Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


email hacked and spamming

  • Please log in to reply
2 replies to this topic

#1 Cuzenu


  • Members
  • 1 posts
  • Local time:10:03 PM

Posted 08 November 2011 - 11:09 PM

Hello, I believe my dad's email has been hacked, because upon getting a spam mail from him, I checked his "sent" folder and it had sent about 35 spam messages within 10 min, though the messages vary slightly or provide separate links. These emails were sent out Nov 8th 7:55pm-8:05pm, However, these messages do not include anything helpful in relations to who originally sent it or how, the only emails listed are the "sender"'s aka my dad's yahoo email and receiving emails, which come from his contacts list.

I poked around the inbox to try and find a list of 8 "Failure to Deliver" emails stacked in his inbox from Nov. 7th. These emails contain a bunch of code and specific heading which may provide insight as to how they came about or the best way to prevent any further from occurring. Please note, I added asterisks within the contact emails to protect their privacy.

Also note, I killed the spam link so nobody accidentally clicks it. Also, I will highlight the links/addresses that loaded as hyperlinks of some sort in word documents, in red font.

From: "MAILER-DAEMON@yahoo.com" <MAILER-DAEMON@yahoo.com>
Sorry, we were unable to deliver your message to the following address.

Remote host said: 550 5.7.1 Unable to deliver to <s****@******inc.com> [RCPT_TO]

--- Below this line is a copy of the message.

Received: from [] by nm7.access.bullet.mail.mud.yahoo.com with NNFMP; 07 Nov 2011 07:58:15 -0000
Received: from [] by tm10.access.bullet.mail.mud.yahoo.com with NNFMP; 07 Nov 2011 07:58:15 -0000
Received: from [] by omp1009.access.mail.mud.yahoo.com with NNFMP; 07 Nov 2011 07:58:15 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: 958154.50004.bm@omp1009.access.mail.mud.yahoo.com
Received: (qmail 15222 invoked by uid 60001); 7 Nov 2011 07:58:15 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=prodigy.net; s=s1024; t=1320652695; bh=d1xkhjtnZTKATNfOiCeg7Fd6w0M0Ziv0XVr757+mSaY=; h=X-YMail-OSG:Received:X-Mailer:Message-ID:Date:From:Subject:To:MIME-Version:Content-Type; b=cvFMWwN93ZkrklYV0YI3UpPgJhTs3Bw3h47LjGLl5TbSTiGzu7707+QBNAwp6hKjBPrauL1WagO461rXWNDWA4ySE89qys6FKMgyLpcrjSG5bgZEp0aXgLXuTltus+ukOIeAz5qANRF0EjF8qyfFs+ar9fOLUrnyeII/oaDp+Ls=
DomainKey-Signature:a=rsa-sha1; q=dns; c=nofws;
s=s1024; d=prodigy.net;
X-YMail-OSG: fFtQfwIVM1mm.yk8dxSBk_UyRcoQ6XY28s5AuALDld4fHgF
Received: from [] by web80202.mail.mud.yahoo.com via HTTP; Sun, 06 Nov 2011 23:58:15 PST
X-Mailer: YahooMailWebService/
Message-ID: <1320652695.9048.yint-ygo-j2me@web80202.mail.mud.yahoo.com>
Date: Sun, 6 Nov 2011 23:58:15 -0800 (PST)
From: C**** G****** <g*******@prodigy.net>
Subject: Re:1
To: s*****@***inc.com, c*******@swbell.net, r*********@aol.com,
r******.******@sbcglobal.net, e******@aol.com, e*****66@aol.com,
g******@aol.com, g*****81@hotmail.com
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii

...I hope will like my new site! Your opinion is very important for me! http (colon) //cochesclasicosparabodas (dot) com/m.friends.page.php?tyahoo=

Edited by Cuzenu, 08 November 2011 - 11:12 PM.

BC AdBot (Login to Remove)


#2 frankp316


  • Members
  • 2,677 posts
  • Local time:11:03 PM

Posted 09 November 2011 - 06:28 AM

Have him change his password. That should take care of it.

#3 nesrinamb


  • Members
  • 22 posts
  • Gender:Male
  • Location:Thousand Oaks
  • Local time:11:03 PM

Posted 10 November 2011 - 12:03 AM

actually first do a virus scan on the computer which he uses to check his email and then have him change it. That scan should take care of any key loggers

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users