• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Um, wtf? Apparently I sent an email to all my contacts

PieIsAwesome

PieIsAwesome

Diamond Member
My friend tells me he received an email from me with a link to rapidshare for a file called "Install.exe." Rapidshare says:

"This file is suspected to contain illegal content and has been blocked. After the file has been blocked for 7 days it will automatically be deleted, if the block is not removed by RapidShare. For this reason, a download of this file is currently not possible."

I never actually sent such an email, and I checked my outbox and sure enough apparently an email was sent from my address to everyone on myc ontacts list. My assumption is:

My email has been hijacked, the install.exe is some sort of virus or keylogger or trojan. Anyone encounter something like this?
 
You probably have a virus/worm/trojan. Download hijackthis and spybot s&d and run a full scan. After updating the definitions files, disconnect your internet connection
If you've downloaded any files recently and they're under 10MB, upload them to an aggregated virus scanning site like virustotal and see if anything pops up.
 
Originally posted by: PieIsAwesome
My friend tells me he received an email from me with a link to rapidshare for a file called "Install.exe." Rapidshare says:

"This file is suspected to contain illegal content and has been blocked. After the file has been blocked for 7 days it will automatically be deleted, if the block is not removed by RapidShare. For this reason, a download of this file is currently not possible."

I never actually sent such an email, and I checked my outbox and sure enough apparently an email was sent from my address to everyone on myc ontacts list. My assumption is:

My email has been hijacked, the install.exe is some sort of virus or keylogger or trojan. Anyone encounter something like this?
Click to expand...

And how do you think the virus got your local contacts to spread itself to? You likely have a virus already running on your infected computer.
 
Eh I already have an active antivirus and apparently this occured on tuesday. On tuesday I logged into my gmail account using a school computer to upload some notes I typed, so I am guessing thats where the virus was. It makes sense because it seems only my gmail account was affected. Don't see where else I could have possibly picked up a virus these past few days, I've been busy lately.

Running a virus scan anyways, and changing all my passwords.
 
Definitely sounds like you have a trojan/virus of some kind

Last week, I got an email from a guy I went to school with. The message text said:

"I hate all of u.

Go to hell and eat shit!"

This had been sent to everyone in his address book...including his mom, little kids in the family...professors, everyone.

I wrote back and thanked him for finally being honest about how he felt...😀

Apparently, he had been online at school and didn't log out of his email....😛

Got what he deserved there. 😛
 
It's also ridiculously easy to fool a mail server using Telnet. A message with a "safe" domain name (Picking microsoft.com because I'm lazy) will fool some email content checkers. If I tried I could send you an email from BillIdiotGates@microsoft.com because the mail system gateway just thinks "that's not a domain I recognise" and pushes it out to the internet. It wouldn't be coming from microsoft.com and could just as easily come from my theoretical domain john@doe.com.
 
Originally posted by: BoomerD
Definitely sounds like you have a trojan/virus of some kind

Last week, I got an email from a guy I went to school with. The message text said:

"I hate all of u.

Go to hell and eat shit!"

This had been sent to everyone in his address book...including his mom, little kids in the family...professors, everyone.

I wrote back and thanked him for finally being honest about how he felt...😀

Apparently, he had been online at school and didn't log out of his email....😛

Got what he deserved there. 😛
Click to expand...

and the million-dollar question: how disappointed were you that he didn't write it? 😀
 
Originally posted by: mekon
It's also ridiculously easy to fool a mail server using Telnet. A message with a "safe" domain name (Picking microsoft.com because I'm lazy) will fool some email content checkers. If I tried I could send you an email from BillIdiotGates@microsoft.com because the mail system gateway just thinks "that's not a domain I recognise" and pushes it out to the internet. It wouldn't be coming from microsoft.com and could just as easily come from my theoretical domain john@doe.com.
Click to expand...

spoofing...
 
Originally posted by: mekon
It's also ridiculously easy to fool a mail server using Telnet. A message with a "safe" domain name (Picking microsoft.com because I'm lazy) will fool some email content checkers. If I tried I could send you an email from BillIdiotGates@microsoft.com because the mail system gateway just thinks "that's not a domain I recognise" and pushes it out to the internet. It wouldn't be coming from microsoft.com and could just as easily come from my theoretical domain john@doe.com.
Click to expand...

But that wouldn't give you access to all his contacts.
 
Originally posted by: BoomerD
Definitely sounds like you have a trojan/virus of some kind

Last week, I got an email from a guy I went to school with. The message text said:

"I hate all of u.

Go to hell and eat shit!"

This had been sent to everyone in his address book...including his mom, little kids in the family...professors, everyone.

I wrote back and thanked him for finally being honest about how he felt...😀

Apparently, he had been online at school and didn't log out of his email....😛

Got what he deserved there. 😛
Click to expand...

the number of times i saw this in college was disturbing, people would leave their GMail/Hotmail accounts up with bank info among other things all the time.

I was always tempted to do similar things but always sent themselves an e-mail telling them to be careful next time and logged them out 🙁
 
Originally posted by: CZroe
Originally posted by: mekon
It's also ridiculously easy to fool a mail server using Telnet. A message with a "safe" domain name (Picking microsoft.com because I'm lazy) will fool some email content checkers. If I tried I could send you an email from BillIdiotGates@microsoft.com because the mail system gateway just thinks "that's not a domain I recognise" and pushes it out to the internet. It wouldn't be coming from microsoft.com and could just as easily come from my theoretical domain john@doe.com.
Click to expand...

But that wouldn't give you access to all his contacts.
Click to expand...

and it wouldn't be in his sent folder
 
Originally posted by: PieIsAwesome
Eh I already have an active antivirus and apparently this occured on tuesday. On tuesday I logged into my gmail account using a school computer to upload some notes I typed, so I am guessing thats where the virus was. It makes sense because it seems only my gmail account was affected. Don't see where else I could have possibly picked up a virus these past few days, I've been busy lately.

Running a virus scan anyways, and changing all my passwords.
Click to expand...

malware != virus.

If malware is causing the problem, then your virus scan won't fix it. You need a program like the afore-mentioned Malwarebytes.

Edit: I just read the part about the school computer. However, it's still a good idea to run a malware scan monthly. If you've never run one before, don't be surprised if it finds hundreds of spyware and malware.
 
You got phished. Change your password. It has been logging in as you from a zombie machine and sending mail.
 
Too many different answers, all could be true. The fix varies slightly depending on where the problem is.

1. His e-mail password could have been phished. Scan machines you use to access your e-mail with malware AND virus scanners. Change your password once your machine is clean.

2. His PC is infected with malware OR virus. Scan machines you use to access your e-mail with malware AND virus scanners.

3. Someone PC who has the OP in their address is infected with malware or virus and is spoofing his e-mail addy. Scan machines you use to access your e-mail with malware AND virus scanners. If they are clean, you must educate yourself and others on spoofed e-mail addresses.

I recommend doing all scans under safe mode on an account with admin rights.
 
Well I did a full scan with avira and malwarebytes and nothing came up. Thought it was kinda strange to have any sort of infection because I am currently using the Windows 7 trial (downloaded from microsoft) that I installed only 6 days ago, and part of my usual "setup fresh windows install" routine involves installing avira.

I can't really think of where I could have been phished on my home computer. The email address that was compromised is used for nothing except uploading files from school. Infected school computer seems to be the most likely cause.

Thanks for help.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top