Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

Hotmail Account Problem
Vanity

Posted on 04/15/2008 8:33:02 PM PDT by Retired Chemist

My Hotmail account is being bombarded with undeliverable mail messages that I did not send. They are in a foreign language. Any ideas as to what is going on. I have sent a message to MSN support.


TOPICS: Computers/Internet; Conspiracy; Weird Stuff
KEYWORDS:

1 posted on 04/15/2008 8:33:02 PM PDT by Retired Chemist
[ Post Reply | Private Reply | View Replies]

To: Retired Chemist

you should NOT have purchased the reduced price generik viagra. The stuff is rat poisoning and lead, AND you stay on their mailing list forever.


2 posted on 04/15/2008 8:35:02 PM PDT by utherdoul
[ Post Reply | Private Reply | To 1 | View Replies]

To: Retired Chemist

Someone is spamming using your account. You may have used your name and pw on a questionable website.


3 posted on 04/15/2008 8:35:05 PM PDT by Straight Vermonter (Posting from deep behind the Maple Curtain)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Retired Chemist

Someone is using your email address to send forged spam mail. The bounced mail comes to you because that’s where it looks like it came from.

This is known as ‘back-scatter’ mail.


4 posted on 04/15/2008 8:36:41 PM PDT by KoRn (CTHULHU '08 - I won't settle for a lesser evil any longer!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Retired Chemist

Sounds to this poster, like a spammer has gotten ahold of your email address, and is spamming with your email, as the return address.

Not sure if they do this randomly, going through potential hotmail email accounts in sequence - or whether they somehow figured out it’s a real account. Could even be someone you correspond with, got a virus which sent your address somewhere.

That would be my guess. Not sure how you can “fix” it. Sorry I’m not more help.


5 posted on 04/15/2008 8:36:51 PM PDT by Cringing Negativism Network
[ Post Reply | Private Reply | To 1 | View Replies]

To: Retired Chemist
My Hotmail account is being bombarded with undeliverable mail messages

If they're undeliverable, how are you getting them?

6 posted on 04/15/2008 8:37:33 PM PDT by martin_fierro (< |:)~)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Retired Chemist
sounds like your e-mail account has been hi-jacked, contact your ISP ASAP.
7 posted on 04/15/2008 8:37:35 PM PDT by txroadkill (Liberals believe that the only oppressed people in Cuba are the terrorist in GitMo)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Straight Vermonter

I have changed my password.


8 posted on 04/15/2008 8:37:44 PM PDT by Retired Chemist
[ Post Reply | Private Reply | To 3 | View Replies]

To: Retired Chemist

Where have you logged in?


9 posted on 04/15/2008 8:38:05 PM PDT by JRios1968 ("If you go over a cliff with all flags flying, you are still going over a cliff"--Ronald Reagan)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Retired Chemist

Change your account password, available at “Account”

Also, run a virus scan on your hard drive.


10 posted on 04/15/2008 8:39:51 PM PDT by Rebelbase (Carbon is the fourth most abundant element on the planet.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Straight Vermonter; Retired Chemist
"You may have used your name and pw on a questionable website."

That isn't unnecessarily true. Anyone can take an address and make it appear to be a sender of mail. Spammers do this all of the time. Straight Vermonter's information didn't have to be compromised for this to happen. When the spam hits a nonexistent mailbox, which can happen hundreds or even thousands of times in a single dictionary attack, all of the messages are bounced back to where the message APPEARED to be from, which in this case was a forged address.

11 posted on 04/15/2008 8:41:17 PM PDT by KoRn (CTHULHU '08 - I won't settle for a lesser evil any longer!)
[ Post Reply | Private Reply | To 3 | View Replies]

To: Retired Chemist

Hopefully that will stop it. Never use your email pw for anything else.


12 posted on 04/15/2008 8:42:24 PM PDT by Straight Vermonter (Posting from deep behind the Maple Curtain)
[ Post Reply | Private Reply | To 8 | View Replies]

To: Retired Chemist
"I have changed my password."

