BleepingComputer.com: How did I get infected?

I tell people to use puppy Linux when surfing indiscriminately on the web. The newest puppy just works, and that is with router and firewall FIOS. And, it is a nice clean interface. To be honest, there are times when a virus/trojan is a puzzle to solve, and other times when it is time to hit F11 with TI.

Obviously its because of unsafe internet, it is recommended to use internet security, http://bit.ly/cHv5UC

There is something "missing" from your tips, and it is the most common form of "infection." The situation is:

• Your computer is locked down and all guidelines have been followed
  
• You don't use email on your computer. You use yahoo, aol, or something similar... Google seems to not have so many problems
  
• Someone starts sending out spam and infected emails using your email address
  
• You run all the virus detection methods. Your computer is clean. You are not being rerouted.
  
• You call the email provider and all they say is "change your password"
  
• They can not describe "how" your username and, apparently, at least some of your contact list was hijacked.

Would someone please explain how this is happening? What are the techniques used? Is "changing your password" the remedy? Should you send an email to everyone telling them what they are receiving is a hoax, or will this allow the hacker to gain access to more of your contact list?

I think this is the most common infection I find in my experience as an amateur security consultant to my community.

This post has been edited by aninkling: 02 March 2012 - 11:06 AM

Email spoofing is the most common reason. Google that term and you'll have more information than you could have hoped for.

Good write up here to get you started. http://ask-leo.com/someones_sending_from_my_email_address_how_do_i_stop_them.html

Adding to Leo's comments.

A spambot is a type of web crawler designed to scan the Internet and extract e-mail addresses and hyperlinks from various sources (newsgroups, bulletin boards, web pages, chat rooms, etc) in order to build mass mailing lists for sending unsolicited e-mail (spam). The spambot stores the email addresses to use as targets for spam, and then follows each hyperlink to a new page, where it starts the process all over again. Spambots and Email relays typically come packaged with rootkits so I'd be concerned about what happened. Rather than take a chance, I would change all my passwords to be on the safe side...that's most likely why the the email provider advises to change them.

If using a router, I would also reset it with a strong logon/password before connecting again.

Eqwatz, on 16 February 2012 - 06:59 PM, said:

In case there are those not familiar:
Puppy Linux is a Live CD version of Linux. It loads directly into ram via your CD/DVD drive. Since it only exists in temporary memory, nothing can be written to your hard drive unless you choose to mount the hard drive and write to it. It is the ultimate protection from infection--and offers the possibility of retrieving information from a broken installation or manually cleaning all of the temp files, cookies, caches, browser helper objects and such when attempting to recover from an infection.

TI is True Image a back up and recovery program with a lot of options and power. Inexpensive for what it does for private users. There are more alternatives than there used to be.

And also do a try with any internet security products, from PR i read that Comodo internet security is awarded as no.1 product from matousec's proactive security challenge.

Great precaution, really helpful.