ID theft? Virus? Email hack?

	Home Register Search Help Login

Sponsors

Shopping Cart Software
Ecommerce software integrated into Frontpage, Dreamweaver and Golive templates. No monthly fees and available in ASP and PHP versions.

Website Templates
We also have a wide selection of Dreamweaver, Expression Web and Frontpage templates as well as webmaster tools and CSS layouts.

Frontpage website templates
Creative Website Templates for FrontPage, Dreamweaver, Flash, SwishMax

Search Forums

Recent Posts

Todays Posts
Most Active posts
Posts since last visit
My Recent Posts
Mark posts read

ID theft? Virus? Email hack?

View related threads: (in this forum | in all forums)

Logged in as: Guest

Users viewing this topic: none

Printable Version

All Forums >> Community >> Computer Software and Hardware issues >> ID theft? Virus? Email hack?

Page: [1]


Starhugger Posts: 512 Joined: 4/12/2005 Status: offline	ID theft? Virus? Email hack? - 1/20/2007 10:55:58 Not sure what forum to put this in. Feel free to move it if another is more appropriate. Since 01-Jan-2007 I have received 332 (as of the moment I'm writing this; there will no doubt be more before I've hit OK) emails that are probably a virus but maybe something more. They all have these same characteristics: 1) They look like email that has bounced and been returned to sender (mailer-daemon, etc.)...except that I never sent the messages out. 2) The email IDs are a random series of letters in varying lengths (anywhere from 3 to 6 letters), which I never use. Example "abcdef@mysite.com" 3) They often come in spurts, suggesting they could be being churned out when someone turns on their computer and then stops when the computer is turned off. Most of them (but not all) have what appear to be the usual attachments for a bounced email: a txt file supposedly containing the bouncing server's error message details, and an email attachment supposedly with the original email that was sent. The body of the container email has what appears to be the usual message saying "we were unable to deliver your message, blah blah blah." I've never dared open any of the attachments because they have "virus trap" written all over them. I've tried emailing my antivirus software people (Trend Micro) to ask about these things, but they are headquartered in SE Asia and have apparently been thrown into communication chaos with the earthquakes that happened there over the holidays. None of my emails have been answered, and any phonecalls I've tried to make just get busy signals, which they warn about on their website. Until 2 days ago, my antivirus software has not identified any of these emails as a virus, even when I tried downloading unopened attachments and doing a separate scan on the files -- nothing. That's not unusual though, and my antivirus has always been good about squashing anything that comes out of its shell and threatens to infect me, so I don't get "too" worried about it (she said nervously). Two days ago finally some of these emails started getting flagged as viral when they come into my Inbox, as "PAK_generic." But if I understand the info in Trend's virus encyclopedia, this is an umbrella name for anything that looks suspicious as a zipped virus. And I'm not seeing anything in an online search for this name that seems to match the email characteristics. So it seems the jury's still out on exactly what this is. The weird thing is that not all of these "bounced emails" have attachments, which makes me wonder if they're more than just a virus on some viewer's computer. Maybe there really are emails being sent out saying they're from "abcdef@mysite.com" which are being bounced because there are so many of them??? Maybe a virus is spoofing its "from" field using my domain and a random ID name?? I guess I just wish I knew for sure what I was dealing with. If it's "just" a virus from a viewer, it's very annoying and a little unsettling to get these things but that's probably an occupational hazzard of having a website. I would just have to learn to live with it. But if this is also ID theft, where real emails are being sent out using my domain name, then maybe I should be looking into doing something about it. In the past I've seen what appear to be real emails bounced back to me, where some spammer scum has used my email address. But those always use email IDs that I use or have used, and I only get a few bounces at a time, not averaging 17 a day for 3 weeks straight. I do not have any forms on my website, so it can't be connected to that. I do have a lot of send-me-email links, many of which are now cloaked but some still aren't. And I send out newsletters twice a month. Has anyone ever had something like this happen? Any words of wisdom from anyone about this? Thanks in advance. Starhugger


jaybee Posts: 14144 Joined: 10/7/2003 From: Berkshire, UK Status: offline	RE: ID theft? Virus? Email hack? - 1/20/2007 11:46:02 I get boxes full of them every day. Spammers have got hold of your email and are using it to send out spam. The recipent server is blocking it and because it uses your address the bounce comes back to you. There will be hundreds more that are actually getting through. They could have got it off your site if the email is visible or they could have got it from somebody's machine who had your address in their address book and were running with a virus on their machine. It could have come from a site you registered on or left a message where the email is visible. It could be through unprotected forms on your site. Basically there is little you can do other than check to see if your address is open on the web anywhere and if it is, hide it fast then wait it out. Some of the incoming may well have viral attachments, most won't. The rubbish I get doesn't have my correct email. They are using my domain and shoving rubbish on the front. I don't block non specific addresses as some of my users are thick and can't get the address right no matter how many times I tell them so I don't bin anything. _____________________________ If it ain't broke..... fix it until it is. GAWDS Now where did I put that Doctype? (in reply to Starhugger)

