| Author | Message | ||
     2008xb12scg |
So I don't know much about computers but my emial was hacked. My daughter and a few others got a strange email from me, well not from ME, but from my email. Now what do I do? Can I just change my password? I figure it's because I have some things on craigslist and replied to one of the many BS responses to my ad. Funny I made a new GMail account for craigslist, but maybe to late. I would rather keep the email that got hacked if possible. Thanks, Thomas | ||
| 86129squids |
Ummm... PM Froggy? | ||
| Froggy |
Change your password ASAP. | ||
| J2blue |
It is possible that your email address was forged as the sender in a spam attack. That doesn't mean your email account has been hacked, though. There are several of us on here that could probably help you find out. PM me or Froggy, or anyone else that offers on this thread. | ||
| Froggy |
The way this usually happens is whats called a Phishing Attack. The hacker/scammer/lowlife sets up some kind of site that asks for your username and password. Often they do this by emailing you saying "Hey, we are your email provider, your account will be suspended if you don't give us your name, address, password, SSN, first born". Once you fill out the form or reply to that email with the information, they can get in anytime they want. From there, they send out emails based on your contacts list. Being that they are your contacts, they are less likely to get filtered out on the other end. It is also possible they guessed your password, especially if you used a weak password that contains no numbers or symbols. There is also a chance your computer is infected with whats known as a Key Logger. It pretty much is what it sounds like, it records what you type, so when you go to your mail, you type in your password, then it sends it back to the lowlife who will use it for their own gain. I highly recommend you scan your computer using MalwareBytes Antimalware, and Microsoft Security Essentials, both free. | ||
| Froggy |
Given that he had multiple recipients that he knows have gotten the spam, it sounds like his contact list was accessed, which would rule out a forged from address. | ||
| 2008xb12scg |
Odd only one email was sent and it was sent only to 3 people. I didn't give any info out (at least I don't think so..) and the email contained a link to a website | ||
| J2blue |
Frogman, it is still possible since address books among friends and coworkers often have a great deal of overlap. Another party who has both the forged senders address and each recipients address can spam everyone in that address book. I have seen this happen numerous times in academic and office environments. It doesn't require the sender's email account or address book be hacked. In fact, the actual owner of the source machine of the spam may not have their email account hacked, only the contents of their locally available address book. The network spike in such spam attacks can also become a DDOS attack. The hacker has basically created a matrix spam engine that sends out spam under each address that it finds to all other addresses that it finds. Multiply that activity by the number of compromised host machines and you can get quite a packet storm stirred up. NOTE: my apologies to all white hats for the technically incorrect, but socially overwhelming use of the term "hacker" in this context. | ||
| 2008xb12scg |
also there is no copies in my sent folders? | ||
| 2008xb12scg |
it was actually sent to 4. BUT ONE WAS THE SAME AS IT WAS sent from. sorry for the caps.. | ||
| 2008xb12scg |
Ok I just went to my comcast account. there were 3 emails sent. Not sure why I didn't see them in my outlook. All 3 emails sent to the same 4 .. | ||
| Fed |
don't know if this will help or not ..i read somewhere if you put an address in contact of aaaaaaa@aaa.aaa, it will somehow stop those emails from going out because its something like a road block to the software. maybe the smart guys can explain..... | ||
| U4euh |
HAd the exact same thing happen after opening a "Hotmail" account. Everyone on my contacts list got the "email linkiing to health care". The only way I noticed it was I noticed I had 87 SENT emails, I was like WTF? Immediatly changed my password to a more cryptic version and has happened since. (knocking on wood) | ||
| 86129squids |
Great thread. When I switched from my ancient Mac OS to a laptop, I absolutely didn't want Microsoft as my OS. Been pretty happy with what I've got. | ||
| J2blue |
Let me see if I got this much correct: You use Outlook or Outlook Express as your primary email client? Your email account is with Comcast(...@comcast.net)? The 3 emails in your sent folder, when viewed through a browser open to your Comcast "account" page, were the same email messages sent as SPAM? If the answer to all three questions is yes then someone or some program has captured your credentials to your comcast account. It could be malware present on your computer. Froggies suggestions on what to use to scan for the malware are good. I would call by phone to contact Comcast and have your password changed. Don't use your computer to do that until you are 100% certain you are not infected or otherwise compromised. Last, but not least, do suspect the teenagers ability to look over a shoulder or guess a weak password to punk dear old dad. Actually, you should suspect anyone who may have physical access to your computer(s). Paranoid? Yes. But that is the nature of security. | ||
| Whatever |
There is some good information here: http://www.fbi.gov/scams-safety/e-scams As far as lodging a complaint with the FBI though, you take a number... probably number 2,000,000,000,000,000,000,000,001. | ||
| 2008xb12scg |
Thank you guys. I changed the password ran a virus full scan (norton) and havent had any more issues. | ||
| Josh_ |
My favorite thing about using Craigslist are the constant "Craigslist has suspended your account click hear and enter your username and password to unlock" phishing emails you get. I actually did get an email from Craigslist about securing my account and low and behold it looked exactly like the phishing emails. when in doubt (which is to say, always!) type the address in yourself, don't follow a link. and be doubly careful of the "URL shorten" services since you won't know you're going to imgoingtohackyou.cn until just after you click goog.le/YRH#@#@H complete paranoia is complete awareness |
