Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can malware send email from your internet email address?


  • Please log in to reply
2 replies to this topic

#1 josha

josha

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:03 PM

Posted 26 February 2009 - 02:07 AM

I, just today, received a million emails from mail delivery refused daemons and such -i didn't send these emails. I changed my password, i use internet mail.. Yahoo.. I've always received a bleepload of spam however this is more serious.. Just happened recently, so I'm not sure if changing the password helped. still receiving this messages however they were sent before the time i changed my password.

if it so happens that the emails are continued to be sent, do I have malware? please help.

some more info: there are none of these messages in my "sent" folder. it's continuing to send me this delivery failed messages after changing my password. i've run spybot, ad-aware, avast home is on high real-time protection. posted two copies of these emails below, there are tons.

update: i think email is still being sent without my connection to the internet
update2: i think it may just be a ridiculous sort of spam

i.e. 1.----------------------------------------------------------------------

From:
"postmaster@amazonherb.com" <postmaster@amazonherb.com>
Add sender to Contacts
To:
myemail@yahoo.com
Message contains attachments
Message001.txt (209b), Maintain a high level of excitement.eml (2KB)
This is an automatically generated Delivery Status Notification.

Delivery to the following recipients failed.

held@amazonherb.com



Forwarded Message: Maintain a high level of excitement
Maintain a high level of excitement
Thursday, February 26, 2009 2:23 AM
From:
myemail@yahoo.com
To:
held@amazonherb.com



Learn how to restore the power now!
YOU HEALTH >> HERE <<



i.e. 2.----------------------------------------------------------------------------


From:
"Barracuda Spam Firewall" <postmaster@Cliffstar.com>
Add sender to Contacts
To:
myemail@yahoo.com
Message contains attachments
Message001.txt (410b), 4176382545.txt (674b)

-----Inline Attachment Follows-----

Your message to: john.denis@cliffstar.com
was blocked by our Spam Firewall. The email you sent with the following subject has NOT BEEN DELIVERED:

Subject: WHAT IS YOUR LIFE?


-----Inline Attachment Follows-----

Edited by josha, 26 February 2009 - 09:21 AM.


BC AdBot (Login to Remove)

 


#2 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:01:03 AM

Posted 26 February 2009 - 05:23 PM

Sounds like a spammer got your email address and is spoofing the return to or from address using yours instead.

It could also be that someone is infected and their computer had you email address.

Here's an example of headers shown in real email

Return-Path: <bo-bv9m2t5ab4ppkcaxcfcr1az0ezwwb5@b.email.newegg.com>
Received: from inaamta17.mail.tds.net ([216.170.230.187])
by inmta16.mail.tds.net
(InterMail vM.7.08.03.00 201-2186-126-20070710) with ESMTP
id <20090226135151.FVJX2023.inmta16.mail.tds.net@inaamta17.mail.tds.net>
for <xxxxx@tds.net>; Thu, 26 Feb 2009 07:51:51 -0600
Received: from mta705.email.newegg.com ([38.119.56.165])
by inaamta17.mail.tds.net
(InterMail vG.3.00.02.00 201-2196-120-20070322) with SMTP
id <20090226135151.XNPS17313.inaamta17.mail.tds.net@mta705.email.newegg.com>
for <xxxxxx@tds.net>; Thu, 26 Feb 2009 07:51:51 -0600


Chewy

No. Try not. Do... or do not. There is no try.

#3 josha

josha
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:03 PM

Posted 26 February 2009 - 07:16 PM

Sounds like a spammer got your email address and is spoofing the return to or from address using yours instead.


I think that's what it is. And I think it may have happened when I "unsubscribed" from a spam email. This is very unfortunate. It's sending out a LOT of spam from my email. I guess I can eventually kiss this email address goodbye. Anyone know if there's anything else I can do? I contacted yahoo.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users