Results 1 to 1 of 1

Thread: Some AOL, MSN, Hotmail and Yahoo email accounts are being hijacked by Spammers!

  1. #1
    TM: Administrator Chat with me Peter Walker's Avatar
    Join Date
    Jul 2002
    Location
    NRW, Germany
    Posts
    1,606
    Thanks
    107
    Thanked 948 Times in 387 Posts
    Blog Entries
    1

    Exclamation Some AOL, MSN, Hotmail and Yahoo email accounts are being hijacked by Spammers!

    Do you have an AOL, MSN, Hotmail or Yahoo email account?

    As the admin of this forum, my email accounts are known by thousands of members. Due to various anti-spam measures in place, the amount of normal spam I receive is actually quite low - perhaps 4-5 such messages a day.

    However recently, I noticed that I am receiving an ever increasing number of unusual emails from known members of the forum, and elsewhere. After seeing and analysing many of these emails, I have detected a disturbing pattern - disturbing enough to want to warn our members about.


    The emails in question almost always have the following attributes:
    • The email being sent to me is from an email address I am already familiar with, e.g. a forum member's email address
    • The message is being sent from their email account, not spoofed in any way
    • As the person is already known, the message is not stopped by my spam filter
    • The subject line is nearly always empty
    • The message is being sent to about 10 different email addresses - I often recognise some of them (if they are member's too)
    • The text body is either empty (trial run) or contains little more than a harmless looking link
    • If you click on that link, you are taken to the spammers page - usually for a certain blue pill




    I have often replied to the known email addresses to find out what happened. If almost every case, the owner of that email account was unaware this was happening. They had certainly not sent the messages themselves.

    It appears that spammers have managed to somehow obtain access to the email accounts of a large number of online email account like from aol.com, msn.com, hotmail.com, yahoo.com, etc.

    They are able to access the online address books of these accounts and send their spam out through the actual accounts, without the account owners known!

    I do not know how they obtained the passwords, etc. to do this, but they must of found a way of breaking the security of these sites. It could also be that these members have simply used weak passwords which the spammers could test for (dictionary attack).

    I have checked the email headers and these emails are coming from the respective aol.com, hotmail.com, etc. servers, they are not spoofed emails but normal emails from the members own email accounts.

    If you have an email account with any of these providers, I strongly suggest that you immediately change your email password to something which consists of a number of letters and numbers and is not found in the dictionary. This should prevent your account being misused in this way.

    An example of a strong password is something like this: $tr0ngPa$$Word

    In my experience, once the password has been changed, the spammed emails are no longer sent out.

    If you have such an online email account, change your password today!

    Please note, this problem is not related to the forum itself. I have seen this happening to people that are not members of this forum, too.

    I have not seen this happening to non-online email accounts. They were nearly always from the email providers named above. All the same, if this happens to you, I strongly suggest running a full anti-virus scan of your computer and changing any other passwords you have as well. The spammers may have been able to access more than just your email account!

    If you receive such emails from people you know as well. Please write back letting them know their email accont has been comprimised. This will help them to have it stopped as soon as possible.

    You can refer your friends to this thread for further info. It can be seen by anyone (membership not required) at this address: http://www.rifeforum.com/spam


    Important: Scan for viruses
    As some providers claim this issue could be caused by a virus, malware, etc., I strongly suggest ensuring your Anti-Spam software is up to date and then performing a full scan of your system.


    Support from Email Providers:
    The email providers have created their own pages describing this problem which I have listed here:

    AOL Help have now released the support page: The sent folder or outbox contains email that I didn't send.

    Hotmail have released a support page about this problem. If you have a Hotmail account, please click here for full details.

    Yahoo have a general support page about this problem:What should I do if I think someone has accessed my account?
    Attached Thumbnails Attached Thumbnails Click image for larger version. 

Name:	spam_email.png 
Views:	14945 
Size:	34.4 KB 
ID:	1150  
    Last edited by Peter Walker; 11-25-2010 at 20:35. Reason: Added links to AOL, Hotmail and Yahoo support pages

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •