Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
   Glossary   Glossary
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Author Topic: Email Hacking?  (Read 3430 times)

jazz

  • Reg Member
  • ***
  • Posts: 390
Email Hacking?
« on: April 30, 2009, 09:21:59 AM »

I'm on XP using Thunderbird as my mail client.  I have up to date antivirus (Avast!), firewall (ZoneAlarm),  spyware (Spybot, AdAware, Spyblaster, Windows Defender).  I get very little (one or two a month) SPAM emails but last night I got 300 all addressed to "SomethingDifferentEachTime@myusername.plus.com".  They were all reporting that a message I sent could not be delivered and were being returned.  All had been sent between midnight and 1am then a further, bigger, batch from 6am to 7.30am.  I don't know whether I will receive any more today.

I have not sent any emails to which these failed delivery notices refer.  This series of emails last night seems to be an attempt to keep using a variety of letter and number combinations before my username to see which work.

Any comments or advice on what action I might sensibly take (apart from deleting the emails unread which I am now starting to do!)?   :(
Logged

pintosal

  • Reg Member
  • ***
  • Posts: 181
Re: Email Hacking?
« Reply #1 on: April 30, 2009, 09:24:29 AM »

You might try reporting the problem to your ISP as well
Logged

jazz

  • Reg Member
  • ***
  • Posts: 390
Re: Email Hacking?
« Reply #2 on: April 30, 2009, 09:26:22 AM »

Yes, I've done that - but thanks for the nudge anyway  :)
Logged

tuftedduck

  • Senior Kitizen
  • ******
  • Posts: 29658
  • Router Luvvin Duck
Re: Email Hacking?
« Reply #3 on: April 30, 2009, 09:35:22 AM »

Your e-addy has been harvested by a spammer, probably operating through a botnet.
Your pc is probably not infected, the address may have been picked off a site where you have used it as part of log in details, or one of your contacts who has your addy in their address book may be infected.

Either way, it is virtually impossible to track down where the problem lies.

The important thing is to not open any of these mails as that will tell the bot that your addy is live...........the best advice given on the web to this problem is to delete the mails unopened, sit back and hope that as your addy appears "dead" ( as you haven't opened the mails) then the bot will give up on using it and these mails will soon dry up and stop.

The only other alternative is to change your addy which is inconvenient.

I think if you do not react to the mails, they should stop fairly quickly.  Hopefully.. :)
Logged

roseway

  • Administrator
  • Senior Kitizen
  • *
  • Posts: 39528
  • Penguins CAN fly
    • DSLstats
Re: Email Hacking?
« Reply #4 on: April 30, 2009, 09:40:38 AM »

I've had this kind of thing once or twice, but only one email at a time. What you should be able to do is configure your email program to filter incoming mail and only accept mail which is addressed to a name which is a genuine one that you use. It won't stop  the spams arriving, but it will dump them straight in the trash to save you the trouble.
Logged
  Eric

jazz

  • Reg Member
  • ***
  • Posts: 390
Re: Email Hacking?
« Reply #5 on: April 30, 2009, 09:59:30 AM »

Thanks everyone.  I've decided that this is basically some backscatter from spammers using my address (but not my PC).

My address was one of those harvested a couple of years ago when Plusnet had their system hacked.  I blackholed the specific address I used at that time (which began to be spammed very significantly) and have had no trouble since.

However, I can have an infinite number of prefix titles before my "@username" element of the address (one of the features that I like about Plusnet as I use a different address for every company that I deal with so that I can see if they pass it on to others and "blackhole" them).  In this case the spammers seem to have got hold of the username element of the address (probably from the "harvest" two years ago) and are inserting their own random prefix titles to send their spam out as if from me.  What I am getting is their "failed deliveries" from where they have tried to send out emails to invalid addresses.

I am hopeful that this will die down quite soon as the spammers move on to a new address and in the meantime I am not downloading my emails but instead, reading them via my ISP's webmail system so that I can delete them at their end rather than waste download time on my computer!  :)
Logged

kitz

  • Administrator
  • Senior Kitizen
  • *
  • Posts: 32223
  • Trinity: Most guys do.
    • http://www.kitz.co.uk
Re: Email Hacking?
« Reply #6 on: April 30, 2009, 10:06:25 AM »

Ive been subject to this is the past... its just some spammer spoofing the senders email address and chanching their luck that some spam will get through.
Funny enough when it happened to me mine was in excess of 300 too.


