Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Has my email been hacked? What can I do about it?


  • Please log in to reply
10 replies to this topic

#1 autolycusbc

autolycusbc

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:04:33 PM

Posted 29 October 2015 - 10:11 AM

I use WLM on Windows 7 for my main email (ntlworld.com) address. I don't keep an address book, i just reply to the latest email from whoever in my inbox. I am on one list of old school friends, pretty much all the rest in my inbox at any one time are from individuals or companies.

Recently, i have been receiving a lot of 'delivery failures' for emails that i have supposedly sent to addresses on this list. Some on the list have confirmed they have been receiving spam from my address. This list activity is the only malfunction i have noticed in WLM. I have a hotmail account and a yahoo account that both seem to be performing fine.

My ISP suggested i changed the passwords on my ntlworld accounts (I have two) and i did that under their guidance over the phone the other night. Within minutes of doing so i got yet another batch of bounced emails.

The only difference was this time instead of "Mail delivery failed: returning message to sender", "Undelivered Mail Returned to Sender" or "Undeliverable: Fw: new message" in the subject line, i got "Warning: message XXXXXX-XXXXXX-XX delayed 24 hours".

My ISP suggested i changed my passwords again and when i reiterated that i had just done so and it had made no difference, he insisted that this was all he could suggest or to "open another email account". He did say that my PC must be infected with a virus, but i scan regularly with avira and malwarebytes and occssionally with ESET and Adwcleaner.

Can someone please explain in not too technical fashion what has happened and more importantly how i can fix the problem?

Many thanks.


Edited by hamluis, 29 October 2015 - 10:54 AM.


BC AdBot (Login to Remove)

 


#2 RolandJS

RolandJS

  • Members
  • 4,539 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin TX metro area
  • Local time:09:33 AM

Posted 29 October 2015 - 10:23 AM

  It's entirely possible your email address is being spoofed.  Some person or persons "borrowed" your email address is and is sending emails from another computer to your WLM contacts; or, your computer could have a 2nd email engine [set up somehow] that is doing the sending.  I don't know which because I have never used WLM; however, I have used earlier older email programs for some time now.


"Take care of thy backups and thy restores shall take care of thee."  -- Ben Franklin revisited.

http://collegecafe.fr.yuku.com/forums/45/Computer-Technologies/

Backup, backup, backup! -- Lady Fitzgerald (w7forums)

Clone or Image often! Backup... -- RockE (WSL)


#3 technonymous

technonymous

  • Members
  • 2,520 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:33 AM

Posted 29 October 2015 - 11:20 AM

If the mail is saying cannot be delivered then it can mean several things. it could be that the recipients E-mail no longer exists. It could also be the mail provider on their end doesn't exist. Many E-mails such as Yahoo.com or G-mail deactivate your e-mail accounts if not used over a certain period. Another reason could be secuirty or spam filtering. If your e-mail is flagged as spam it will not reach it's destination. Your E-mails could be in violation of the CAN-SPAM act of 2003. https://en.wikipedia.org/wiki/CAN-SPAM_Act_of_2003



#4 autolycusbc

autolycusbc
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:04:33 PM

Posted 29 October 2015 - 11:38 AM

Yes technonymous, i'm not upset they are not getting through :-) it's the fact they are being sent. Some ones that are getting through apparently contain some pretty toxic stuff.

 

RolandJS - if i understand you correctly you are saying that my PC is not necessarily infected or hacked? That my email may be being borrowed from the list that has somehow been compromised? But then, what can i do?



#5 RolandJS

RolandJS

  • Members
  • 4,539 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin TX metro area
  • Local time:09:33 AM

Posted 29 October 2015 - 11:54 AM

IF a spammer "borrowed" your email address, I don't know the answer.  IF your computer just might possibly have a rogue email engine, the BC malware team will have to advise you.  Awhile back, I had to do an OS partition restore 'cause I did not know about bleepingcomputer back then.


"Take care of thy backups and thy restores shall take care of thee."  -- Ben Franklin revisited.

http://collegecafe.fr.yuku.com/forums/45/Computer-Technologies/

Backup, backup, backup! -- Lady Fitzgerald (w7forums)

Clone or Image often! Backup... -- RockE (WSL)


#6 technonymous

technonymous

  • Members
  • 2,520 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:33 AM

Posted 29 October 2015 - 12:52 PM

Are you finding the same e-mails inside the sent folder?. If they are then your system has been infected or compromised. Otherwise someone is spoofing your emails. Is UAC (User Access Control) secuirty disabled on your system?



#7 autolycusbc

autolycusbc
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:04:33 PM

Posted 29 October 2015 - 01:33 PM

Nothing in my local sent folder. On the server it's a complete mess as my ISP is migrating from gmail or something(?). There are only 35 sent mails that i can find from the last 2 years and none of these is pertinent. (And no auto forwarding). UAC is set to 'never notify' as it was a PITA when i had it on. I've switched it on protem.



#8 technonymous

technonymous

  • Members
  • 2,520 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:33 AM

Posted 29 October 2015 - 02:46 PM

You probablly should be moved to Am I Infected Forum just to be sure. It sounds like a spoof though. They use your email as their return, or use your e-mail and sign you up for garbage. Once that happens servers may flag you as the spammer. If you don't have a security software suite you should get one they often will scan e-mails to be sure no worms/Trojans are coming inbound/outbound. If you use E-mail a lot that is crucial. No secuirty and I guarantee that you sooner or later you will get one. The lower the UAC the less secure it becomes. Mainly to block scripts from running without your permissions. That is exactly how a e-mail worm will infect your pc by using a script to exploit the systems vunerabilities. You can't let your guard down for one second. Free antivirus is better than nothing, but are lacking in support, updates, e-mail, realtime scanning etc that retail offers. Check if your ISP has one. Usually they are retail quality ones branded with their logo's that they offer their clients for ree. Usually they are contracted with Norton, Mcafee, etc.


Edited by technonymous, 29 October 2015 - 02:47 PM.


#9 autolycusbc

autolycusbc
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:04:33 PM

Posted 29 October 2015 - 03:28 PM

I'm confused - i thought this was the Am I infected Forum.



#10 RolandJS

RolandJS

  • Members
  • 4,539 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin TX metro area
  • Local time:09:33 AM

Posted 29 October 2015 - 03:56 PM

I'm confused - i thought this was the Am I infected Forum.

You are, your topic was probably transferred after some had already posted.


"Take care of thy backups and thy restores shall take care of thee."  -- Ben Franklin revisited.

http://collegecafe.fr.yuku.com/forums/45/Computer-Technologies/

Backup, backup, backup! -- Lady Fitzgerald (w7forums)

Clone or Image often! Backup... -- RockE (WSL)


#11 autolycusbc

autolycusbc
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:04:33 PM

Posted 29 October 2015 - 05:28 PM

So if i understand the stickies, hopefully some kind soul will help me through some method of ridding me of any possible infection?

 

Sorry, i'm new and not quite sure how things work.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users