Don't worry about it, see my posts and #5. Most likely some spammer got your email address and is using it to forge spam mail. About the only thing you can do to stop it is to change your email address. Even the best spam filtering systems can't do much to stop 'backscatter' messages, without blocking legit bounce messages, which are very important for troubleshooting and should almost never be blocked.

13 posted on 04/15/2008 8:48:15 PM PDT by KoRn (CTHULHU '08 - I won't settle for a lesser evil any longer!)
[ Post Reply | Private Reply | To 8 | View Replies]

To: KoRn

If someone had hijacked my account and was sending messages, shouldn’t they show up in my sent messages?


14 posted on 04/15/2008 8:53:18 PM PDT by Retired Chemist
[ Post Reply | Private Reply | To 11 | View Replies]

To: Retired Chemist

Most likely it’s an e-mail worm of the “spambot” variety. The worm is probably not on your system (although you should run a scan or two just to make sure). The worm is probably on someone else’s system. You’ll never find out whose. It could be anywhere in the world.

There are a lot of spambot worms out there that work surreptitiously on an infected PC, and just rummage through a person’s address book for FROM and TO addresses. In this case, it found your address to insert into the FROM field, and a bunch of other random addresses in the address list to insert into the TO field.

If TO field recipient’s address is invalid, then the mail server at the recipient’s domain sends back a non-delivery report to the sender. The sender, in this case, is you, since your name is in the FROM field.

You can’t really do much to stop this sort of thing if it’s someone ELSE’S infected machine (or a deliberately set-up spambot machine) that is doing it. The only thing you can do is delete the messages, or get a good spam filtering program. Although, I’m not sure what to recommend that would hook into a web mail account like Hotmail. I’m mostly familiar with POP3 and Exchange spam filters.

Good luck.


15 posted on 04/15/2008 8:53:19 PM PDT by RepublitarianRoger2
[ Post Reply | Private Reply | To 1 | View Replies]

To: Straight Vermonter
"Someone is spamming using your account. You may have used your name and pw on a questionable website."

Same thing happened to me some time ago. EBay was the "questionable website" I believe.

16 posted on 04/15/2008 8:53:38 PM PDT by penowa
[ Post Reply | Private Reply | To 3 | View Replies]

To: Retired Chemist

You are being “spoofed.” Changing your password will NOT help.

Spoofing is a hacker practice of making one computer/user appear as if it is someone else. My hotmail account has been spoofed twice - both times for porn. The first time was “normal” porn. The second time was kiddie porn. I received many threatening messages when spoofed the second time around.

The first time I was spoofed, I looked at my message headers and saw a consistent source IP. I was able to traceroute the messages and whois the spoofer. I got the contact information for a guy in England and sent a firm email insisting he stop spoofing me. The next day he sent an apologetic email claiming it was an accident and the spoofing ended.

The second time I was spoofed, they were very sophisticated. I tried to track them down, but they were originating out of about a dozen different proxies and hopping through countless servers. Because it was kiddie porn, I turned over all the information I had to the FBI. The spoofing stopped on it’s own after about a two days.

Newer spoofers will typically only spoof you for a short period, then they move on to someone else. The problem should fix itself. But it *is* annoying.


17 posted on 04/15/2008 8:54:17 PM PDT by bolobaby
[ Post Reply | Private Reply | To 1 | View Replies]

To: Retired Chemist

Oh, and by the way, changing your password to your Hotmail account won’t have any effect on a spambot or worm. They are not aware of it and don’t even use it.


18 posted on 04/15/2008 8:54:53 PM PDT by RepublitarianRoger2
[ Post Reply | Private Reply | To 1 | View Replies]

To: Retired Chemist
"If someone had hijacked my account and was sending messages, shouldn’t they show up in my sent messages?"

Yes, unless they cleared your sent messages, but I doubt they would do that to send spam or virii. As I said, don't be overly concerned. I see this happen all the time at work. People will call our department saying they go a bounce message from someone they don't even know saying a virus was blocked, and the people are freaking about whether they have a virus and the fact they didn't know the other person. A search of the maillog and showing them it isn't in their sent messages is what it takes to ease their minds.

