spam sent to my contacts
Spam email has been sent to the contacts list in my address book "from" my hotmail account. I have another account in this list and I received the email and saw the cc list to 13 other contacts and that is how I know which list was hacked. I have changed the password on my hotmail account but I am wondering how the address list was accessed. the emails do not show in either hotmail nor thundebird sent folders. any help would be appreciated
All Replies (3)
If any "hacking" has taken place, it's perhaps more likely to have been on a webmail account such as hotmail rather than via your own computer. It's trivial, and usual practice, for a spammer to use other people's names in the "from:" address box. After all, he wouldn't use his own address, would he?
Do you have an address book in the hotmail account (that is, in addition to any address books in Thunderbird itself)?
Do you have any examples of the sent stuff? Inspection of a message's headers normally shows that it wasn't sent using your email account or even your computer.
Do you, or family members, or friends, or colleagues, frequently send messages to long lists of people? Jokey emails are often carelessly re-forwarded with a huge accumulation of previous addressees, providing rich pickings when they fall into the wrong hands. Or let's put it this way; if some third party had been able to read email messages sent by you, could they have gleaned this list of addresses from those messages?
Having said all that, do you use any anti-malware software? Are you confident that your computer is free of malware or trojans that might have access to your computer or messages?
Thanks for the reply. Below is the message header. I'm certain it was not sent from my thunderbird account because I have a signature on those emails. My concern is with how the spammer got my contact list. most of the recipients are NOT in my contact list in hotmail account. The addresses that were cc'd on the email I received match the "contacts" list exactly, which is different to the "personal address book" and "collected addresses" I am also a little confused by these 3 lists but that is not a concern. I don't forward jokes and the like. I use Avast freee version and did a scan yesterday-Nothing came up.
From - Sat Apr 05 07:01:05 2014 X-Account-Key: account3 X-UIDL: C2ABD0D9-BBF9-11E3-9BF4-00237DE49B9E X-Mozilla-Status: 0001 X-Mozilla-Status2: 00000000 X-Mozilla-Keys: x-store-info:8Rlnjmxvy6L6cXs23gz/9HW3P3dIQ3IMvZ5UWOY+G+LPFU08w+k3PlimmV6EDVwqeyZYKF31ObMoGUBICFJu1LWY/Y39bSs2Tl+OW4ihmAi+hXqynA8Hb9sNw3p3yBrQH/Gv8iL1I6g= Authentication-Results: hotmail.com; spf=none (sender IP is 80.12.242.129; identity alignment result is fail and alignment mode is relaxed) [email protected]; dkim=none (identity alignment result is pass and alignment mode is relaxed) header.d=hotmail.com; x-hmca=none header.id[email protected] X-SID-PRA: [email protected] X-AUTH-Result: NONE X-SID-Result: NONE X-Message-Status: n:n X-Message-Delivery: Vj0xLjE7dXM9MDtsPTE7YT0wO0Q9MTtHRD0yO1NDTD0w X-Message-Info: NhFq/7gR1vQVCILwCABTjlF8HNm+0BFQEXSUXD69u8vhZJRbkTKNDK4/hCwFkbosnLRIEVAQT17qigBgTj2E3aM/hBRsSOTzZzq5xLpJAUTYZF//zR6e2WZByDCMzoaBmcreFSkglt2Gr7vvix+XgN8TjWXcAS+BxvQRSrVBhMibuTiyn0NWIbGSYKLyi/6HJ7lzjn29Dp4NDkUv+9q6f2FAablc6xtH Received: from smtp.smtpout.orange.fr ([80.12.242.129]) by BAY0-MC1-F46.Bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4900); Fri, 4 Apr 2014 06:05:17 -0700 Received: from wanadoo.fr ([88.23.184.20]) by mwinf5d30 with ME id lp4y1n00X0SpJ2003p58kh; Fri, 04 Apr 2014 15:05:17 +0200 Message-ID: <[email protected]> From: Kim Shanti Massage <[email protected]> To: "Kaye" <[email protected]>, "kim" <[email protected]>, "Kim Shanti Massage" <[email protected]>, "kossin x26 x2364 x3bssec wisc edu" <[email protected]>, "Kristen Berger" <[email protected]>, "laura88 x26 x2364 x3boptusnet com au" <[email protected]>, "laure" <[email protected]>, "Leanne Brown" <[email protected]>, "leilacara x26 x2364 x3bhotmail com" <[email protected]>, "leila cara" <[email protected]>, "lgoodare x26 x2364 x3bxtra co nz" <[email protected]>, "Linda" <[email protected]>, "Lisa Dunn" <[email protected]>, "LJ Lawson" <[email protected]>, "Louane Hann" <[email protected]>, "lulu morgan" <[email protected]>, "Lynda Holistic Health Training" <[email protected]>, "lynn anderson" <[email protected]>, "lynne greig" <[email protected]> Subject: Date: Thu, 4 Apr 2014 02:05:08 +0100 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_4BCF_5BF78DE7.513C48C5" X-Priority: 3 X-MSMail-Priority: Normal Importance: Normal X-Mailer: Microsoft Windows Live Mail 16.4.3522.110 X-MimeOLE: Produced By Microsoft MimeOLE V16.4.3522.110 Return-Path: [email protected] X-OriginalArrivalTime: 04 Apr 2014 13:05:17.0838 (UTC) FILETIME=[86C902E0:01CF5006] X-Antivirus: avast! (VPS 140404-0, 04/04/2014), Inbound message X-Antivirus-Status: Clean
This is a multi-part message in MIME format.
=_NextPart_000_4BCF_5BF78DE7.513C48C5
Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
http://phiendich.net/components/com_contact/usainform.php -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= From: Kim Shanti Massage
=_NextPart_000_4BCF_5BF78DE7.513C48C5
Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
=_NextPart_000_4BCF_5BF78DE7.513C48C5--
Thread-Index: AQo/hzXzKHI4OWpzMGFpOWtlcXpxZA==
Lets see, you send a mail to a dozen folks CCing them.
One of them has malware of gets hacked. your list of a dozen addresses and your sending address are fairly easy to copy. And that scenario requires no hacking or nasty stuff on your end.
The lesson is always use BCC to send mail to a list, that way there are no lists of email addresses lying around in every recipients mail box for a spammer/hacker to get as there is with CC.