Jump to content


Photo

about spoofing - merged twice


  • Please log in to reply
15 replies to this topic

#1 rl153

rl153

    Advanced Member

  • Full Member
  • PipPipPip
  • 108 posts

Posted 05 December 2012 - 09:57 PM

I was reading about spoofing, and it seems the way a foreign ip address gains access to your address book ,is through worms such as I love you, Klez, or Sober.,Did the malware programs I ran include these worms for detection,and where do they reside if you are infected with them? thanks!

i also read you usually get these worms by downloading attachments, or they usually attack outlook.I just cant figure out how they gained access to my address book on att yahoo webmail if i didn't have a worm.does anyone know?thanks

EDIT: I moved this topic to a more appropriate forum.

Edited by rl153, 06 December 2012 - 09:22 PM.


#2 rl153

rl153

    Advanced Member

  • Full Member
  • PipPipPip
  • 108 posts

Posted 06 December 2012 - 09:20 PM

any answers?

#3 rl153

rl153

    Advanced Member

  • Full Member
  • PipPipPip
  • 108 posts

Posted 06 December 2012 - 10:08 PM

my att webmail address book was spoofed and emails were sent to my friends with spam links for different websites selling things.the links all had the word facebook in the web address. i ran all the reccommended programs for virus and spyware.nothing was detected. how did they access my address book without installing a virus or worm? there were 10 emails sent from my email and were in my sent folder. each email went to 9 people. it only happened once ,and it was after accidentally leaving modem and router on overnight.how was this done?thanks!(computer was turned off at the time)

#4 Budfred

Budfred

    Malware Hound

  • Administrators
  • PipPipPipPipPip
  • 20,364 posts

Posted 07 December 2012 - 12:01 AM

I merged your topics since you are asking about the same problem in both topics...

For someone to spoof your webmail account, they just need to get access through the web - you don't have to have malware on your computer... You can give them the needed information if they hack the site where you log in or they may even be able to steal it directly from Yahoo if they have hacked them... Of course, that would mean many others will also encounter the situation that you did... Leaving the modem on was irrelevant to this problem, especially if the computer was off... Webmail keeps all of your important information online, so your computer doesn't have to be involved at all...

Others may be able to give you more details and ideas, so please be patient... We were offline much of today and you just posted last night...
Budfred

Helpful link: SpywareBlaster...

MS MVP 2006 and ASAP Member since 2004

Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"

#5 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,221 posts

Posted 07 December 2012 - 02:21 AM

This problem was discussed at length in your topic Email Hacked.

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#6 rl153

rl153

    Advanced Member

  • Full Member
  • PipPipPip
  • 108 posts

Posted 07 December 2012 - 11:59 AM

So somehow they got my email address ,and figured out my password?And all I really had to do is change my password?I don't mean to belabor the point, Thanks!

Edited by rl153, 07 December 2012 - 12:02 PM.


#7 rl153

rl153

    Advanced Member

  • Full Member
  • PipPipPip
  • 108 posts

Posted 07 December 2012 - 04:16 PM

Your email address was spoofed on sent mail that appeared to come from you. The actual sender was in Japan.

this is the answer cnm gave me. I get it ,I think . I just don't see how they accessed my address book.

#8 rl153

rl153

    Advanced Member

  • Full Member
  • PipPipPip
  • 108 posts

Posted 08 December 2012 - 11:38 AM

I'm still unsure I dealt with the spammer completely.Emails were sent from my email sent box to people in my address book. This is from an article in pc magazine.

richpond said

Compromised, or spoofed? Here's a significant point. The article mentions this:

"The tactic can also increase the spam message's seeming legitimacy: You're more likely to open email that purports to come from a person or a company you know than email that comes from a total stranger."

Why are the spam messages going to people who know you? If a spammer only gets your e-mail address, and sends 'spoof' messages that seem to come from you, those spam messages go all over the place. They are not particularly sent to people you know. But if your own account or computer is compromised, the spammer will have not only your address to use as the 'from' address, but also names and addresses of people in your e-mail account to use for spam targets.

So if many people you know are getting messages that seem to come from you, someone may have your entire address book. That is more likely to signify that there's a real compromise rather than just a case of someone finding your own name and address for spoofing.



Richpond makes a very good point: spoofing doesn't give spammers access to your address book; it just uses your email address to send junk. If the junk goes to a bunch of your friends, it's probably not a case of spoofing, but more likely a hacked email account. If it's not hacked, the spammer doesn't have your friends' email addresses

Edited by rl153, 08 December 2012 - 11:43 AM.


