Friday, October 7, 2011

Help?

Twice in the last month, my personal email account has been accessed by spammers. Personal email, not the editor account, so I have far fewer addresses in that book, but it's still pretty packed.  The hackers -- or spoofers, perhaps -- flood everyone in my address book with spam, but near as I can tell, that's all they're doing. The first time, I was online within moments of it starting thanks to a wise friend with my cell phone number. (Thanks, Sunny!) I changed my password and it seemed to stop the spam cold. They only got to about a third, if that, of my address book.

This morning, I woke up to a mess in my inbox. Hundreds of mailer daemon bounces, and close to the same number of complaint emails from people wanting me to know that it happened again. I don't know that they got to everyone in my address book, but it has to be darn close.

So here's the thing. I think my computers -- both the laptop and the desktop -- are like mini-fortresses. I run mozilla instead of IE (with a host of add-ons for security), two different antivirus programs, a firewall, and an anti-keylogger (thanks to a certain former boss who made it necessary, not because of anything to do with the hacks).

What else should I be doing at this point to shut this down? I don't store any financial information on my computer, so I think that's about as safe as it can be, though I do wonder if it would make sense to change passwords on my paypal account. I know that several of our readers are very smart about computers and tech things, so I'm asking for help. All advice is gratefully received.

By the way, I think they might be getting to me from yahoo groups. It was a good excuse to go through and clean out my groups roster. Amazing how many random groups I belonged to that I had totally forgotten about.

Theresa, annoyed

7 comments:

Jenny said...

Theresa,

The huge number of maeler-daemon messages suggests that they didn't hack your account. What they probably did was use your publicly visible email address as the "reply-to" address they supplied in the header of the spam. They may have found it online or they may have found it in the address book of someone not as vigilant as you are.

This has happened to me in the past and there is nothing you can do about it as it has nothing to do with your computer. It usually is over in a day or two.

Edittorrent said...

There's some comfort in that, Jenny. Thank you. I still want to be sure I'm doing everything I possibly can, but I don't know what else to do. Hate this!

Thanks!
Theresa

Julie Harrington said...

Yeah it could be someone has simply used your email as the reply to. The easiest way to find out if you sent the initial email is to check your sent folder and see if you actually sent out some kind of spam. If it's not in that folder (assuming you save all sent messages in the first place as a default), then you actually didn't sent it. Darn spoofers!

You could also take your machine in to your local computer place and have them run a diagnostics on there just to make sure something hasn't attached itself deep into your system where your antivirus isn't catching it. If there is, they can deworm it for a reasonable price.

JT

Miles said...

Hold on -- if they're sending the spam specifically to the people in your address book, that would seem to indicate they do have access to your account. And I'm really not sure it would show up in your sent folder either way.

There are a few different vectors they could be attacking from. If you're pretty sure your computer isn't compromised, how strong is your email password? You should definitely change it again if you haven't already. The best would be something long (like a passphrase rather than a password) with numbers and special characters in it.

Another thing to be careful of is the links you click in your email. You probably are already aware of this, but if you have clicked any suspicious links recently that could be a factor.

Do you check email on your phone or other devices? Could those devices be compromised?

green_knight said...

As others have said, if it went to your address book and no-one else, your account got compromised; if it went to lots of strangers, creating lots of bounces, someone hijacked your address.

Which provider are you using? hotmail is notoriously insecure (and frequently a target of hackers; gmail seems fairly secure, everything else is inbetween. If it's an account with an ISP, contact them; they should have log files to at least show when the damn things were sent.

Have you ever used the 'check whether any of my friends are on this service' feature? (LJ, Facebook, G+, whatever?) That means you've given a third party access to your account, and a fourth party might have intercepted your password.

This is frustrating and infuriating, but in the end, I don't think we, as individuals, can win the war - the bad guys are very sophisticated and have lots of time and resources to throw at it.

Annette said...

I don't know if this will help you at all (most of it flew right over my head), but here's a discussion from a while back on Absolute Write about email hacking.

http://www.absolutewrite.com/forums/showthread.php?p=5847456#post5847456

Good luck!

Edittorrent said...

Thanks, everyone, for your help. Yahoo is involved now and they're taking steps to protect my account. Some asshole in Texas keeps hijacking it. Password changes don't stop it from happening -- if only it were that easy.

This has taken a remarkable amount of time to resolve. Well, not resolve, really, as it's still ongoing. But I stopped storing email addresses in my address book, and that at least has protected my friends from repeat spams from my account.

Theresa