Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer and Accounts Security


  • Please log in to reply
4 replies to this topic

#1 kcsummer

kcsummer

  • Banned
  • 434 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:09 PM

Posted 16 September 2011 - 12:38 PM

Scenario:

I got an email a couple nights ago from someone I had not heard from in a while. It didn't say anything, it just had a link as the message. The to: information showed it was addressed to a lot of people. It looked suspicious so I didn't open it. It came from a Yahoo email address to my Yahoo email address and it showed the Security Key feature provided by Yahoo which I guess is supposed to indicate its valid/safe?

My suspicion is that the sender's computer has been compromised and a spammer is sending out email via his computer. I forwarded a copy of the email to him to inquire about it and he said he did not send it nor did he know the people it was mailed to other than me or maybe one or two others. I suggested this website for him to check to see if there was a problem with his security. He later wrote back that he did check it out and that it came up clean.

My question is how that could be so? How could a message he says he did not send (and I believe him) arrive under these circumstances without some sort of compromise? I guess it could be that someone got his password to his email account.

If I still have the email I think I will look at the IP address and see if it is the same. Wouldn't that show if it came via someone elses computer through his computer???

Any suggestions/ideas?

Thanks. :dance:


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:09 PM

Posted 16 September 2011 - 01:43 PM

Hello,looks like you are being Spoofed. Someone has forged the address. Once spammers have a valid address, they will continue to use it. If the amount of mail is excessive then you will need to change your email address.

More info on how it happenned and prevention... CERT

Edited by boopme, 17 September 2011 - 08:40 AM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 kcsummer

kcsummer
  • Topic Starter

  • Banned
  • 434 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:09 PM

Posted 16 September 2011 - 07:23 PM

Hello,looks like you are being Spoofed. Bomeone has forged the address. Once spammers have a valid address, they will continue to use it. If the amount of maill is excessive then you will need to change your email address.

More info on how it happenned and prevention... CERT


So who is it that got spoofed, me or him?


I did check and the email IP was different than the one on his account today.

People should get a job?

thanks for the info I will check all this out.

Edited by kcsummer, 16 September 2011 - 07:43 PM.


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:09 PM

Posted 16 September 2011 - 07:32 PM

I would say them for sure.

And some should be flogged and salted :crazy:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 34,764 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:07:09 PM

Posted 16 September 2011 - 09:58 PM

More info on email spoofing:

http://www.windowsecurity.com/articles/Email-Spoofing.html

http://www.webopedia.com/TERM/E/e_mail_spoofing.html

http://en.wikipedia.org/wiki/E-mail_spoofing

and of course a wealth of google links:

http://www.google.com/search?client=opera&rls=en&q=email+spoofing&sourceid=opera&ie=utf-8&oe=utf-8

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users