Community Newsletter: Q&A: Spam e-mail received, but it’s coming from me?!
- 10/2/08 4:45 PM
Spam e-mail received, but it’s coming from me?!
by Lee Koo (ADMIN) - 10/2/08 4:45 PM
Question:
Dear CNET folks, Today I received an e-mail addressed from my OWN mailbox touting some dubious, probably obscene free video. I am alarmed and deeply concerned that my own e-ail address is being used for spam purposes, and am worried that I may be being blocked by receiving servers or recipients when I'm sending out (proper) e-mail. Additionally, I feel that my good name is being dragged in the dirt with such obscene mails. This is not the first time this has happened, but the second (different topics though). I ignored the first e-mail a few months ago and completely deleted it off my system. The current offending e-mail has got links embedded, but I have not clicked on any of them (I am aware of such consequences).
Can you tell me how this can happen (for someone to use my e-mail address) and what precautions I should take to stop this from happening. Do I have a chance of tracing back the author of this e-mail? My security software is up-to-date and I generally keep my PC in a "clean" state. Thank you very much.
--Submitted by Ted L.
Here are some featured member answers to get you started, but
please read up on all the advice and suggestions that our
members have contributed to this member's question.
RE: Spam e-mail received, but it’s coming from me?! --Submitted by Zouch
http://forums.cnet.com/5208-10149_102-0.html?forumID=7&threadID=309967&messageID=2867970#2867970
Spamming yourself... --Submitted by Wolfie2k5
http://forums.cnet.com/5208-10149_102-0.html?forumID=7&threadID=309967&messageID=2868137#2868137
E-Mail spoofing --Submitted by WxULM
http://forums.cnet.com/5208-10149_102-0.html?forumID=7&threadID=309967&messageID=2868229#2868229
Your e-mail address as a spam source... --Submitted by Watzman
http://forums.cnet.com/5208-10149_102-0.html?forumID=7&threadID=309967&messageID=2867949#2867949
If you have any additional advice or recommendations for Ted, please click on the reply link and submit it. Please be as detailed as possible in your answers. Thanks!
Spam e-mail received, but it came from me
by Mimi_Rogers - 9/26/08 6:26 PM In reply to: Spam e-mail received, but it’s coming from me?! by Lee Koo (ADMIN)
The same thing happened to me about two weeks ago. It came from my hotmail account and went to everyone in my address book, even myself. Luckily it wasn't bad, but still it bothers me. I'll keep watching this post to see if anyone has an answer.
Spamming yourself? EEESH!
by mookie114 - 9/26/08 6:49 PM In reply to: Spam e-mail received, but it came from me by Mimi_RogersCould be from any number of sources or causes - none of them are the 'happily-ever-after' type. I recently had the same issue, but it was even weirder because it was coming from the computer I used (for several years) at a job I'd left six weeks earlier!
It COULD be a virus - not terribly likely though. It's more likely spyware/adware or along those lines.
For the record, I HEARTILY disagree with companies making a distinction between a virus and a piece of spyware or adware. What spyware and adware does fits exactly the description of what a virus does. Maybe spyware doesn't erase your hard drive or corrupt system files, but spamming the bejesus out of your friends isn't a particularly appetizing by-product either. So virus, spyware, adware... Same thing to me.
Spybot Search & Destroy is one product to use. It's free and works quite well. So well in fact that I used their "DONATE" link to send them some money for their efforts. You can scan your system for these viruses (or, as the politically correct companies refer to them - 'PUPs' or 'Potentially Unwanted Programs')
"No, Mr. McAfee.. I WANTED to spam the snot out of everyone in my address book! Put that program back!"
There are also alternatives you can pay for. The choice is yours.
Be aware that the morons who do this stuff are getting better and better and sneakier and sneakier. If you do eBay, for instance, everyone knows about the phishing stuff that goes on making you believe an email is from eBay or PayPal, but redirecting you to some nefarious site.
There are also similar emails sent to hundreds of people on a regular basis with the intent of doing to them exactly what was done to you!