Starhugger

Posts: 512
Joined: 4/12/2005
Status: offline

RE: ID theft? Virus? Email hack? - 1/20/2007 13:28:36

quote:

ORIGINAL: jaybee

I get boxes full of them every day. Spammers have got hold of your email and are using it to send out spam. The recipent server is blocking it and because it uses your address the bounce comes back to you. There will be hundreds more that are actually getting through.

How depressing!

I guess someone must have added my domain to a spammer list.

Can I say on an open forum what I would like to see happen to spammers?

quote:

Basically there is little you can do other than check to see if your address is open on the web anywhere and if it is, hide it fast then wait it out.

What do you mean by "open on the web" jaybee? Do you mean having my email address on a website somewhere, or just my domain name? My domain name is in a bunch of places since I have backlinks from other websites. Would these creeps not just take domain names and then add random email names to them?

quote:

The rubbish I get doesn't have my correct email. They are using my domain and shoving rubbish on the front. I don't block non specific addresses as some of my users are thick and can't get the address right no matter how many times I tell them so I don't bin anything.

I finally called my webhost about it and it seems I can pick my poison. I am using a catch-all email address that gets forwarded, and I could at least keep this trash from landing on my computer by forwarding email only to specific addresses...but then I wouldn't be able to see what kind of crud is being sent out, like this random-name bounced stuff. Or, I could delete the stuff manually and just live with it, but I find it upsetting and stressful to see all this stuff.

My plan is to contact my webhost's email admin on Monday and see if he has any recommendations. But it sounds like there's not much we can do to spare ourselves this slime without blocking legitimate stuff or blocking our awareness of what slime is being perpetuated in our names.

Did I mention what I would like to see done to these scumbags?

No, I guess I better not.

Thanks for your reply, jaybee.

SH

(in reply to jaybee)


caz Posts: 3518 Joined: 10/10/2001 From: Somewhere south of Chester, UK Status: offline	RE: ID theft? Virus? Email hack? - 1/20/2007 13:50:18 As jaybee says this is a common occurence and I have suffered it too. I have removed all the "catch all" addresses from my sites because frankly I just lost patience with it all. I have changed ISP's, but for other reasons and everyone whom I wish to have the new address has been notified, so after giving it a few months to make sure I have stopped collecting the previous ISP's email so the problem has reduced tremendously. However spam still arrives, but I know that taking steps to conceal email addresses and not using catch-alls has worked well enough so far. _____________________________ Do not meddle in the affairs of cats, for they are subtle and will dance, or more on your keyboard. Cheshire cat. www.doracat.co.uk I remember when it took less than 4hrs to fly across the Atlantic. (in reply to Starhugger)


Starhugger Posts: 512 Joined: 4/12/2005 Status: offline	RE: ID theft? Virus? Email hack? - 1/20/2007 15:15:08 Caz, then how do you know if someone is using your address to spam with or as a reply-to address, if you don't see everything that goes through your email address? Don't you worry that someone might be using your address for "evil purposes" and you wouldn't know it? BTW, there's a great email cloaking tool that either I found through this forum or I might have posted about it somewhere here. Anyway, here's the site URL: www.seowebsitepromotion.com/obfuscate_email.asp It uses ISO and/or HEX code in place of characters. I have found this tool and its method of cloaking very effective ...Although I messed it up later when I had a brain fart and put up uncloaked email links using those addresses, so I'm not 100% certain, but I never got spam to the cloaked addresses before that happened. SH (in reply to caz)


caz Posts: 3518 Joined: 10/10/2001 From: Somewhere south of Chester, UK Status: offline	RE: ID theft? Virus? Email hack? - 1/20/2007 15:35:00 quote: then how do you know if someone is using your address to spam with or as a reply-to address, if you don't see everything that goes through your email address? Don't you worry that someone might be using your address for "evil purposes" and you wouldn't know it? I watched it for over a year and yes I did worry at first but after talking to my host and to my ISP about it I became resigned to marking stuff as junk in Thunderbird then deleting. As I no longer use that domain/isp I really don't care what they do with these defunct addresses any more - teach them to distribute harvesters, all they'll get is rubbish and full mailboxes. The funny thing was that when I signed up with my new ISP and set up the email function I immediately got spam on that address but I hadn't yet used it any where!. You can worry too much. _____________________________ Do not meddle in the affairs of cats, for they are subtle and will dance, or more on your keyboard. Cheshire cat. www.doracat.co.uk I remember when it took less than 4hrs to fly across the Atlantic. (in reply to Starhugger)

