Spam E-mail

In the last 2 or 3 days I have received several spam e-mails that appear to have been sent from my own e-mail account. I talked to the folks at my ISP and they suggested that a spy bot may have infected my machine. I am not sure what to do as I keep the Bit Defender updated daily. They suggested running running an anti spyware program, but Bit Defender has anti spyware incorporated in it doesn't it?

I changed my e-mail login info just in case thhttp://forum.bitdefender.com/style_images/2/folder_post_icons/icon10.gifey hacked into my account. What else can I do?

Find more posts tagged with

Comments

alexcrist

Hello Falstaff,

E-Mails are sent from one e-mail server (the Sender) to another (the Receiver <- you) using SMTP (Simple Mail Transfer Protocol). E-mails sent through this protocol have, besides the actual message (and, possibly, attachments) some headers (extra-info) which contains information about the sender, the receiver, message content (like encoding).

The e-mail headers also contain fields like From, To and Subject. While Subject can be edited by anyone before sending from the e-mail client (like Outlook, or web-based e-mails like Yahoo), most users are under the impression that the From and To fields are always set, cannot be changed, and contain valid info.

Actually, the From and To fields are simple fields in the header, and can be very easily forged so one could believe that an e-mail was sent by someone else (or you could even receive e-mails from <no sender>, or with <no receiver>).

My point is that I'm about 90% sure that nobody hacked into your account, nor you have an infection on your system. The e-mails that you received were just specially modified so it appears that YOU sent them. The idea behind sending this kind of spam is to make it very hard to filter, because:

- you cannot filter them by address/domain (it would mean to filter all e-mails coming from yourself)

- usually most antispam engines trust blindly e-mails coming from a known-source (like your own e-mail address).

And just to give you an example... in my GMail account, in the SPAM folder, I have hundreds of e-mails coming from "me". Also, I had this kind of problem on an Yahoo account, I talked to YahooSupport about it and they confirmed that the e-mails were modified.

EDIT: On the same idea: I even got back send-errors for some mails that I never sent, but which were rejected by antispam engines on other servers (and the message was bounced back to me, because the mails had modified headers and I was the presumed sender).

Cris.