LOL Sometimes even then they still don't believe it.

19 posted on 04/15/2008 8:57:16 PM PDT by KoRn (CTHULHU '08 - I won't settle for a lesser evil any longer!)
[ Post Reply | Private Reply | To 14 | View Replies]

To: Retired Chemist; mikrofon; martin_fierro

Är du inloggad?


20 posted on 04/15/2008 9:02:37 PM PDT by Charles Henrickson (You need tons click "co-ordinating".)
[ Post Reply | Private Reply | To 1 | View Replies]

To: KoRn

“If someone had hijacked my account and was sending messages, shouldn’t they show up in my sent messages?

Yes, unless they cleared your sent messages...”

The answer is no. You are not being hijacked. You are being spoofed. Big difference. See above.


21 posted on 04/15/2008 9:06:36 PM PDT by bolobaby
[ Post Reply | Private Reply | To 19 | View Replies]

To: RepublitarianRoger2

With Hotmail the addresses do not reside on my computer, so wouldn’t that rule out my computer as the source.


22 posted on 04/15/2008 9:09:05 PM PDT by Retired Chemist
[ Post Reply | Private Reply | To 15 | View Replies]

To: bolobaby
"You are not being hijacked. You are being spoofed. Big difference."

Yes, that's exactly it. I wish I would have used the word "spoof" instead of forged, lol it gets the idea across much better when it comes to discussing happenings on the internet.

23 posted on 04/15/2008 9:10:54 PM PDT by KoRn (CTHULHU '08 - I won't settle for a lesser evil any longer!)
[ Post Reply | Private Reply | To 21 | View Replies]

To: KoRn

http://en.wikipedia.org/wiki/Spoofing_attack

Typically used to gain illegal access, but also applies to “hijacks” of email identities.


24 posted on 04/15/2008 9:14:13 PM PDT by bolobaby
[ Post Reply | Private Reply | To 23 | View Replies]

To: Retired Chemist

Yes, most likely.


25 posted on 04/15/2008 9:14:28 PM PDT by RepublitarianRoger2
[ Post Reply | Private Reply | To 22 | View Replies]

To: Retired Chemist

The same thign seems to be happening with my home account, with my ISP — not Yahoo or Hotmail in my case, but my regular account.


26 posted on 04/15/2008 9:16:19 PM PDT by TBP
[ Post Reply | Private Reply | To 1 | View Replies]

To: TBP

Read above. If the messages are bouncing from addresses you don’t know, it’s probably some spammer sending messages spoofing your address as a fake sender. If you are getting bounce notifications from people you DO know, you might have an infection sending to your contact list or address book.


27 posted on 04/15/2008 9:22:04 PM PDT by KoRn (CTHULHU '08 - I won't settle for a lesser evil any longer!)
[ Post Reply | Private Reply | To 26 | View Replies]

To: Retired Chemist

I know that some people here are adamant about not using the left-leaning Google for anything, but I use Gmail for my web mail. I find the spam filter to be extremely effective. Besides, I’m not making Google any money by using their mail and search server resources. I’m costing them money by doing that. Now if clicked on any of the Adsense ads, that would be a different story...


28 posted on 04/15/2008 9:24:10 PM PDT by RepublitarianRoger2
[ Post Reply | Private Reply | To 22 | View Replies]

To: martin_fierro
If they're undeliverable, how are you getting them?

He's getting the returns from the undeliverable addresses because his address was hijacked as the sending address.

29 posted on 04/15/2008 9:28:30 PM PDT by Wil H
[ Post Reply | Private Reply | To 6 | View Replies]

To: Retired Chemist
I see no reason to suspect that someone has hijacked your account. I see no reason to suspect that someone is using your account to send messages.

They are forging your email address (and millions of other email addresses) in spam that they send out from the tens of millions of PC's that they have compromised (almost all Windows PC's). They send out spam, claiming to be from you (and me and probably everyone else on this thread.)

The intended target of the spam is more likely to read email if it looks to be from someone with a plausibly real email address, not from "3ccf259cac0183@aol.com" or some such nonsense.