The series of say 123@myaddress.com, 124@myaddress.com is to try and avoid any blacklists.
The failed deliveries indicate that they are also dictionary spamming trying to find receipients..  not nice... but not a lot you can do... and why I beleive there should be harsher rules and penalties against these types of spammers, but theyre also usually quite clever and also go through a series of proxies and or an open relay.


It does die down after a while.
Logged
Please do not PM me with queries for broadband help as I may not be able to respond.
-----
How to get your router line stats :: ADSL Exchange Checker

jazz

  • Reg Member
  • ***
  • Posts: 390
Re: Email Hacking?
« Reply #7 on: April 30, 2009, 11:17:13 AM »

Thanks Kitz - the reassurance is welcoming.  I'm not panicking now - just very annoyed!   >:( Hopefully I can return to serenity in a day or two!! :)
Logged

jazz

  • Reg Member
  • ***
  • Posts: 390
Re: Email Hacking?
« Reply #8 on: April 30, 2009, 01:47:01 PM »

Just as an update - I got another 1030 (one thousand and thirty) emails reporting failure of delivery in the hour from 12 noon.  Have to wade through them as I'm awaiting an email from my Doctor's Surgery that I don't want to miss.  It really is getting very annoying and very time consuming.  I hope it is just a storm that will blow over!! :'(
Logged

sevenlayermuddle

  • Helpful
  • Kitizen
  • *
  • Posts: 4462
Re: Email Hacking?
« Reply #9 on: April 30, 2009, 02:55:05 PM »

From our home we run a very popular website with a .com address, and this has been a major annoyance for us.  I think the record was 8,000 delivery reports on one occasion - and that was in the days of dialup, so it cost us on phone bills as well as blood-pressure.

It's sobering to reallise that for each 1,000 failed delivery reports, the spammer probably sent many time more that that number to valid addresses, delivered to innocent people who may well think the mail came from yours or my  domain name.  I''ve sometimes worried that could cause my .com domain name to be blacklisted by spam-filters but, thankfully, it doesn't seem to happen. 

We've dealt with it by configuring filtering rules that delete ALL delivery ports.  The inconvenience of not seeing valid delivery reports is outweighed by the advantage of getting rid of 1,000s of unwanted messages.

Logged

jazz

  • Reg Member
  • ***
  • Posts: 390
Re: Email Hacking?
« Reply #10 on: May 02, 2009, 09:16:09 AM »

Wow - I'm glad I didn't suffer all that - and on dial up too!!   I'm glad to say that after the first rush of 2,500 emails bounced back to me for non-delivery the flood seems to have abated and I only had a dozen this morning (I hope I'm not tempting fate by saying that).  If the problem became too bad then I think I would be prefer to switch off my catch-all address and limit emails to the (several dozen) legitimate prefix addresses that I use.  These spammers certainly waste a lot of time, money and computing resources.  >:(
Logged

toulouse

  • Reg Member
  • ***
  • Posts: 572
  • I like cheesecake !!!
Re: Email Hacking?
« Reply #11 on: June 01, 2009, 08:30:51 AM »

Hi there everyone,

I had around a half dozen of these type of 'Mail Delivery Failure' messages during last evening. Having read the other replies in this topic strand, I think I'll just get rid of 'em and hope that it goes away.

I'm also with PlusNet, by the way.


TTFN

toulouse

Logged
Utility Warehouse (via TalkTalk)
FTTC 40/10
ZyXEL VMG8924-B10A
ECI (approx 750 metres)

People tell me that I ought to get out more. But in the words of the great Homer J Simpson, "Yeah, but what ya gonna do ?"

jazz

  • Reg Member
  • ***
  • Posts: 390
Re: Email Hacking?
« Reply #12 on: June 01, 2009, 09:41:19 AM »

There are a few reports recently on the Plusnet Community Forums of this happening.  I wonder if it is resulting from the theft of email addresses about two years ago. 

I had 2.500 "failed delivery" emails the first day and then 400 to 500 each day for 2 or 3 days after that.  Then it all stopped (I did get two more about two weeks later that must have been wandering round cyberspace for ages!).  At the time I found it a bit upsetting then very annoying.  For about a week I used Plusnet's Webmail facility so that I could go there and delete trash emails to save wasting effort downloading emails to my own computer.  Once the flurry died down I went back to normal and things have been quiet since.
Logged
 

anything