Someone hijacked my email account?

  stlucia 11:26 24 Oct 2006

I have a web site hosted by Madasafish (used to be Freenetname). Let's call it "". Associated with the web site can be email addresses, such as "[email protected]".

From time to time I use "[email protected]" to send and receive messages.

Today when I checked my mail I had 150 messages, mainly with headings along the line of "failure notice", "undeliverable mail", "undelivered mail returned to sender". I read a couple of them which seemed to be from genuine addresses, and it appears that someone is using an email address made up of [email protected] to send out unsolicited bulk mail.

I have ZA and AVG running, and both up to date. If my email address is being used, does this mean that someone is actually using my PC or my ISP's server as a proxy to send out mail, or could it be that they're simply manually put my address as the "from" address in their mailings?

Should I be looking for some malicious software that AVG hasn't detected? If they're manually using my address, how can I stop it?

  recap 11:30 24 Oct 2006

Get in touch with your ISP, they should be able to trace the person and stop this from happening.

  stlucia 13:43 24 Oct 2006

Thanks, I've just done that, recap. I've also done full scans with Spybot and Adaware, and nothing was found apart from a few cookies.

In the meantime I've posted a notice on my home page to let people know it's not me sending out spam!

  Jak_1 14:05 24 Oct 2006

Relax, it's spam. There is a spate of these type of mails at the moment, almost every isp is being hit by them. Simply delete the mails, check with your isp about their spam filters.
Your addrerss itself has not been hijacked, be rest assured on that.
They may look genuine but I can reassure you they are most definately not!

  Audeal 14:26 24 Oct 2006

We all get them from time to time. Just delete them and forget them.

  stlucia 20:16 24 Oct 2006

Thanks Jak_1 and Audeal. I used to get the odd few, but 150+ in one day?? And a couple I opened looked like they were from bona-fide company addresses, and said something like "this user name is no longer in use".

I just changed my user profile with my ISP last week to increase the spam filtering. I wonder if there's any connection??!! I'll wait and see what their reply is.

  stlucia 12:55 25 Oct 2006

Madasafish has confirmed that no hijacking has taken place, and that someone is simply using my domain name with a randomly chosen prefix as their "from" address for bulk or spam mailings.

They've also shown me how to customise my account so that all email prefixes other than ones I've specifically selected will be invalid. Downside is, if I want more than two alternatives, it will cost me.

  stlucia 13:45 02 Nov 2006

My ISP's solution to the problem (select one or two specific email account names) would solve the problem for me by rejecting bounced email that's incorrectly addressed. But it wouldn't stop the fundamental problem, which is somebody sending out spam using the address of my web site, would it?

Is there somewhere in the internet, or could there be, a facility which checks that the "from" address in any outgoing email is a valid one before allowing it to be transmitted? I suppose I'm suggesting more regulation, which is against the principle of the www; but without it the web is going to fall into disrepute and, thus, be trusted less and used less than it is now.

  ian-inhome 15:35 02 Nov 2006

I had this problem and posted a request for help on this site a week or two ago. orange my ISP sent me a link to this tracking web site click here but I couldnt work out how to use it or what good it would do.

  stlucia 12:33 09 Nov 2006

I can't figure that one out either, ian.

But the number of returned emails has reduced to the "normal" one or two a day now, so my ISP was right to say that the problem would go away shortly.

But, why's that? Do the hackers just get tired of using the same old spoof "from" address, or do they only use it for a few days because they risk being traced if they continue?

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Alienware 17 R4 2017 review

Is this the future of VR and AR?

Best iPad buying guide 2017

Comment regarder le Bureau des L├ęgendes en ligne ?