my email was hacked

[rkell87]

I'm so pissed, they sent out those weight loss scam crap using my account.

i think i know how they got it too, i NEVER use email and on the 12th i emailed fleaflicker(my FF site) about a commish cheating. anyway that same day is when emails started getting sent from my account. i literally had not emailed anybody in over a year and that day is the day it starts.

my password for my fleaflicker sign in was the same as my email pass(stupid i know ) so im guessing when my email popped up in their box they looked up my password on fleaflicker just to see if it was the same.

anybody had this happen to them? can i sue them? it would be hard to prove but it has to be them cause i have not signed up for anything or other stuff like that.

oh and i would never have known if the ******* didn't email the 2 people on my contacts list(my gf and her mom) this morning. now my gf has a virus cause she is trying to lose weight and thats what the email was about:bang2: :bang2: :bang2:

 

[Faerluna]

All webmail has a provision in the Terms of Service that absolves them of any type of responsibility for you, your computer and anything else. It's your responsibility to keep your account safe and secure.

 

[ajk23az]

All webmail has a provision in the Terms of Service that absolves them of any type of responsibility for you, your computer and anything else. It's your responsibility to keep your account safe and secure.

Yup. I change my password to most of my important accounts every 3 months give or take. And they all include symbols, capital letters, numbers, lower case numbers and punctuation.

 

[Dallas]

Its a wormed account only looking like you sent it. They didn't send it directly from your Email mailbox.


Because many spammers now use special software to create random sender addresses, even if the user finds the origin of the e-mail it is unlikely that the e-mail address will be active.

The technique is now used ubiquitously by mass-mailing worms as a means of concealing the origin of the propagation. On infection, worms such as ILOVEYOU, Klez and Sober will often try to perform searches for e-mail addresses within the address book of a mail client, and use those addresses in the From field of e-mails that they send, so that these e-mails appear to have been sent by the third party. For example:
Alice is sent an infected e-mail and then the e-mail is opened, triggering propagationThe worm finds the addresses of Bob and Charlie within Alice's address bookFrom Alice's computer, the worm sends an infected e-mail to Bob, but the e-mail appears to have been sent by CharlieThis can be particularly problematic in a corporate setting, where e-mail is sent to organisations with content filtering gateways in place. These gateways are often configured with default rules that send reply notices for messages that get blocked, so the example is often followed by:
Bob doesn't receive the message, but instead gets a message telling him that a virus sent to him has been blocked. Charlie receives a message telling him that a virus sent by him has been blocked. This creates confusion for both Bob and Charlie, while Alice remains unaware of the actual infection.Newer variants of these worms have built on this technique by randomising all or part of the e-mail address. A worm can employ various methods to achieve this, including:

• Random letter generation
• Built-in wordlists
• Amalgamating addresses found in address books, for example:
  • User1 triggers an e-mail address spoofing worm, and the worm finds the addresses [email protected], [email protected] and [email protected] within the users e-mail address book
  • The worm sends an infected message to [email protected], but the e-mail appears to have been sent from [email protected]

Sooooooo long story short. Your aunt Sarah in NM received a legit worm email and she clicked on it and infected her computer. That lil worm then went through her address book collecting email address (your's included) and sent them out appearing like they were from you because YOU were in the address book it collected.

We get these all the time at the state. Literally 100's of users contact us regularly thinking they have been hacked because they SWEAR they didnt send those emails.

 

[rkell87]

Its a wormed account only looking like you sent it. They didn't send it directly from your Email mailbox.


Because many spammers now use special software to create random sender addresses, even if the user finds the origin of the e-mail it is unlikely that the e-mail address will be active.

The technique is now used ubiquitously by mass-mailing worms as a means of concealing the origin of the propagation. On infection, worms such as ILOVEYOU, Klez and Sober will often try to perform searches for e-mail addresses within the address book of a mail client, and use those addresses in the From field of e-mails that they send, so that these e-mails appear to have been sent by the third party. For example:
Alice is sent an infected e-mail and then the e-mail is opened, triggering propagationThe worm finds the addresses of Bob and Charlie within Alice's address bookFrom Alice's computer, the worm sends an infected e-mail to Bob, but the e-mail appears to have been sent by CharlieThis can be particularly problematic in a corporate setting, where e-mail is sent to organisations with content filtering gateways in place. These gateways are often configured with default rules that send reply notices for messages that get blocked, so the example is often followed by:
Bob doesn't receive the message, but instead gets a message telling him that a virus sent to him has been blocked. Charlie receives a message telling him that a virus sent by him has been blocked. This creates confusion for both Bob and Charlie, while Alice remains unaware of the actual infection.Newer variants of these worms have built on this technique by randomising all or part of the e-mail address. A worm can employ various methods to achieve this, including:

• Random letter generation
• Built-in wordlists
• Amalgamating addresses found in address books, for example:
  • User1 triggers an e-mail address spoofing worm, and the worm finds the addresses [email protected], [email protected] and [email protected] within the users e-mail address book
  • The worm sends an infected message to [email protected], but the e-mail appears to have been sent from [email protected]

Sooooooo long story short. Your aunt Sarah in NM received a legit worm email and she clicked on it and infected her computer. That lil worm then went through her address book collecting email address (your's included) and sent them out appearing like they were from you because YOU were in the address book it collected.

We get these all the time at the state. Literally 100's of users contact us regularly thinking they have been hacked because they SWEAR they didnt send those emails.

the messages sent are in my own sent messages in my email. how can that happen if they arent in my account?

 

[rkell87]

http://i68.***BLOCKED***/albums/i24/smileychick003/hacked.jpg

this is what my sent box looks like and there are 4 pages of sent emails. only 2 were sent this morning and both were to my only two contacts.


notice the date of the email before the fleaflicker email

 

[Faerluna]

the messages sent are in my own sent messages in my email. how can that happen if they arent in my account?

If that is the case, then they are in your account.

We also see forged sender spam all the time, and no way to stop that. The worst is when spammers send out a bunch of mail to invalid addresses. Then the forged sending account gets hundreds of bounce back messages.

 

[rkell87]

If that is the case, then they are in your account.

We also see forged sender spam all the time, and no way to stop that. The worst is when spammers send out a bunch of mail to invalid addresses. Then the forged sending account gets hundreds of bounce back messages.

my guess is they are using a list of fleaflicker account holders, no bounce back messages yet, i changed my password i hope that works

 

[theogt]

My CZ account has been hacked. All of the stupid **** I say was someone else.

 

[Kangaroo]

you could be what is called spoofed where they make it look like your account is sending the email. If they get a password it is even easier for them to spread spam.

Our own employees are are worse enemy they fall for this crap all the time about sending their password and login etc. We are talking about Doctors yes the people that are suppose to be smart and educated some of them are worse than the common folk :bang2::bang2::bang2:

So if you ever work corporate email your customer will cause you more headaches because they help out the spammers.

 

[YosemiteSam]

Sorry, I didn't realize you didn't want me sending spam from you account. :laugh2:

 

[Bob Sacamano]

Damnit, rkell. Now I know why you sent me that letter saying you were going to give me 50 million dollars.