Aces High Bulletin Board
Help and Support Forums => Technical Support => Topic started by: DmdBT on February 12, 2004, 05:59:25 PM
-
While this is not related to AH I have come across an interesting problem. Someone has hijacked my email and I keep getting "mail undelivered" messages and warning about having my ip blocked because someone is either using my email or using my address as the return address and sending mass spam mailings. My questions are 1. How do I stop this? 2. What legal action can I take against the abuser? and 3. Am I legally liable for this stuff?
I ran ad-aware and spybot but they show nothing, haven't used or given out this email addy on any off the wall sites.
The last thing I want is to have my service provider drop me over something I am not doing.
-
I'm not an expert by anymeans, but contact your ISP.. Let them know what is going on.. I'm sure they have logs or something..
Change your password, if possible.. Delete that email and get a new one.
Good luck.
-
Originally posted by DmdBT
While this is not related to AH I have come across an interesting problem. Someone has hijacked my email and I keep getting "mail undelivered" messages and warning about having my ip blocked because someone is either using my email or using my address as the return address and sending mass spam mailings. My questions are 1. How do I stop this? 2. What legal action can I take against the abuser? and 3. Am I legally liable for this stuff?
I ran ad-aware and spybot but they show nothing, haven't used or given out this email addy on any off the wall sites.
The last thing I want is to have my service provider drop me over something I am not doing.
Some information would help...
1. connection type
2. anti-virus program
3. firewall (software or hardware and type)
I worked for a ISP and we gave our customers a time frame to fix it before dropping them. That's if they weren't aware of what was going on...we did have people who faught us going on about 1st amendment rights.:rolleyes:
-
someone *else* you know that you've used this email with has a virus that is spoofing your addy as the "from" (you're in their address book). run a virus scanner and in all probility you'll come up clean. maybe not, but i think so. this same thing happened to me and i could eventually figure out who was infected and let them know about it.
what you can do is try and figure out who you know that might be infected based on some of the email addresses (they also come from their addressbook) that you're getting those undeliverable messages based on.
-
ya scan for virus and install a firewall<~~my buddy had his ebay account jacked and email,,and they were selling 52inch flat screens tvs for 1200bucks buy it now!!,,lucky he called me and we talked to ebay and deleted his account
then his mouse was moving up on its own!! and clicking on internet exployer and would start going to ebay and clicking on stuff on its own!! and when ya tried to stop it a error message would pop up and it said,,master says no!!!<~~i couldnt beleve my eyes,,i never seen a computer so took over in my life!!,,lol had his email,,his ebay account his internet dsl account,,even had controll of his computer long as it was hooked up,,he had spybot too and it didnt help,,and anti vitrus checker,,nortons and avg,,didnt get rid of him
i unhooked his computer from the dsl line,,i downloaded zonealarm free edition and stuck it on cd for him,,we installed it,,changed all his passwords to everything,,and he never had a problem sence,,so you mite wanna try a firewall if your being took over:)
-
hyena that sounds to me like a shadower. I knew a guy that did it for kicks after the court banned him from computers or internet activity.
He hack into the net itself and wait till he saw someone with out a fire wall and "shadow him till he logged. ONce he logged he could change passwords log in and out of anyhting he wanted and no one would know that he was there, unless he wanted them to know. He could take over at anytime from the original user and surf all he wanted, buy what ever he wanted, ie if the user kept his cc in his memory. To my knowledge there was no way to track him.
This sort of thing scares the bajeebees outta me.
Just my 2 cents worth :(
-
Btw that really is a true story!
-
First off, eliminate the obvious.
Do you have a single user computer or do other people use your computer (e.g. a family computer or perhaps a home network).
In about 95% of the cases of stolen passwords, the person who stole the password has direct access to the computer. Face it, most people on computers have zero knowlege of security. How many computer users do you think believe their computer is locked because it has a window's password?
In the 5% of account passwords that are stolen by strangers, most are easy to crack passwords (e.g., "love" "fish" "butterfly" etc.). The next group is given verbaly or written down as part of a scam (e.g., fake support forms, fake support telephone calls). But the group that gets the most media attention and do in fact tunnel past your security, is what Krull mentioned. I would guess they make up less than .001% of security breaches.
Lets face it, "Little brother steals sibling's password" doesn't sell papers.
-
I've contacted Comcast and am working with them to track the problem. On their suggestion I started by downloading and running Norton antivirus which came up empty. Now I am sending them copies of the emails I am getting directly to their internet service abuse center. Haven't heard a snippet from them in several days and am starting to wonder if they are actually doing anything or not.
I'll post again as soon as I get more information, hopefully it may help someone else out there as well.
I have a single user computer... just me. My daughter has her own computer which is NOT connected to the internet and my wife doesn't know my email address info as I made her a hotmail account. I have cable access and no firewall as of yet because I'm not very computer literate and I hear they can be a bear to set up and maintain.
Thanks for the help and suggestions thusfar.
-
I had this and ran spybot and adaware. Which didn't seem to help much, been a long time ago. I think I finally made it so I had to input a password before I could get or send mail and that stopped it. Can't remember if I ever found what caused it or not.
-
If you're absolutely sure no one else is using your computer, then yea, I'd start suspecting something more sinister. First get Zonealarm. Its free and examines programs on your computer that try to act as servers (send info over the net). Its very easy to use and there is a lot of help documentation.
Then change the password on your email account to something not found in the dictionary. Write it down and keep it somewhere safe. There's less danger of someone finding that piece of paper and knowing what it is, than someone cracking an easy to remember password. I don't know what email program you use, but if its Outlook Express, you want to change its default settings so that it only displays text and not html pages (tools/options/ read tab). You also want to disable the preview pane.