So you NEED anti-virus and you NEED anti-spyware and you NEED anti-adware measures installed on your PC. I refer to what I consider as the same things in three different ways because that's how Symantec and McAfee andeveryone else distributing the software does. Make sure you have protection in each of those arenas AND MAKE SURE IT IS CURRENT!
Finally, as distasteful, time-consuming, and sometimes annoying as it can be, something to remember is that to reformat your system and reinstall your OS from scratch isn't a bad thing to do once in a while, anyway. Maybe your time has come!
If you simply restore a previous backup, you may be restoring the exact same issue. If you do a complete restore from scratch, AS SOON AS YOU have the OS installed and the drivers installed, do a complete backup. That way, before anything has a chance to become corrupted you've got a full install with drivers ready to restore to your PC - makes the NEXT time go much more quickly!
Mike
Try Yahoo Plus email account!
by rmonroe041 - 10/4/08 11:42 AM In reply to: Spamming yourself? EEESH! by mookie114I would second mookie114's suggestion about doing a 'complete OS reinstall.' It'll feel as if you took your PC out from its box!
Additionally, if you value your the data on your PC, I would strongly recommend you get yourself a Symantec Norton's "All-in-One" (or whatever name it is) PC protection virus software, and DO RENEW your subscriptions (on a yearly basis). I've also had many nightmare issues with McAfee...(its a piece of crap). Once installed, become accustom to search for Norton's updates at least twice a month.
And yes, also install Spybot Search & Destroy. And make sure to run it at least once or twice a month. (It's like a tetanus shot for your PC!) I'm kinda anal, so I run Norton and Spybot once a week, especially if I've been poking around 'shady' or new websites which I'm not familiar with.
One great piece of advice I recommend you do is enroll in a Yahoo Plus email account. It has a rate of (I believe) $30 a YEAR, and this Plus option offer the advantage of creating 'disposable' email addresses. (What is that?) You'll have your main Yahoo email (bobsmith@yahoo.com) but DO NOT share this email with no one. Instead, you create a disposable email (smithmail-box1@yahoo.com), use this one instead for your website dealings. If it inadvertenly ends up being spammed, you can simply delete from your account (and all spams that will come to it) and create a new one!
It works like magic! (Tip: when creating a disposable email, use that email for ONLY that website. If you begin to get spam from that email, then you'll instantly know which site was the culprit! Delete your disposable email, and remember to NEVER visit that site again!)
I hope this helps you, and many other 'spam frustrated' web surfers!
Your E-Mail address as a spam source ....
by Watzman - 9/26/08 6:33 PM In reply to: Spam e-mail received, but it’s coming from me?! by Lee Koo (ADMIN)
There are two possibilities here:
First, the E-Mail is actually coming from YOUR computer.
Second, it's not coming from your computer but it has your E-Mail address as the return address.
The first case means that your computer is infected by a "spam-bot" (or worse .... and yes, there is worse. MUCH worse). The fix would be a thorough decontamination of your PC and an outgoing firewall. The fact that you don't think you are infected doesn't mean much.
In the second case, there really isn't anything you can do. Someone got your E-Mail and they are using it. Worse, they likely got your contact list, and messages with your return address are being sent to peple who know you and therefore won't distrust the message. Still worse, the E-Mails are probably infecting (or trying to infect) THEIR computers. Still, still worse, they may be monitoring your keystrokes (EVERYTHING you type on the computer ... like passwords, user IDs, credit card numbers) and sending this stuff back to an identity thief (Ooops, now I am back in the 1st case where your computer is infected).
There are some ways to trace the E-Mail. The bad news, you are likely to run into a dead end UNLESS the E-Mail really did come from your computer. But at least it's a way of finding out what the story is, or of at least getting closer to the truth. The "return address" that people see is trivial to make anything you want .... it does not have to correspond to the computer that actually originated the message. But every E-Mail has a "header", normally invisible, that has at least some of the "real" data in it as to where the message originated and what route it took to the recipient. The header can be viewed (fairly easily, in most cases), but the exact process varies depending on your E-Mail client (E-Mail program).