Starhugger

Posts: 512
Joined: 4/12/2005
Status: offline

RE: ID theft? Virus? Email hack? - 1/20/2007 15:58:07

quote:

As I no longer use that domain/isp I really don't care what they do with these defunct addresses any more

So you had to change your domain name? Didn't that put you in G's sandbox for months? I have another domain name that I could use, but I assumed I'd have to start from scratch to get back to the same position in the search engines. Not to mention all the inbound links that are already out there.

I was talking about this with a friend today and he wondered if it might be the generic sounding domain names (that could have anything as its site topic) that probably get used most often by forging spammers. I thought that had a ring of reason to it. Anyone ever heard of that?

quote:

The funny thing was that when I signed up with my new ISP and set up the email function I immediately got spam on that address but I hadn't yet used it any where!. You can worry too much.

I'll bet someone had already been using that email name and you're getting their spam.

Starhugger

(in reply to caz)


caz Posts: 3518 Joined: 10/10/2001 From: Somewhere south of Chester, UK Status: offline	RE: ID theft? Virus? Email hack? - 1/20/2007 20:29:56 quote: So you had to change your domain name? Didn't that put you in G's sandbox for months? This was an email domain only, not a working site so there was no SE problem and I didn't change ISP's because of the spam, just because it had become a lousy ISP. I use my Gmail account now for when I am dubious and even there I use different aliases as the spam rolls in. _____________________________ Do not meddle in the affairs of cats, for they are subtle and will dance, or more on your keyboard. Cheshire cat. www.doracat.co.uk I remember when it took less than 4hrs to fly across the Atlantic. (in reply to Starhugger)


jaybee Posts: 14144 Joined: 10/7/2003 From: Berkshire, UK Status: offline	RE: ID theft? Virus? Email hack? - 1/21/2007 6:12:14 [image]Did I mention what I would like to see done to these scumbags?[/image]I bet mine would be worse than anything you can come up with. _____________________________ If it ain't broke..... fix it until it is. GAWDS Now where did I put that Doctype? (in reply to caz)


Starhugger Posts: 512 Joined: 4/12/2005 Status: offline	RE: ID theft? Virus? Email hack? - 1/21/2007 11:51:10 quote: ORIGINAL: jaybee [image]Did I mention what I would like to see done to these scumbags?[/image]I bet mine would be worse than anything you can come up with. Why choose? We could take turns!! SH (in reply to jaybee)


womble Posts: 5510 Joined: 3/14/2005 From: Living on the edge Status: offline	RE: ID theft? Virus? Email hack? - 1/21/2007 12:09:26 Ooooh yes! /dashes off to get equipment out of secret torture chamber _____________________________ ~~ "A cruel god ain't no god at all" ~~ (in reply to Starhugger)


caz Posts: 3518 Joined: 10/10/2001 From: Somewhere south of Chester, UK Status: offline	RE: ID theft? Virus? Email hack? - 1/21/2007 12:12:59 Don't forget to alert the Smut Brigade's hit squad _____________________________ Do not meddle in the affairs of cats, for they are subtle and will dance, or more on your keyboard. Cheshire cat. www.doracat.co.uk I remember when it took less than 4hrs to fly across the Atlantic. (in reply to womble)


walrus Posts: 545 Joined: 3/13/2003 From: London Status: offline	RE: ID theft? Virus? Email hack? - 1/21/2007 16:30:31 quote: /dashes off to get equipment out of secret torture chamber not a secret any more _____________________________ I hope The Boss isn't reading this, ...she thinks I program everything! (in reply to womble)


womble Posts: 5510 Joined: 3/14/2005 From: Living on the edge Status: offline	RE: ID theft? Virus? Email hack? - 1/21/2007 17:42:59 It's an open secret dear Walrus. And of course as Caz so rightly pointed out, the smut brigade's hit squad has very reasonable rates. _____________________________ ~~ "A cruel god ain't no god at all" ~~ (in reply to walrus)