#9 Budfred

Budfred

    Malware Hound

  • Administrators
  • PipPipPipPipPip
  • 20,364 posts

Posted 08 December 2012 - 12:10 PM

Please stop creating new topics about this question... If someone has an answer for you, it will be posted in the topic you already started - I have merged them again...

Your email account was almost certainly hacked, but it was likely hacked online since it is a webmail account... If you haven't already changed your password, you need to do so and make sure it is a strong one... If it were me, I would probably close the webmail account and create a new one somewhere else...
Budfred

Helpful link: SpywareBlaster...

MS MVP 2006 and ASAP Member since 2004

Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"

#10 rl153

rl153

    Advanced Member

  • Full Member
  • PipPipPip
  • 108 posts

Posted 08 December 2012 - 05:19 PM

Ok ,I won't post new topics anymore. I did change my passwords and I deleted all my contacts in my address book . Then I opened up a new sub account with a completely different name and address. I just don't know if I can completely delete the hacked account ,because it was my primary account on att for a long time .Thanks for responding.I wonder how they got my password?

#11 Budfred

Budfred

    Malware Hound

  • Administrators
  • PipPipPipPipPip
  • 20,364 posts

Posted 08 December 2012 - 11:02 PM

You may certainly post other topics if you would like, just no more about the same issue...

They could have gotten your password in a number of ways... If you computer was infected, it could have been stolen directly from there assuming you have it saved... They might have gotten it through something that was infecting the site - if that is the case, any other account on that site can be compromised... Of course, if the site quietly cleaned out the infection, it may no longer be a risk - you might want to ask them... There are other ways, but I am not an expert in that, so I will leave it to others to respond... Again, have patience since it can be a while before someone has a chance to look and respond...
Budfred

Helpful link: SpywareBlaster...

MS MVP 2006 and ASAP Member since 2004

Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"

#12 Rocket Grannie

Rocket Grannie

    SWI Australian Rebel

  • Boot Camp Mod
  • PipPipPipPipPip
  • 6,958 posts

Posted 15 December 2012 - 07:26 PM

I wonder how they got my password?

The possibilities are endless.
https://www.google.c...e=hp&channel=np
a41.gif
 
My help is free, but if you wish to help keep these forums running please consider a donation, see here for details.

#13 rl153

rl153

    Advanced Member

  • Full Member
  • PipPipPip
  • 108 posts

Posted 18 December 2012 - 12:16 PM

I read the article about yahoo passwords being stolen .My account was att yahoo with an sbcglobal.net address and not yahoo .com. . I don't know if that was included. I had left my modem and router on all night that night by accident, isn't it possible for some hackers to use special trolling equiptment to detect this? I don't really know ,but it seems I heard that somewhere.Anyway ,thanks for responding.

#14 Budfred

Budfred

    Malware Hound

  • Administrators
  • PipPipPipPipPip
  • 20,364 posts

Posted 18 December 2012 - 04:20 PM

I read the article about yahoo passwords being stolen .My account was att yahoo with an sbcglobal.net address and not yahoo .com. . I don't know if that was included. I had left my modem and router on all night that night by accident, isn't it possible for some hackers to use special trolling equiptment to detect this? I don't really know ,but it seems I heard that somewhere.Anyway ,thanks for responding.

If you have a wireless connection available through your router and you do not have good security set up, it is certainly possible that someone had full access to your computer and that could still be true... If you went with the default passwords that come with the router, it would take most hackers a few seconds to get into your computer and take whatever they want... Make sure you have a good strong password for access to your wireless...
Budfred

Helpful link: SpywareBlaster...

MS MVP 2006 and ASAP Member since 2004

Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"

#15 rl153

rl153

    Advanced Member

  • Full Member
  • PipPipPip
  • 108 posts

Posted 18 December 2012 - 07:18 PM

thanks budfred,do you think they could have done that through the internet from another country?

#16 Budfred

Budfred

    Malware Hound

  • Administrators
  • PipPipPipPipPip
  • 20,364 posts

Posted 18 December 2012 - 07:37 PM

thanks budfred,do you think they could have done that through the internet from another country?

No... If someone hitched onto your wireless connection, he/she would have had to be in range... However, there are any number of other ways that the information could have been transferred to someone anywhere else in the world... You best bet to prevent that kind of thing is to armor up your wireless so that no one can get in without the password which you would only give to those you can trust... My wireless password is my most complex... I also have a strong password protecting the router itself so that no one can get access to it and change my settings...
Budfred

Helpful link: SpywareBlaster...

MS MVP 2006 and ASAP Member since 2004

Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"




2 user(s) are reading this topic

0 members, 2 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button