Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Gmail sending spam?


  • Please log in to reply
6 replies to this topic

#1 Xenosis

Xenosis

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:54 AM

Posted 16 June 2017 - 04:31 AM

Hello
 
A friend of mine have just contacted me about her G suite gmail is getting bounce messages with her account sending spam..
 
Screenshot:
 
She don't know the company and have never had any contact with them..
 
She is using Gmail with Chrome browser..
 
How is this possible? I moved her email to G-Suite in hope of avoiding all the problems she had with Outlook and viruses..
 
any ideas what is happening and how can I fix this?
 
Thank you..


BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:54 AM

Posted 16 June 2017 - 04:49 AM

The spammer could be spoofing her email address. Another possiblility is that someone with her email address in their address

book has had their address book compromised by malware or other. Then there is the possibility that there is malware on her computer

that is responsible.

 

She should not click on any links in those emails or open any attachments in those emails. Some of the worse malware is delivered by doing

one of those things....such as ransomware.

 

One way to tell if the spam is actually being sent from her computer is to check the sent folder. She can check the header of the email to

discover the original sender's IP. Most often, the spammer will stop using her's and other's spoofed email addresses within a week or two as

many receivers would be blocking the address or reporting to their email providers as spam.

 

Message headers - Gmail Help

 

QUOTE:

  1. Log in to Gmail
  2. Open the message you'd like to view headers for.
  3. Click the down arrow next to Reply, at the top of the message pane.
  4. Select Show Original.
  5. The full headers will appear in a new window. Click Download OriginalDownload S/MIME Original, or Download Decrypted.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 buddy215

buddy215

  • Moderator
  • 13,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:54 AM

Posted 16 June 2017 - 05:38 AM

Informative read....How Spammers Spoof Your Email Address (and How to Protect Yourself)


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#4 Xenosis

Xenosis
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:54 AM

Posted 16 June 2017 - 06:23 AM

 

One way to tell if the spam is actually being sent from her computer is to check the sent folder. She can check the header of the email to

discover the original sender's IP. Most often, the spammer will stop using her's and other's spoofed email addresses within a week or two as

many receivers would be blocking the address or reporting to their email providers as spam.

 

That was the first thing I asked her to check.. And everything looks OK in the "sent" folder, no messages that shouldn't be there..

 

So the next step I should do is running a few malware,anti virus programs on her PC to see if I can find anything?



#5 buddy215

buddy215

  • Moderator
  • 13,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:54 AM

Posted 16 June 2017 - 08:35 AM

That would be okay. the programs below will clean, remove adware and malware...all free. I've included instructions for use and if you want

the logs reviewed here....then start a new topic in the Am I infected? What do I do? Forum - BleepingComputer.com Forum.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

  • download Malwarebytes to your desktop.
  • Double-click mb3-setup-1878.1878-3.0.6.1469.exe and follow the prompts to install the program.
  • Then click Finish.
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.
  • The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.

Download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message

 

Download and run the FREE online scanner from Free Virus Scan | Online Virus Scan from ESET | ESET

  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#6 buddy215

buddy215

  • Moderator
  • 13,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:54 AM

Posted 16 June 2017 - 08:40 AM

Just wanted to add that if she has posted her email address online and it is visible to the public such as in Craig's List then she

may want to change email address(es) as that is another favorite way spammers get addresses..scraping websites.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#7 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 7,495 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:03:54 AM

Posted 16 June 2017 - 09:04 AM

Just wanted to add that if she has posted her email address online and it is visible to the public such as in Craig's List then she

may want to change email address(es) as that is another favorite way spammers get addresses..scraping websites.

 

This is one of the reasons that I tell people that they really need to stop concerning themselves with their e-mail addresses having been used for spoofing.  It is absolutely impossible to prevent, and for precisely the reason (and there are lots more) you mention.

 

ISPs know this, too, and why they would be bothering an end-user about messages that clearly did not originate with that end user is a complete mystery to me.

 

You can change e-mail addresses almost daily and someone, somewhere is going to pick up each and every one of them if they've ever been used to send a single message.  The methods for collecting e-mail addresses to use in spoofing and phishing are myriad (and in the cases of spoofing and phishing use those methods themselves to collect more from those who fall for the lure).

 

I don't even send messages to friends when I receive what is clearly a spoof or phishing message that has used their e-mail address.  I long ago learned that this is virtually never the result of someone's account being compromised, but rather that their e-mail address has been acquired and used by one of the many "usual methods" that have nothing to do with a compromised account.


Brian AKA Bri the Tech Guy (website in my user profile) - Windows 10 Home, 64-Bit, Version 1803, Build 17134 

 

     In a modern society where everyone thinks their opinion deserves to be heard nothing annoys me more than individuals who mistake their personal preferences for fact.

         ~ Commenter TheCruyffGurn on the The Guardian website, 8/13/2014

 

              

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users