.  Those are more likely to send messages asking for money.
0
 
Larry Struckmeyer MVPCommented:
The only foolproof way is to stop accepting email from the internet.  It happens because the spammers are very clever at sending out messages pretending to be someone else.  Occasionally an actual account and email address list is hijacked and the perp sends to that address list, but usually it is just random spammer carp.
0
 
Ernie GronblomCloud Systems EngineerCommented:
Right, I have seen these emails too.  What you may notice, if you look, is that the email is NOT really coming from your friend's email address, generally speaking.  It may say it is from Joe Friend, but the email address is something completely different (jessicatandy@jtm.com).  This is your first clue there is something wrong.

You can set your 'from' name to just about anything, just as they can.  This spoofed email is easy to spot but difficult to eliminate completely, without trashing everything that isn't on an 'acceptable email' list.
0
 
davorinCommented:
You have first to ask yourself how do the spammer knows, that your and your friend's email address have some relationship (you are sending each other emails). This normally happen with virus infections or some other mail address book harvesting (hacking computers or web mail accounts). It could happened, that also you have been the victim or some other friend in you both have in common.
If both computers are virus free, then the only option is to use SPF filtering on your mail server if the senders domain is using SPF records.
In short - with SPF record domain admin specifies that all mails with domain @sendersdomain.com can be sent from only the certain IP address (where resides sending mail server for that domain). Then your mail server check the source IP of received mail. If the IP is the same as specified in SPF record, then the mail is delivered. If the mail comes from another IP, then the mail is rejected.
0
 
Ernie GronblomCloud Systems EngineerCommented:
Again, the email address is probably wrong, so what they are doing is grabbing the names on your friends list, which I don't believe you can make private.  I wouldn't be concerned about any virusses or hacking of your accounts.  We all get them.

Ernie
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.