Ask a question
Search in U-verse Forums

U-verse Forums

Reply
Posted Apr 2, 2014
12:02:19 PM
View profile
email account hacked - what's the next step

This happened with my @sbcglobal.net email.

 

Looking for  some help and explanations of what happend, how, and how to prevent it again.

 

I regularly change passwords, and have done all the virus scanning and other steps recommended by ATT support.  There was nothing found that indicated any problems.


This past weekend, spams were sent to many people that I've sent e-mails to.  At first I thought my contacts were stolen somehow, but it turns out several of the intended recipients were not in my contacts, their addresses did exist in my sent folder.

 

None of these spams showed in my sent folder.

 

I found out about it three ways:

 

1) one of the recipients was a Yahoo group that I use.  It got the message and forwarded it to me since I am on that list.  So I spammed myself, indirectly.

 

2) several of the recipients let me know

3) I happened to look in my spam folder and found 6 or 7 of the spams that had been returned to me by the spam filters of the recipients.

 

I did save one of the spams that were resent back to me and have copied this info:

 

From Mail Delivery System Mon Mar 31 02:46:22 2014
X-Apparently-To: my address 98.136.215.57; Mon, 31 Mar 2014 02:46:24 -0700
Return-Path: <>
X-YahooFilteredBulk: 193.252.22.212
Received-SPF: none (domain of out.smtpout.orange.fr does not designate permitted sender hosts)

 

...

lots of stuff

...

 

X-Originating-IP: [193.252.22.212]
Authentication-Results: mta1204.sbc.mail.gq1.yahoo.com  from=orange.fr; domainkeys=neutral (no sig);  from=orange.fr; dkim=neutral (no sig)
Received: from 127.0.0.1  (EHLO out.smtpout.orange.fr) (193.252.22.212)
  by mta1204.sbc.mail.gq1.yahoo.com with SMTP; Mon, 31 Mar 2014 02:46:24 -0700
Return-Path: <<>>
From: "Mail Delivery System" <MAILER-DAEMON@orange.fr>
Date: Mon, 31 Mar 2014 11:46:22 +0200
To: my address
Subject: Undelivered Mail Returned to Sender

...

some stuff

...

This happened with my @sbcglobal.net email.

 

Looking for  some help and explanations of what happend, how, and how to prevent it again.

 

I regularly change passwords, and have done all the virus scanning and other steps recommended by ATT support.  There was nothing found that indicated any problems.


This past weekend, spams were sent to many people that I've sent e-mails to.  At first I thought my contacts were stolen somehow, but it turns out several of the intended recipients were not in my contacts, their addresses did exist in my sent folder.

 

None of these spams showed in my sent folder.

 

I found out about it three ways:

 

1) one of the recipients was a Yahoo group that I use.  It got the message and forwarded it to me since I am on that list.  So I spammed myself, indirectly.

 

2) several of the recipients let me know

3) I happened to look in my spam folder and found 6 or 7 of the spams that had been returned to me by the spam filters of the recipients.

 

I did save one of the spams that were resent back to me and have copied this info:

 

From Mail Delivery System Mon Mar 31 02:46:22 2014
X-Apparently-To: my address 98.136.215.57; Mon, 31 Mar 2014 02:46:24 -0700
Return-Path: <>
X-YahooFilteredBulk: 193.252.22.212
Received-SPF: none (domain of out.smtpout.orange.fr does not designate permitted sender hosts)

 

...

lots of stuff

...

 

X-Originating-IP: [193.252.22.212]
Authentication-Results: mta1204.sbc.mail.gq1.yahoo.com  from=orange.fr; domainkeys=neutral (no sig);  from=orange.fr; dkim=neutral (no sig)
Received: from 127.0.0.1  (EHLO out.smtpout.orange.fr) (193.252.22.212)
  by mta1204.sbc.mail.gq1.yahoo.com with SMTP; Mon, 31 Mar 2014 02:46:24 -0700
Return-Path: <<>>
From: "Mail Delivery System" <MAILER-DAEMON@orange.fr>
Date: Mon, 31 Mar 2014 11:46:22 +0200
To: my address
Subject: Undelivered Mail Returned to Sender

...

some stuff

...

email account hacked - what's the next step

722 views
5 replies
(0) Me too
(0) Me too
Reply
View all replies
(5)
0
(0)
  • Rate this reply
View profile
Apr 2, 2014 5:44:29 PM
0
(0)
Teacher
Edited by les02jen17 on Apr 2, 2014 at 5:49:10 PM

Change your password. Update your security information (security questions). Be wary of websites you visit that asks for your email address/personal information. Some websites masquerades as legit websites (and does it really well an average person wouldnt know the difference) asking you for a survey or asking you to subscribe to a newsletter etc. If you frequent public places to access the internet like public libraries, internet cafes etc, you are also in danger of losing your login information because public computers may have keyloggers (basically it tracks what you type on the keyboard and a hacker figures out your email/username/password using those information). Internet security suites and anti virus can help, but awareness and vigilance works best. The reason why most emails are hacked, aside from identity theft, is they convert your working email into a "botnet" email which basically sends spam mails which usually contains links to phishing websites that attempts to hack your contacts as well as advertisements. The mailer daemon stuff you keep getting are simply "error messages. It occurs when an email is sent to an email address that are invalid, or the recipient's server blocked the email that has been sent because it's been caught by the server's spam filter etc.

