RESPECT

[Marty McFly1546081284 545]

It appears my email has been hacked,

I have a whole load of delivery notification failures and it appears to have sent out a load of spam links to my contacts - yet there is nothing in my sent box?

I got a security warning from hotmail presumably because of this and had to change my password.

I'm quite confused as to how it could be hacked as it's a long password (over 10 digits) with letters numbers and characters which is pretty unique.

Anyway, password has been changed but is there anything else i should do?

Regards

Marty

P.s. in case anyone was wondering - my password for this site was nothing like the email password, so i don't believe it to be related to what happened on here.

[GoneForgotten 2,494]

There are a myriad of ways this happens. It's quite possible you never sent them, they just fudged the headers to make it look like it came from you so the return path returns the notifications to you. The other thing is run AV and malware scans locally on your computer, you may have entered your email credentials on a legitimate device and they've been pinched from there. Then of course the underlying system was compromised due to a flaw in their systems.

[SW_matt 55]

Similar thing has happened to me before, sent a number of emails regarding weight loss tips to a few of my contacts including my boss from my hotmail account. Very embarrassing and hard to explain!

I just now change my password on a monthly basis.

[Whirlybird1546081382 + 107]

Probably not hacked, just using your email address.

Quite common i'm afraid.

[General Purpose 175]

I've had a similar thing with my Yahoo accounts...

[Marty McFly1546081284 545]

There are a myriad of ways this happens. It's quite possible you never sent them, they just fudged the headers to make it look like it came from you so the return path returns the notifications to you. The other thing is run AV and malware scans locally on your computer, you may have entered your email credentials on a legitimate device and they've been pinched from there. Then of course the underlying system was compromised due to a flaw in their systems.

Thanks!

I've ran the scans on my mac and nothing (didn't really expect anything there), will run them on my windows computer as well but i can't remember the last time i used it for anything especially email... the only thing left is my iphone where it's used in the mail app, but i don't know if there are any apps on the iphone to run security scans?

[GoneForgotten 2,494]

Sounds unlikely then, if there is a problem £5 it'll be with the windows box. The trick is how are peoples contact lists compromised, because if emails appear to come from your mates then they tend to bypass spam filters. They can do this in reverse, i.e. they compromise your mates account and see you, then send emails to their contacts coming from you because you probably sure some overlap.

S'good init?

Standard drills apply, rotate your passwords, scan your machines, carry on as usual. If someone sends you one of the emails they've recieved, it usually shows the headers and you can work out what server was fooled into sending the email in the first place, that starts to tell you if it was sent from your mail server and the items from sent deleted or not.

Ain't going to change your "actions on" though.

[DELETEME 249]

Exactly the same thing happened to my girlfriend last night. She got about 15 message failure notifications and was really panicking. She logged into her email and got a message saying that her account had been hacked. Her email provider had locked her account and sent her a text message with a code in it, that she had to input the code before resetting her password. I was pretty impressed actually, they seemed to lock the accound within 10-15 minutes of it being hacked and stopped any more messages from being sent.

As soon as she put the new password in her account was unlocked and all of the message sending stopped straight away. She was lucky really.

I have a feeling that she might have used the same password for hotmail as she does for other websites, so someone from another site who already has her email address can take a shot at her email password. I'd imagine that a lot of people must use the same passwords for different sites, so they must be able to hack accounts with a high success rate

[Marty McFly1546081284 545]

Sounds unlikely then, if there is a problem £5 it'll be with the windows box. The trick is how are peoples contact lists compromised, because if emails appear to come from your mates then they tend to bypass spam filters. They can do this in reverse, i.e. they compromise your mates account and see you, then send emails to their contacts coming from you because you probably sure some overlap.

S'good init?

Standard drills apply, rotate your passwords, scan your machines, carry on as usual. If someone sends you one of the emails they've recieved, it usually shows the headers and you can work out what server was fooled into sending the email in the first place, that starts to tell you if it was sent from your mail server and the items from sent deleted or not.

Ain't going to change your "actions on" though.

ahh thanks very much! i'm already going through any other places where i use that password (which isn't many thankfully) and changing them as a precaution, however like you say if anywhere it would probably be the windows machine so i'll scan that and see what comes up, might give me some answers!

Thanks very much for everyone's answers, has helped alleviate my panic!

[Guest]

Do remember though, as TroyTempest said, there may be nothing (on your machine) to find.

It's very very simple to send an email from any address that you like without ever going anywhere near the real email account. The person who's email account gets used just ends up with all the crap and delivery status failure notifications. It's damned annoying.

[37240932704982 603]

It appears my email has been hacked,

I have a whole load of delivery notification failures and it appears to have sent out a load of spam links to my contacts - yet there is nothing in my sent box?

I got a security warning from hotmail presumably because of this and had to change my password.

I'm quite confused as to how it could be hacked as it's a long password (over 10 digits) with letters numbers and characters which is pretty unique.

Anyway, password has been changed but is there anything else i should do?

Regards

Marty

P.s. in case anyone was wondering - my password for this site was nothing like the email password, so i don't believe it to be related to what happened on here.

I think, it could be that you might have clicked on a link from someone you know that has triggered this virus. It's a spam virus, when opened inside a e-mail, they will go through your contacts list and send them an e-mail (which doesn't go to your sent items for some reason) advertising different products.

OR

It could be perhaps you signed up on a website or a software and allowed it access to your e-mail account by giving you're hotmail details, and from there third party companies come in with some sort of spam bot that goes through your contacts list and sends everyone a the same link or advertises a random product.

Edited December 3, 2012 by TheKnight_RS

[Sam Vimes 0]

Not churning out the same URL as mine is experiencing...?

I posted here; http://www.policespecials.com/forum/index.php?/topic/133671-e-mail-virus/

[Marty McFly1546081284 545]

Doesn't appear to be that one sam; I believe it definately was compromised as i recieved an email asking about it from a contact that none of my other contacts would have... if that makes sense?

Thankfully i began migrating to a new email address after the hack debacle, so i had already moved most of the accounts associated with that email - ebay, amazon, etc. to the new one

[AHRMG 7]

I know this thread is a week or so old, but just a FYI for anyone else.

A common way "hackers" gain access to email, social networking and PayPal accounts is through the password reset tool.

Many of the questions it asks you are common knowledge. Mothers maiden name, city of birth.. The best bet would be to set it to something completely irrelevant..

Another way people are getting access through password resets, even if they don't know you (or are after valuable website accounts, PayPal accounts with ££ on) are adding you on social networking sites and befriending you. Over the space of a month or so, they'd have almost everything they need through general conversation.. ("Wait I think I know you, aren't you Julie Bloggs son?" "Julie Bloggs? No, I'm Joanne Greens son" - bang. Password reset answer gained.)

Anyway, i apologise for the lack of formatting, I'm heading to bed after work!

[Tom 1]

If you have a full email header then I can tell you where the email came from. As mentioned this usually occurs due to mail being spoofed as coming from your address, its extremely easy to do and hard to prevent.

Some things to consider:

• Change your mailbox password
• Do you run any websites that has a form on it? Is the form script up to date and secure?
• Using your own domain name and email server? If you are then you can add an SPF record which can help prevent mail spoofing, your add a DNS record to your domain which specifies which server is allowed to send email from your domain, if a server receives a message from your domain not sent from the server specified it will get rejected (this isnt 100% as not everyone checks for it).