Jump to content
zeal

Mail has been hijacked

Recommended Posts

Hi

 

Hope someone has some ideas how to help me. I have been getting returned email messages from places I did not send any email to. I feel my account has been hijacked. I went into the online version for my email and changed my password and I am still getting these bounced emails form places I never sent email to. I just over 60 today, and several everyday for the last weeks. The email is still working as normal otherwise. I get email from friends and can send to them just these crazy emails also. How do I scan my system and get rid of the evil software or whatever is causing this.

 

I am on a mac pro using leopard OS and mac Mail.

 

Please help.

 

Thanks in advance.

Share this post


Link to post
Share on other sites

Technology today makes it extremely easy to spoof an email address. Since you know the account is not compromised, there's not much else you can do.

 

Just a sad fact of life online nowadays.

 

Mac - Windows - Linux - irrelevant for email in this situation.

Share this post


Link to post
Share on other sites

thanks

 

I just got done talking with tech support. it looks like I have not been hijacked but some spam is coming in to my account saying it is a bounced email. I have to mark everyone as junk mail. Hoping that a real bounced email does not get marked as junk in the process. I hope this will fix my issue. I never have had a spam issue on my mac like this in a really long time, years and years I would say.

 

thanks again for your reply.

Share this post


Link to post
Share on other sites

You know, this brings up a great point. As Zeal found out, it is very easy for the bad guys to spoof an e-mail address, making it seem as though you are the one sending spam and possibly causing troubles with your ISP ( some more inexperienced ISP personnel sometimes will cut off e-mail accts erroneously thinking that indeed it is you sending the spam ). The problem is that everyone takes great care to select powerful, unguessable passwords but few ever think about their e-mail address. If your e-mail address is something easily generated by spam software ( a common name with a series of numbers, a dictionary word, etc. ) it opens you up to all sorts of possible issues.

 

Several years back, Leo Laporte had a guest on one of his shows who suggested a policy for e-mail security which I have since followed with very good results. First, you set up your main e-mail address as something that is very unguessable, something like "shotputfan15732456@whatever.com". You use this as your very personal e-mail, using it for correspondence with your closest friends and family only ( or possibly close business contacts etc ). Next, you set up a second e-mail acct ( this one you don't have to worry too much about the address ) and use this for online applications/memberships and freely giving out to everyone else. You'd be surprised how much spam the second address attracts after awhile and how "clean" your main account stays.

Share this post


Link to post
Share on other sites

Unfortunately this is a big problem and like Huskermn pointed out there is not much you can do to stop it. It happens to me quite frequently with the Maccast domain. I like the technique pointed out by Dolphbucs, but unfortunately that still doesn't prevent someone from using your domain as the FROM and REPLY TO address to send out their SPAM. It keeps the bounces from jamming up your mailbox, but doesn't prevent the spammer from using your domain. In my case they were using any combination of jumbled letters @maccast.com (i.e. dajkhbsh@maccast.com). My guess is that they randomized it with each send so as to help prevent spam filters from just blocking specific addresses. I thought that my ISP should be able to help too, but they said there was nothing they could do. This kind of domain hijacking is annoying, but I have not heard of a solution. If someone has an idea I would love to hear it.

Share this post


Link to post
Share on other sites

Yeah, the methods I mentioned help little for people with their own domains .... I mean why would you want to make your domain name cryptic anyway ? Good point Adam.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing

    No registered users viewing this page.

  • Who's Online (See full list)

    There are no registered users currently online

×