Change your password. Update your security information (security questions). Be wary of websites you visit that asks for your email address/personal information. Some websites masquerades as legit websites (and does it really well an average person wouldnt know the difference) asking you for a survey or asking you to subscribe to a newsletter etc. If you frequent public places to access the internet like public libraries, internet cafes etc, you are also in danger of losing your login information because public computers may have keyloggers (basically it tracks what you type on the keyboard and a hacker figures out your email/username/password using those information). Internet security suites and anti virus can help, but awareness and vigilance works best. The reason why most emails are hacked, aside from identity theft, is they convert your working email into a "botnet" email which basically sends spam mails which usually contains links to phishing websites that attempts to hack your contacts as well as advertisements. The mailer daemon stuff you keep getting are simply "error messages. It occurs when an email is sent to an email address that are invalid, or the recipient's server blocked the email that has been sent because it's been caught by the server's spam filter etc.

Re: email account hacked - what's the next step

[ Edited ]
2 of 6 (686 Views)
0
(0)
  • Rate this reply
View profile
Apr 2, 2014 6:45:19 PM
0
(0)
ACE - Expert

It is also possible that you have not been hacked, but that your e-mail has been mined from someone else's e-mail, or a mail list or forum along with the e-mails of some people you know.

 

I don't need to know your password to send an e-mail that appears to come from your e-mail address.  If I send an e-mail "from you" to an invalid e-mail, then you get the bounce-back.

It is also possible that you have not been hacked, but that your e-mail has been mined from someone else's e-mail, or a mail list or forum along with the e-mails of some people you know.

 

I don't need to know your password to send an e-mail that appears to come from your e-mail address.  If I send an e-mail "from you" to an invalid e-mail, then you get the bounce-back.

*The views and opinions expressed on this forum are purely my own. Any product claim, statistic, quote, or other representation about a product or service should be verified with the manufacturer, provider, or party.

Re: email account hacked - what's the next step

3 of 6 (677 Views)
0
(0)
  • Rate this reply
View profile
Apr 2, 2014 7:19:58 PM
0
(0)
Expert
I agree with Jeffer -- I don't think anyone actually hacked your account. They just sent a bunch of spam and falsified the "From" address to be your e-mail address. Such is the deviousness of spammers.

When spam filters or mailboxes received this spam and rejected it, all the rejection notices came back to the falsified address -- your address.

I agree with Jeffer -- I don't think anyone actually hacked your account. They just sent a bunch of spam and falsified the "From" address to be your e-mail address. Such is the deviousness of spammers.

When spam filters or mailboxes received this spam and rejected it, all the rejection notices came back to the falsified address -- your address.

Re: email account hacked - what's the next step

4 of 6 (673 Views)
0
(0)
  • Rate this reply
View profile
Apr 2, 2014 7:42:39 PM
0
(0)
Teacher
Edited by gsica1949 on Apr 2, 2014 at 7:44:39 PM

The biggest hit on this is when others send out global emails that were forward some someone else and from someone else, and from someone else,,, AND to be sure that it is FW: on too save the day, etc ,etc, etc. Before you know it, one rough email is now in thousands of mail boxes. Do open this type of e-mail, just delete.

 

AND do not open any email that has Re: in the subject unless you know the person that "you" sent an email too. 

 

Just a few of many things not to do.

The biggest hit on this is when others send out global emails that were forward some someone else and from someone else, and from someone else,,, AND to be sure that it is FW: on too save the day, etc ,etc, etc. Before you know it, one rough email is now in thousands of mail boxes. Do open this type of e-mail, just delete.

 

AND do not open any email that has Re: in the subject unless you know the person that "you" sent an email too. 

 

Just a few of many things not to do.

Re: email account hacked - what's the next step

[ Edited ]
5 of 6 (669 Views)
0
(0)
  • Rate this reply
View profile
Apr 2, 2014 8:24:34 PM
0
(0)
Mentor

The e-mails went to 20 or so adresses that I've sent to in the past.  Most were in my contacts, some were not.  At least one was an recipient that I only used once.  Others were people that had changed email addresses long ago, but I still had an old Sent message to them.

 

I understand that my address can be pasted into a "From" field.  But I don't know how such a wide range of addresses were taken from me.  There were never any cases where I would have sent a single email to that combination.

The e-mails went to 20 or so adresses that I've sent to in the past.  Most were in my contacts, some were not.  At least one was an recipient that I only used once.  Others were people that had changed email addresses long ago, but I still had an old Sent message to them.

 

I understand that my address can be pasted into a "From" field.  But I don't know how such a wide range of addresses were taken from me.  There were never any cases where I would have sent a single email to that combination.

Re: email account hacked - what's the next step

6 of 6 (655 Views)
Share this post
Share this post