Email Account Hacked?

  aly-lfc 19:59 08 Sep 2011

Last night I noticed I had an email sent to myself from my own account and also lots of mailer-daemon messages with un-deliverable messages containing addresses from my contacts.

Have I been hacked? My computer is new, only a month old, I haven't clicked on any links etc in emails and I haven't downloaded anything. Last week a friends account was hacked and an email with a link was sent to me - which I didn't open, are the two incidents linked or just coincidence? This is the first time anything like this has happened to me and I want to be sure my email account is secure.

I have changed my password and my security question, and ran a complete scan but is my computer safe?

Also, how can my contact list have been accessed?

Thanks for any advice.

  letsgetrdy 20:21 08 Sep 2011

Firstly, check to see if the emails were genuinely from your account, or just spoofed. This can be done by checking the email header and verifying it was sent from a server that's used by your email provider.

If your information was gained then it doesn't sound like it was on a personal scale, but rather by an automated bot of some sort, a real person would not be so stupid and make such silly mistakes.

What did you run a scan with? I would suggest doing a scan with malwarebytes in safemode. The two incidents may be related, its impossible to say. When you say they were hacked, do you mean they lost control of their account?

There is a lot of spoofing, which is easy to do with emails.

  aly-lfc 21:24 08 Sep 2011

Thanks for your reply, what is spoofing?

I just checked my email account, in my recently deleted folder there are 12 emails, each with a different link written - sent to 10/12 of my contact list alphabetically at 10.20pm last night.

As these emails are in my deleted folder have they had control of my account?

My friend had his contact list taken away; he was left with no contacts at all.

I ran a scan with Norton Internet Security.

  letsgetrdy 01:04 09 Sep 2011

Spoofing is the act of sending emails, faking who the sender appears to be from. You could spoof an email from [email protected], so on the face it would appear to be from them. However the header information can not be faked and this is more widely being used by automated services to detect phishing attempts from spoofed addresses.

However, it appears your account was indeed compromised. If you have other accounts elsewhere that use the same password that was compromised then change them.

  aly-lfc 21:12 09 Sep 2011

Thank you. I changed all passwords etc asap, roughly an hour after the account had been accessed.

I ran a scan with malwarebytes and again with Norton, both have been clear.

Am I ok to continue using my email account or would you create a new one?

  letsgetrdy 22:16 09 Sep 2011

I would be happy to continue using it. If it's gmail or hotmail they have the option of adding a mobile number, as another way of getting back in should you need to. I'd do that too.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

iMac Pro review

Illustrator Charles Williams on how to create magazines and book covers

iMac Pro review

Les meilleures prises CPL (2018)