What I'd do is have someone who REALLY knows what they are doing look at your machine, and look at some of the E-Mail headers and see if they can get a handle on where you stand. Note, if you are infected, the programs often try to "cloak" themselves and it's not always easy to prove and identify an infection (even for a professional). The ultimate disinfectant is a wipe of the hard drive (EVERYTHING, including the master & partition boot records) followed by reinstallation of Windows with the machine disconnected from the internet until after at least XP SP2 has been installed (if you are running XP). This is, however, a drastic step not to be done lightly (depending on how much and what is on the machine, it can take multiple days to get the machine back to where it was with all software and data restored).
ME TOO...
by trojan-float - 9/26/08 6:45 PM In reply to: Spam e-mail received, but it’s coming from me?! by Lee Koo (ADMIN)
I have the same problem exactly. This is outragious that there is a few that can exploit the many at our detriment.
RE: Spam e-mail received, but it?s coming from me?!
by Zouch - 9/26/08 6:48 PM In reply to: Spam e-mail received, but it’s coming from me?! by Lee Koo (ADMIN)
Hi Ted,
don't worry about this too much - I know it's very worrying when you get these spam messages apparently from yourself. It's called "spoofing", a technique where some random email address is used to replace the real senders email address. I won't go into how it's done, but it isn't rocket science!
The spammer has obtained your email address from somewhere, possibly just a random scan of email traffic on the web or an intercept server, which we also don't need to go into. (S)he uses this address in the "To:" field of the email and so it's no big deal to "spoof" it into the from address. The likelihood is that your email address is used only for the copy of the spam to you.
You may be equally concerned about messages that address you by name in the subject line - they are set up in pretty much the same way.
Usually, you can recognise any of this spam that gets through your ISP's spam filters, as you have in these cases. The safe option is not to open the message and absolutely, do not click on any of the embedded links. Just delete the message, unread, from your inbox.
Can you find out where they are coming from? Probably not. If you display the full headers of the message (an option of most email clients) you may get a clue from the routing information displayed but if the real sender is smart enough to spoof the from address, (s)he will also know how to cover their tracks.
Sadly, it's something we all have to put up with. I don't think you need worry about your own genuine messages being blocked. Just delete this rubbish unread. If it gets to be a big problem, you might want to consider trying one of the personal mail filters, GFI, Mailwasher or similar - I don't have a specific recommendation.
Zouch's is most likely the case
by Rick75230 - 9/28/08 4:48 PM In reply to: RE: Spam e-mail received, but it?s coming from me?! by ZouchAlthough the variety of answers here do describe the various POSSIBILITIES, Zouch's is most likely the actual situation. I run about 22 different websites, with various email addresses listed. In fact all the addresses are forwarded to my one email account. When responding to emails, I simply change the "From" and "Return Address" settings. They all actually are sent from a single email program and go through the same mail server.
Assuming your PC is NOT infected and the actual source of the email, generally there is no benefit to a spammer to use your email address for a whole bunch of people. So they just get a list of email addresses and the program sets both the From and To addresses to be the same.
Also, there is a benefit to them in NOT using the same From address for a slew of emails. Using the same sender address on thousands of spams is much more likely to cause spam filters to reject the email.
So, the basic point here is, yes, check your PC for spyware, etc., but if you don't find any, this is most likely a one-time occurrence and nothing to worry about. Tracking down the source is a waste of time, since spammers constantly use new sources and as a practical matter no one is going to do anything to them anyway.
RE: Spam e-mail received
by Jazzy_Gal - 10/4/08 5:53 AM In reply to: RE: Spam e-mail received, but it?s coming from me?! by ZouchGreetings to you,
When I used Outlook Express the filth that was sent to me was unbelievable, I was drowning in it, I got tired of deleting it on a daily basis it was a pain.
I called my provider and told him that I was fed up. He told me that I could stop from receiving all the mail that was coming in by unchecking it from the drop box.
Since then I have been using Yahoo E-mail with no filth what so ever.
Yes I am a happy camper.
Yahoo the best
by canamrebel - 10/7/08 4:39 AM In reply to: RE: Spam e-mail received by Jazzy_GalI agree Jazzy Girl, Yahoo mail is the best. I very seldom get spam on it and when I do it is not spam just a message from a legit sender that Yahoo labeled spam. I have 5 email services:
Hotmail is by far the worst with way too much junk on it.(GO! Microsoft)
Earthlink is next with still too much junk
Embarqmail gets some junk.
