My Hotmail Account sending Spam
Discussion
Woke up this morning to find my Hotmail Account has sent everyone in my contacts an email with a link to a Canadian Viagra site!! 
Following advice, I have changed my Hotmail password so hopefully it won't continue/happen.
I guess I should be grateful it was a fairly tame link and not a link to some hardcore porn stuff.
But... how do they do that then??
My password was a 15 digit mix of letters and numbers in upper and lower case. It isn't shared with anything else and isn't "guessable" Has someone physically got my password and entered it and logged into my account then sent an email to all contacts, or is it a computer program / virus that does it or.. ?? I don't think I have opened any dodgy emails or links myself or been on any dodgy sites (and even if I had, I wouldn't have used / needed my Hotmail password)
Anything I should download / run to fix things? I have just downloaded AVG and will run it but any other suggestions are welcome.
Following advice, I have changed my Hotmail password so hopefully it won't continue/happen.
I guess I should be grateful it was a fairly tame link and not a link to some hardcore porn stuff.
But... how do they do that then??
My password was a 15 digit mix of letters and numbers in upper and lower case. It isn't shared with anything else and isn't "guessable" Has someone physically got my password and entered it and logged into my account then sent an email to all contacts, or is it a computer program / virus that does it or.. ?? I don't think I have opened any dodgy emails or links myself or been on any dodgy sites (and even if I had, I wouldn't have used / needed my Hotmail password)
Anything I should download / run to fix things? I have just downloaded AVG and will run it but any other suggestions are welcome.
Talksteer said:
There is a reasonable possibility that it is not your account sending them but another account spoofing your address. Presumably you found out about this when you got a whole load of auto replies/failure to receive notices from mates e-mail addresses.
There were a number of auto-reply / Postmaster type replies but I also had quite a few replies from mates telling me I has sent them the email. I also received it myself at my AOL address which was listed in my Hotmail contacts. renmure said:
Talksteer said:
There is a reasonable possibility that it is not your account sending them but another account spoofing your address. Presumably you found out about this when you got a whole load of auto replies/failure to receive notices from mates e-mail addresses.
There were a number of auto-reply / Postmaster type replies but I also had quite a few replies from mates telling me I has sent them the email. I also received it myself at my AOL address which was listed in my Hotmail contacts. I had that problem for quite a while. My sent items would be full of spammy emails, then I'd get in my inbox loads of 'Failed to send' and also 'Out of office replies'.
I looked up the problem and people didn't really have a solution. It was on and off for about a few month s and now it hasn't happened for ages.
Another solution is to get gmail!
I looked up the problem and people didn't really have a solution. It was on and off for about a few month s and now it hasn't happened for ages.
Another solution is to get gmail!
jeevescat said:
Second thing I'd do is stop using hotmail.
10JH said:
Another solution is to get gmail!
Hmmm. I don't have any real loyalty to hotmail so don't mind switching to gmail .... but given that I would probably end up using a different totally unguessable, not a real word, 15 digit apha/numeric upper/lower type password I still don't really understand how that would be any different to having now changed my hotmail one. I will probably give it a go anyhow.
Though I could probably very easily find an open relay mail server on the internet and then setup something to send an email to a massive list of names (which I could get by buying them or just trying to intercept headers of large emails).
I could quite easily make that come from your hotmail address and then all the bounce receipts would go to you. My newly found open relay server would probably be blocked by Hotmail pretty quick and quite a lot of the messages would go to spam folders. But it isn't that hard if you feel so inclined!
I would guess this has happened more than your account compromised, and they picked your email address up from some forwarded email that was sent on mass to you, or via a subscribed mailing list etc.
I could quite easily make that come from your hotmail address and then all the bounce receipts would go to you. My newly found open relay server would probably be blocked by Hotmail pretty quick and quite a lot of the messages would go to spam folders. But it isn't that hard if you feel so inclined!
I would guess this has happened more than your account compromised, and they picked your email address up from some forwarded email that was sent on mass to you, or via a subscribed mailing list etc.
RacingPete said:
Though I could probably very easily find an open relay mail server on the internet and then setup something to send an email to a massive list of names (which I could get by buying them or just trying to intercept headers of large emails).
I could quite easily make that come from your hotmail address and then all the bounce receipts would go to you. My newly found open relay server would probably be blocked by Hotmail pretty quick and quite a lot of the messages would go to spam folders. But it isn't that hard if you feel so inclined!
I would guess this has happened more than your account compromised, and they picked your email address up from some forwarded email that was sent on mass to you, or via a subscribed mailing list etc.
Thanks for that. I understand bits of it I could quite easily make that come from your hotmail address and then all the bounce receipts would go to you. My newly found open relay server would probably be blocked by Hotmail pretty quick and quite a lot of the messages would go to spam folders. But it isn't that hard if you feel so inclined!
I would guess this has happened more than your account compromised, and they picked your email address up from some forwarded email that was sent on mass to you, or via a subscribed mailing list etc.
Treat me gently here. I am not meaning to appear thick but just lack a bit of understanding... but one of the emails went to someone I hadn't actually emailed for about 7 years. I know she got it because she emailed me back in a bit of a surprised manner. I know other folk in my contacts list got it, again including folk who I haven't emailed for yonks. I appear to have sent it to myself at my AOL account. They were sent at about 4am when my computer was switched off.
I think I understand that a spammer can effectively get and use MY email address as a FROM address in a spam email, but how do they make it go to people in my contact list without being in my account?
Other than downloading and running AVG, which I have done and which said everything was ok, is there any other anti-spam/bot/logging/sending wotsits what I should download and use... or should I just by a Quill and lots of stamps?
Edited by renmure on Thursday 11th February 18:19
renmure said:
Other than downloading and running AVG, which I have done and which said everything was ok, is there any other anti-spam/bot/logging/sending wotsits what I should download and use... or should I just by a Quill and lots of stamps?
Do you use an email client on your machine (e.g. Outlook, MS Express, Thunderbird etc)?There is a possibility you could have your computer compromised and they have got hold of your contacts list in that way.
I am assuming you are using Windows so download the Microsoft Security Essentials - seems to work very well and is free http://www.microsoft.com/Security_Essentials/
Probably a little better than AVG, though I use to use that fine too. (Oh and I am not starting a debate on the best Anti-virus software
)Gassing Station | Computers, Gadgets & Stuff | Top of Page | What's New | My Stuff