Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[renluop]

A friend's Hotmail address has been clearly harvested, as I received a message that she would not have sent.

Would changing her password  be enough to lessen the chance of it happening again? I am assuming that weak one has been used.

I do not know if she has a firewall and u.t.d virus checker. I'd think she could be even less 'educated; than I, so what would you recommend?

Thanks in advance.

[sevenlayermuddle]

Receiving an email from your friend's email address does not necessarily mean that her account has been hacked, so don't assume there's any need or benefit from changing the password.  And, since the spammer sends the mail without involving your friend's computer, virus scanners won't help.

SMTP mail gateways allow a sender to specify absolutely any mail address in the world for 'from' and 'reply to'.   It's a useful facility, as it allows one (for example) to set up a mobile phone's SMTP email client so that mail sent from it has the same 'from' address as one's usual internet mail.

Spammers spoof the 'from' address it all the time, as they rightly reckon that people are more likely to open an email if it comes from a 'real' email address.   It's why we always need to be on our guard when  opening mail attachments, even if it appears to have come from somebody we know.

[roseway]

Just to add to what 7LM said, if you view the full headers of the email you received you can probably identify the real sender.

[silversurfer44]

To add further I have had emails sent to myself! I most certainly wouldn't open them as I know I hadn't sent them.

[renluop]

@sevenlayermuddle

You mentioned antivirus, but AFAICS not a firewall. Does same reasoning apply.

@ roseway

What could I/she do with the info? Anyway I xan never remember how that would be shown in the headers

@ all

So nothing worth doing. is that it?

[chrissie]

To add further I have had emails sent to myself! I most certainly wouldn't open them as I know I hadn't sent them.

I too had those in one particular yahoo mail addy of mine, took the advice on here and changed the password and didn't receive another mail from "me".  Still get lots of junk in the spam folder but none (at the moment) that has the "from box" as my email addy.  Wonder if a change of password might help this case too?

[tuftedduck]

As 7LM has stated, changing passwords may not help to resolve the problem.........it rather depends on how or from where the e-addy was kijacked by the bad boys.

However, a password change is a standard procedure in this type of situation, and whilst it may not be the answer, it indeed may just be the job.

Change the password....at worst it will have no effect, at best it may sort things out.........it will certainly do no harm either way.

[roseway]

What could I/she do with the info? Anyway I xan never remember how that would be shown in the headers

There's no simple answer to that, because the information in headers varies, but you might (for example) get an IP address of the sender, and a whois enquiry on this would enable you to see if it matched up with the person who apparently sent the email.

[renluop]

I spotted nothing, but if someone can look at attachment.

[attachment deleted by admin]

[roseway]

I'm afraid I'm no expert, and I couldn't say definitely, but it does seem to identify the originator as American - "X-Originating-IP: [206.80.46.249]" which may or may not mean anything.

By the way, you might want to remove that attachment, because it could identify you and your friend.

[sevenlayermuddle]

but AFAICS not a firewall. Does same reasoning apply.

A firewall is probably the single most important thing everybody should do in the interests of security.  Most routers have a firewall, and you should leave it enabled never tamper without unless you really know what you are doing.  But in this situation, I'm afraid it would have been irrelevant, for the same reason that AV wouldn't have helped.

I really wouldn't lose any sleep over this, and I personally wouldn't even bother changing passwords, though you can if you want.   Think about it... if a hacker had got into a personal mailbox it could be a real goldmine of stolen information, so why would he want to give himself away by sending emails from that user, when he can do that without hacking into mailboxes?

Unfortunately, pretty much all of the header fields can be faked and a clever spammer will leave very little, if any, trace of his own identity.  I typically receive several hundred such emails a week (for example, from myself to myself), they're just not worth worrying about.  

The really important point is the one I made earlier...

 It's why we always need to be on our guard when  opening mail attachments, even if it appears to have come from somebody we know.

... and no amount of password changes, will alter that.  Even AV can't be relied upon, since it may only recognise virus attachments if the virus has been around long enough for it to become known to the AV companies.  That doesn't help the first few people to have received it, before it became recognised.    If somebody sends you an unexpected or suspicious-looking attachment,  make certain they really sent it before opening.  It may be obviously genuine if the email text refers, say, to something personal - but always be suspicious.

I believe a lot of spammers have their accounts shut down (or at least, added to network spam filters) after each mailshot they send out, which would probably explain why Chrissie never had a recurrence.

[renluop]

By the way, you might want to remove that attachment, because it could identify you and your friend.

I well doctored all names: is that not enough? Genuine question

[roseway]

No, that's fine. I just wanted to make sure you didn't inadvertently give something away.

[Floydoid]

I recently had the same problem.  Changing your password and secret question seems to solve it.