Lycos has also never given me a problem.
Microsoft spam
by dermottusmc - 10/9/08 4:38 PM In reply to: Yahoo the best by canamrebelHas ever occured to anyone that You may be filtering out the spam for microsoft?!(for paying customers) By reporting it as junk.
Spam from MY computer?
by ColdWest - 11/9/08 3:35 PM In reply to: Microsoft spam by dermottusmcWhy is anyone concerned if they help any system identify SPAM or any intrusive/unwanted content?
That is but one way for reputable services to build their database. Also, do not forget that they have to vet what you send to be sure your submission is legitimate.
Begrudge them not!
I agree that the original answer about covers the subject. Full stop.
Yahoo good, but hope you never need help
by Grinhooks - 10/11/08 10:33 PM In reply to: Yahoo the best by canamrebelThe few times I've had to deal with Yahoo, it's been fruitless. I can think of 3 main occasions. In both of the first two, my requests were met with auto-responses that only vaguely matched the topic I was trying to resolve, and repeated follow-up questions only got more botmail, never a real human offering real help. In the first two cases the problems eventually just cleared up, no thanks to any "support", with no explanation or closure.
In my current case, it seems my friends sending mail from Bellsouth domains can't get through - their emails just bounce. I've been trying to get help from Yahoo, but all I get is infuriating botmail. And it's not even automated botmail, each reply takes a couple days; this tells me that a human does read my email and my pleas for human interaction, and sends me a nearly-relevant form letter instead.
In Yahoo's defense, they do give you your money's worth, as long as it's a free account.
OK, but WHY?
by porsche10x - 10/8/08 10:51 AM In reply to: RE: Spam e-mail received, but it?s coming from me?! by ZouchZouch's description is certainly the most likely, so you probably don't have anything to worry about. I just wanted to add a comment about why the spammers do this in the first place.
There's a simple and relatively effective way to greatly reduce the amount of spam in your inbox. Set up your email so that you only receive email from people you know. Many email providers and services use some version of this as part of their spam fighting methods, using a "white list" of allowed senders, often based on your address book, previous emails, etc.
Now, most people send themselves email from time to time as reminders, to transfer files, etc., so most systems do not block email from your own email address.
The spammers know this, so they forge your email in the "from" field so that it seems like you sent it yourself and it sneaks into your inbox. You would think an anti-spam service would be able to tell that the address is forged and block the email. Perhaps they do, but some still may slip by.
By the way, in the extreme, you can usually set up your email so that you receive absolutely no email whatsover, except from people you know directly and have actually listed. This would eliminate almost all spam. You can do this with any email program without even using any kind of special anti-spam software or features. Of course, this means that if a friend changes their email addess without telling you, you'll never get their email. If you buy something on line, you'll have to add their email (or their entire domain), to your whitelist. Inconvenient, but for some, well worth it.
Part of life, get used to it
by u52983 - 9/26/08 6:57 PM In reply to: Spam e-mail received, but it’s coming from me?! by Lee Koo (ADMIN)
When a spammer crafts a spambot virus to invade somebody's computer, they may scan that victim's address book for addresses. Then they may use random addresses for the "From" address as well as to send the spambot virus to the next victim. You might not have received the version with the virus payload, perhaps because you have good spam/virus filtering.
It's as easy to lie in the From address of email as it is to write a fake return address on a postal letter. Anyone can do it. There is nothing you can do about this, any more than you could stop somebody malicious from writing your return address on a letter, sticking a 42 cent stamp on it, and mailing it.
But don't worry too much - this won't ruin your reputation. All modern spam filtering techniques know how to ignore these phony From addresses.
| Forum legend: | |
 |
Locked thread |
 |
Moderator |
 |
CNET staff |
 |
Samsung staff |
 |
Norton Authorized Support team |
 |
AVG staff |
 |
Windows Outreach team |
 |
Dell staff |
 |
Intel staff |