There are many other things you can do to make OE more secure. Just search +"outlook express" +security +settings on google and I'm sure you'll get a lot of info.
-
Ya your ringing some bells helping me to remember when this happened to me. I believe I changed my passwords on my mail account and then made it so I had to input my pasword to access it (just in case t was on my system). I never did find anything on my puter. I believe they had my email which basicly gave them everything they need to use my account other than the password, and then used a program or something to crack my password. After I changed my password the problems went away. I was getting tons of spam mail kicked back to me. This seems to happen above the norm with comcast. In my case I'm not even sure if they were doing anymore than just using me for a return address. Luckily it only went on for about a week and then they probably found another victim to pester. The worse part was getting angry mail from people who hate spam. I felt obligated to explain to them I had nothing to do with it :P
-
hyena that sounds to me like a shadower. I knew a guy that did it for kicks after the court banned him from computers or internet activity.
yup thats what he was doing,,was searcing for people with out a firewall,,,i think its plain silly to run with out a firewall now days,,it aint complete protection,,but!! it will stop the average hacker cold,,so many of my freinds ran for years with out firewall,,and one by one,,they kept getting there passwords stolen
I've contacted Comcast and am working with them to track the problem. On their suggestion I started by downloading and running Norton antivirus which came up empty.
i know alot of freinds thats been hacked the same way your talking about,,and changing your password and talking to your internet provider will rarely help,,,my freind from earthlink had there password stole,,,she called them,,they said about the same thing,,download nortons,,and change password,,it didnt help,,every day she would get booted offline because some one was signing on her account,,and senidng out bogus emails with more hacker stuff in,,so they can hack all her freinds,,you need to try a firewall,,very easy to install
http://www.zonelabs.com/ <~go here and download there free softwear and it should help if your still having hacker proublems,,it wont slow down your computer much to have it runing either,,i even run mine while playing aces high,,doesnt give me any lag or anything
-
Being an Earthlink user I get loads of fake 'offoicial' e-mails from earthlink requesting such data. When I get them I forward them to fraud@earthlink.net and I'm sure other ISPs have a similar thing. Even if it looks real and the address looks legit using properties > details > message source on the e-mail , I will still usually phone them to do the work and rarely do it over the net.
A little paranoia is a good thing.
-
Cable internet connections are even more prone to hacking than DSL. You need to be careful with them. As stated, if you aren't that computer literate, download the free edition of Zone Alarm and run it. It will warn you for each process that's trying to use the internet and warn you on incoming traffic also. I finally shut off the pop up for incoming traffic because it was amazing how many people tried to access the computer.
-
in those emails from ..... well they appear that they are from... Ebay, PayPal and so on, requesting you update your info, "click on the link and file out the form" type thing. You can click on the link and go to the page.... which will look surprizingly like an Ebay page or PayPal page. Just replace the address with this
javascript:alert("The real URL of this site is: " + location.protocol + "//" + location.hostname + "/");
and hit enter. Its a small java script that will show you the real address, stripping away all the domain names that happen to look like a true address, but is hiding the real address.
Still if your not sure, don't fill out any forms unless you got to the site by typing in the address yourself.
-
MadDog,
Just wanted to say that your last bit of advice is something most people forget! Internet fraud is not a whole lot different than other theft crimes/scams. Everyone should know not to "give" information about themselves to someone who calls them on the phone. If you don't initiate the call, don't give any information. Its no different on the web. I'm glad you posted that, so many people forget the basics.
As far as this post, i wanted to say that comcast is pretty good about following up on this type of activity.
Its a wonderful and scarry world.
Mikka
-
what Shane said - someone who has you in their address book has the virus and is sending it out making it look like it is coming from your email account. when the mail servers block it, it returns to you.
like Shane said, figure out who is infected and tell them to fix it..
-
If you have a cable connection, you require a firewall. No ifs, no buts. ZoneAlarm is about the best personal firewall I've seen.
-
Originally posted by sonar732
Cable internet connections are even more prone to hacking than DSL. You need to be careful with them. As stated, if you aren't that computer literate, download the free edition of Zone Alarm and run it. It will warn you for each process that's trying to use the internet and warn you on incoming traffic also. I finally shut off the pop up for incoming traffic because it was amazing how many people tried to access the computer.
Careful. Do not assume someone is trying to access your computer intentionally. Whenever Windows starts (from Windows 95 and up), it broadcasts itself over the Internet connection.
Everyone on your local node, that happens to be on the same subnet will get that broadcast, and if it is not blocked, they will respond as well.
So, when you see a 'hit' on ZA, do not assume it is intentional. It simply may be someone booting their computer, or shutting it down, as Windows does a final broadcast when it powers down as well.
Another broadcast occurs whenever DHCP runs, but it is slightly different and I hope ZA does not announce that as a hit too.
People who know little about networking get ultra paranoid about these innocent hits when there is no need to.
-
If you want to check where a message actually came from and are using Outlook Express (too many people do), all you have to do is right click on the email in the InBox, select Properties, then Details.
The second line from the top shows the IP address and domain (if any) from where the email came from. NOTE: Only pay attention to the information in the {}/[]. The leading description can be forged.
-
Good point, I'll remember that one
Thanks
-
If you have Outlook 2000 or XP, just right click on the email and then go to options. The message header will show up in the bottom. Also, I don't have cable internet...I've got Verizon DSL. You should remember this Skuzzy with all our emails back and forth...:rofl