Starhugger Posts: 512 Joined: 4/12/2005 Status: offline	RE: ID theft? Virus? Email hack? - 1/21/2007 17:59:32 I tend to be okay with most forms of smut, but spam is another 4-letter word that I think is far more harmful than most smut. But I love the thought of going after spammers with the same zeal that some people go after smut. So, Womble, tell us more about your instruments of torture. It's always good to know one's tools. SH (in reply to womble)


womble Posts: 5510 Joined: 3/14/2005 From: Living on the edge Status: offline	RE: ID theft? Virus? Email hack? - 1/21/2007 18:28:41 Okay, well without giving all of the smut brigade's secrets away, Madame Caz is in charge the torture chamber (Donkey spends an awful lot of time in there for some unknown reason ). The smut brigade hit squad's a different matter - Taz is in charge of that on the grounds that he likes mindless violence. I once got into a discussion on another forum about spammers and the purveyors of software used by spammers and an online friend of mine posted a link to bot software for forum spammers (hosted on a .ru domain - what a surprise!). She's a professional lady (not that sort of professional lady before the smut brigade start with the jokes), but her response as to what should be done to spammers was quite an eye-opener - she always seemed so quiet and gentle. There was one quite amusing incident when one of my forums gained a spammer from the Lebanon who was not only spamming, but we found out he'd been stealing content from the site and using it on his own (not a very bright spammer giving his real website URL). I gave my co-admin carte blanche to deal with him as he saw fit - this was just before Israel started bombing the hell out of the Lebanon. I did question whether setting the entire Israeli army on him was a bit OTT....his response? "Nah!" _____________________________ ~~ "A cruel god ain't no god at all" ~~ (in reply to Starhugger)


Starhugger Posts: 512 Joined: 4/12/2005 Status: offline	RE: ID theft? Virus? Email hack? - 1/23/2007 15:52:26 quote: I gave my co-admin carte blanche to deal with him as he saw fit - this was just before Israel started bombing the hell out of the Lebanon. I did question whether setting the entire Israeli army on him was a bit OTT....his response? "Nah!" LOL! Sounds like a good start to me! Maybe we should hire your co-admin to coordinate the campaign. Update: I just talked with my webhost. I'm told there's no realistic way to trace these brats. Even if there was anything legitimate in the full headers, they change servers so quickly that there's no point even trying. And often they email from someone else's hacked computer anyway. I asked about the possibility of my domain getting blacklisted by spam filters. They said that blacklisting is typically done using the originating IP, not the domain name. And most mail servers and ISPs check with the spam filter folks to make sure they're taken off any blacklist quickly (at least my webhost does). So that at least was a bit reassuring. I just find the whole thing upsetting. I guess I'd better get over it, eh? Starhugger (in reply to womble)


womble Posts: 5510 Joined: 3/14/2005 From: Living on the edge Status: offline	RE: ID theft? Virus? Email hack? - 1/23/2007 16:34:58 Aw, hugs Good news that blacklisting's done using the originating IP and not the domain though, but I know what you mean. Last year when my bank account somehow got hijacked it really upset me that some faceless morons were causing me so much grief and there wasn't a thing I could do about it. quote: LOL! Sounds like a good start to me! Maybe we should hire your co-admin to coordinate the campaign. Could do, but he's gone AWOL at the moment......and when I catch up with him he's gonna get a good slapping for not doing the upgrade he should have done last month. _____________________________ ~~ "A cruel god ain't no god at all" ~~ (in reply to Starhugger)


Starhugger Posts: 512 Joined: 4/12/2005 Status: offline	RE: ID theft? Virus? Email hack? - 1/23/2007 16:44:25 quote: quote: LOL! Sounds like a good start to me! Maybe we should hire your co-admin to coordinate the campaign. Could do, but he's gone AWOL at the moment......and when I catch up with him he's gonna get a good slapping for not doing the upgrade he should have done last month. Sounds like a job for Madame Caz. SH (in reply to womble)

Page: [1]

All Forums >> Community >> Computer Software and Hardware issues >> ID theft? Virus? Email hack?

Page: [1]

Jump to: 1

New Messages	No New Messages
Hot Topic w/ New Messages	Hot Topic w/o New Messages
Locked w/ New Messages	Locked w/o New Messages

Post New Thread

Reply to Message

Post New Poll

Submit Vote

Delete My Own Post

Delete My Own Thread

Rate Posts