How to Stop receiving Spam/Junk sent from people in my address book

  AroundAgain 09:25 28 Apr 2013

Hi I recently received a number of emails, supposedly from friends/rels in my address book, with just a random link in the message body.

So, I changed all my passwords and they seemed to stop.

Now, I'm getting quite a lot more again. Again, usually from people who are listed in my address book. These emails are being sent to other people, with their names and addresses being displayed in to 'To' part, available for all recipients to see.

The messages in these emails are currently

*"Single Mom Makes $89,844/Yr in Her Spare Time on The Computer Without Selling Anything "*

Does this mean the various address books have been compromised, if emails go out to and from the addresses in the book?

How can I stop these arriving, and how can I be sure my address book, and my friends/relatives address books are clean/secure?

As I said, I've already changed passwords on my email accounts. I might change email addresses but what about the security of mine, and others, address books.

If anyone can enlighten me, I'd be very grateful. Thanks.

  Taff™ 09:43 28 Apr 2013

This is very common at the moment but Please don't post the link in future - Forum Members are warned not to follow the link in the original post!!!

If you are receiving these from people in your address book as individuals it is probably their e-mails that have been hacked. If you are receiving mailer-daemon for messages that you have apparently sent to undeliverable e-mail addresses it's your e-mail that has been hacked. Changing passwords is the first step in either case. It is important not to use "dictionary" words or names and numbers - these are cracked very easily. Add in "Wild Card" symbols such as @ for a, zero for o, $ for s even ^,%,* etc.

When people send round robin e-mails or pass on chain mail with recipients clearly visible in the To or CC fields, every one of those addresses becomes a target for hackers and can be harvested for this type of spamming. Hackers will then try to log into those e-mails using webmail and use password cracking software using dictionery word and letter combinations to access that account and then harvest every contact.

  AroundAgain 10:11 28 Apr 2013

Taff, thank you very much for your response.

First off, though, I'm sorry about posting the link. It didn't occur to me that this could be a problem to others. Please, all, accept my apologies.

So, I obviously need to change my passwords, re email accounts, again but will also incorporate more bizarre combinations, as you suggest. Thanks for that advice.

Yes, there is a problem with people sending 'open' email addresses in 'round robins'. I usually put a short message asking for BCC to be used (QuickText on T'Bird with keyboard shortcut - makes this so quick and easy) but often there are a list of email addresses in the body of the email - and including mine in the recent ones, of course. Educating folks isn't always easy ;)

So, I think an email to all my friends/rels/contacts to advise them re using BCC, changing to more secure passwords etc ...

Thanks again for your advice

  AroundAgain 13:07 28 Apr 2013

Jock1e - thanks. In fact, I hadn't thought to check through my address book so I appreciate your suggestion.

I've deleted a lot of addresses that I no longer need but also some that I can't remember who they are, so some could well have been suspect.

Just need to set to and change my email account passwords, yet again, but to more secure ones, as suggested by Taff.

Hopefully, that might mean the end of them if I'm generating them. I'll send out emails to my contacts too, to suggest they do the same.

Thanks very much for all this advice


  caccy 13:38 28 Apr 2013

Are you using Yahoo Mail? My wife got exactly the same message on Thursday and it was also sent to the people she had previously sent mail to. (all family) It turns out that it originates in Russia. Buried in Yahoo Mail help area it suggests you change your password. I believe there was a thread about Yahoo and BT names and passwords being hacked on one of PCAdvisor forums sometime ago.

  AroundAgain 16:30 28 Apr 2013

Hi caccy

I'm with gmail x 3 accounts and BT x 1 account

These 'spam' emails are coming to me 'from' people that I have probably sent emails to in the past few months

Yes, I seem to remember a thread about similar issue but couldn't find it when doing a search - probably not using the appropriate keyword.

Anyway, I'm in the process of changing my passwords - to something more bizarre so, no doubt, will have problems with saved passwords for email for a while ;)

  Taff™ 20:00 28 Apr 2013

Not "bizarre", more secure!

By the way, just after I posted my first response this morning I got an e-mail from a "Society Member" exactly as you described originally. His password on the account, (Obviously Yahoo/BT have changed it now) was, lucy2. Second time he's been hacked - previous password was lucy1 - good god! even I know she's four now !!!???

  woodchip 20:06 28 Apr 2013

You all need to check your PC's for a Parasite, it may have been loaded from a Trojan

  AroundAgain 20:11 28 Apr 2013

Thank Taff and Woodchip

By 'bizarre' I meant something a bit more random, rather than a predictable word. ;) Hopefully, my new passwords will meet some security standards ...

Thank goodness for KeePass, eh?

I did run a scan with Avast and Malwarebytes and my machine was clean. What else might it be worth me scanning with? I appreciate your advice.


  woodchip 20:21 28 Apr 2013

To make Passwords a strong as possible, they need \to be as long as practical but it does not mean you have to use all different letters etc. just had a load of x's or similar just remember how many you add to your Password

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

iMac Pro review

Illustrator Charles Williams on how to create magazines and book covers

iMac Pro review

Les meilleures prises CPL (2018)