WTF??? Has someone hacked my email addy and is using it to send spam??? ***UPDATE*** I think I found them!

[silverpig]

update: I think I found them. Asian Pacific Online... hmmm

Is this possible? In the past two days I've gotten "mail undeliverable" messages like crazy, for mail that I haven't sent. What's more, the addresses I'm apparently sending mail to look like I'm testing various combinations of addresses in hopes that one works:

The original message was received at Tue, 25 Mar 2003 08:18:05 +0800 (CST)
from TC218-187-135-105.adsl.pl.apol.com.tw [218.187.135.105]

----- The following addresses had permanent fatal errors -----
<liao@ms1.tisnet.net.tw>
<liaw@ms1.tisnet.net.tw>
<lida@ms1.tisnet.net.tw>
<lily@ms1.tisnet.net.tw>
<ling@ms1.tisnet.net.tw>
<link@ms1.tisnet.net.tw>
<lisa@ms1.tisnet.net.tw>
<look@ms1.tisnet.net.tw>
<mail@ms1.tisnet.net.tw>
<mary@ms1.tisnet.net.tw>

----- Transcript of session follows -----
mail.local: over liao per user's quota size
mail.local: over liaw per user's quota size
mail.local: over lida per user's quota size
mail.local: over lily per user's quota size
mail.local: over ling per user's quota size
mail.local: over link per user's quota size
mail.local: over lisa per user's quota size
mail.local: over look per user's quota size
mail.local: over mail per user's quota size
mail.local: over mary per user's quota size
554 <liao@ms1.tisnet.net.tw>,<liaw@ms1.tisnet.net.tw>,<lida@ms1.tisnet.net.tw>,<lily@ms1.tisnet.net.tw>,...,<lisa@ms1.tisnet.net.tw>,<look@ms1.tisnet.net.tw>,<mail@ms1.tisnet.net.tw>,<mary@ms1.tisnet.net.tw>... Service unavailable

That's in the body of the email.

It appears that I'm forwarding this email:

Subject:
fw &#32765;
From:
chuchao2000@yahoo.com.tw
Date:
Tue, 25 Mar 2003 08:18:05 +0800 (CST)
To:
ian@ms.tcfnet.net.tw

This forward is just a bunch of coloured bars with ???? all through them.


Apparently, I tried to forward that above email to those addresses I listed. They addresses have something wrong with them, so I get a service email saying that my emails failed. I DID NOT ever send these emails.


Here is the header (I think):

The original message was received at Tue, 25 Mar 2003 08:18:05 +0800 (CST)

WTF is going on?

 

[GoodToGo]

You have a virus most likely.

 

[Greyd]

Are you on a wireless network? Did you set up security for it?

 

[silverpig]

No wireless network. It's a netgear router and then my computer. I'm running NAV 2003.

 

[MercenaryForHire]

Originally posted by: silverpig
No wireless network. It's a netgear router and then my computer. I'm running NAV 2003.

Trojaned? 0wnt in some other fashion? Or just the victim of a spoofed return address?

- M4H

 

[Afro000Dude]

Happened to me once. AOL shut down my account cuz "I" sent like 30 different messages in 2 minutes or something like that.

 

[silverpig]

Originally posted by: MercenaryForHire

Originally posted by: silverpig
No wireless network. It's a netgear router and then my computer. I'm running NAV 2003.

Trojaned? 0wnt in some other fashion? Or just the victim of a spoofed return address?

- M4H

I don't think so. I'm pretty careful about what I download/run. It's odd because it says that the address doing the sending is to ian@ms.tcfnet.net.tw and I don't have an email address even close to this.

 

[Zenmervolt]

Someone who has your address in his address book most likely has Klez. Klez sends itself out and spoofs the E-mail addresses it finds in the address book. So if someone with your E-mail address in their address book gets Klez, Klez can send out E-mails that look like they came from you even though they came from another computer.

ZV

 

[silverpig]

Originally posted by: Zenmervolt
Someone who has your address in his address book most likely has Klez. Klez sends itself out and spoofs the E-mail addresses it finds in the address book. So if someone with your E-mail address in their address book gets Klez, Klez can send out E-mails that look like they came from you even though they came from another computer.

ZV

Phew. I hope that's all it is then.

I've got NAV doing a full system scan now. It's odd though, cause wouldn't Klez try to email itself out? This email had no virus attached to it...

 

[Vincent]

The same thing happened to me with my yahoo address. I wouldn't worry about it.

 

[Antisocial Virge]

It could be a spammer has used your email address in his forged headers. If thats the case expect lots more bounces and angry emails. A guy on another message board I read is having the same problem due to spammers.

EDIT: The way the email addresses are just a little diff from each other also is evidence of this. I would lay $$ this is because of a spammer.

 

[Zenmervolt]

Originally posted by: silverpig

Originally posted by: Zenmervolt
Someone who has your address in his address book most likely has Klez. Klez sends itself out and spoofs the E-mail addresses it finds in the address book. So if someone with your E-mail address in their address book gets Klez, Klez can send out E-mails that look like they came from you even though they came from another computer.

ZV

Phew. I hope that's all it is then.

I've got NAV doing a full system scan now. It's odd though, cause wouldn't Klez try to email itself out? This email had no virus attached to it...

The ones that get bounced back as "undeliverable" don't have any attachments on them. The servers don't bounce the attachments back.

ZV

 

[Mucman]

Ouch... I am guessing a spoofed from address... Last summer I had to deal with a customer who had
their e-mail addressed used as a spoofed FROM header for sending child porn. Ended up getting the RCMP
involved!

 

[silverpig]

Dammit! I just got another one!

I'm gonna email my ISP just in case.

 

[silverpig]

I think I found them.

Bastards

Now to fire off some nasty emails.

 

[zsouthboy]

Originally posted by: silverpig
I think I found them.

Bastards

Now to fire off some nasty emails.

Kick their freaking asses! Die spammers, die! :|

 

[silverpig]

Originally posted by: zsouthboy

Originally posted by: silverpig
I think I found them.

Bastards

Now to fire off some nasty emails.

Kick their freaking asses! Die spammers, die! :|

I sent a polite email, and I'm now in the process of forwarding every single email I get because of them. If that doesn't work, I'll send a less pleasant email, and get my ISP involved...

 

[silverpig]

Okay, so I emailed the bastards and this is how they responded:

Dear Sir:
According to the e-mail you send former,
that was because the receivers' e-mail box quota
has excess.

This question will be solve, if the receivers delete some
e-mail.

Best Regards

Asia Pacific Online

I can tell this is gonna take a while...