When some of that spam bounces (because it was sent to an invalid email address) the notice that the spam couldn't be delivered goes back to your email account, because the email claimed to be from you. But you had nothing to do with that bounced message; you just ended up seeing the bounce.

There is nothing you can do about this, other than improving your spam filters. You can keep trying to change your email address, but that's a pain in the backside if you actually expect anyone to ever send you something useful.

Those of us, such as myself, whose email address has been "pj@usa.net" for perhaps a decade now and which I have never attempted to hide, end up getting thousands of messages a day. My spam filtering skills have become expert over the last decade.

30 posted on 04/15/2008 9:43:33 PM PDT by ThePythonicCow (By their false faith in Man as God, the left would destroy us. They call this faith change.)
[ Post Reply | Private Reply | To 14 | View Replies]

To: ThePythonicCow

“There is nothing you can do about this, other than improving your spam filters.”

I disagree with this. You *can* attempt to read the header information off the original email and determine a consistent source IP. This has worked or me in the past with unsophisticated spoofers. Then you can whois them and get contact info.

Another option is to check what site they are referencing in the original email. It is possible you can whois that and get the administrative contact for the domain. There is a decent chance, however, that the info there will be bogus, too. When it was kiddie porn, it turned out to be some poor woman in Kentucky who didn’t have a clue what was happening when I called her. She had already called the FBI re: identity theft.


31 posted on 04/15/2008 9:48:52 PM PDT by bolobaby
[ Post Reply | Private Reply | To 30 | View Replies]

To: martin_fierro

When a million spams go out some are “undeliverable” and bounce back to the return address. That is the surest way to discover that your address has been hijacked. It can also get you kicked off the email site for propagating spam.


32 posted on 04/15/2008 9:56:16 PM PDT by arthurus
[ Post Reply | Private Reply | To 6 | View Replies]

To: Retired Chemist
There's another way your address can be hijacked, the same way you get spam even days after setting up an account you've never had a chance to use.

Imagine someone wants to use "sweetie pie" for a name. It's easy to guess that more than one person on this planet would want it, hence the possibilities of "sweetiepie1" or "sweetiepie632", etc. For a long time the spammers have had programs that take common cutesy names such as in the example and send spam out from "sweetiepie1" up to perhaps "sweetiepie99999" and everything between and beyond.

If they've sent it with "web bugs", links in the body of the mail designed to access images on their servers, then they can accrue records of how many of their invented addresses turn out to actually exist, as distinguished from all the "account doesn't exist" kickbacks. Then they can of course hijack them. 

To elaborate on what a web bug is, the image of the badge is taken from the Freep's front page. Actually, it's a direct link to the image. For discussion, let's assume that 999 people will view this page after I post, therefore (adding myself to the total) Jim and John can deduce from the server logs that the image was accessed a thousand times beyond the visits to the front page.

 

There's nothing "evil" about this, far from it. Any website owner likes to know how many visits the site, how many goes where, what features are popular and what isn't, etc. It's only that spammers take something routine and exploit it.  

The web bug (picture) can be any size. Technically, the image can be only one pixel, and it can be "invisible", say if it's pure white on a white background. Spammers have web sites whose sole duty is to host those tiny images and add up the access hits when people open up the spam mail.

* * * 

Hotmail has a setting where you can elect to not have images automatically show when you open mail, so use it, being aware that any strange mail can announce your account is active once you read it.

You can also let your active account status be known with Outlook or Outlook Express or Thunderbird, etc, if you don't have them set for plain text only. If you simply must open strange mail, disconnect from the internet first, so the web bug can't phone home. With Hotmail or Yahoo or other web based mail, you of course don't have that safety option.

33 posted on 04/15/2008 11:52:22 PM PDT by JoJo Gunn (Help control the RINO population. Have them spayed or neutered. ©)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Retired Chemist

Columcille acusdrostán mac cosgreg adálta tangator áhi marroalseg día doíb goníc abbordobóir acusbéde cruthnec robomormær bûchan aragínn acusessé rothídnaíg dóib ingathráig sáin insaere gobraíth ómormaer acusóthósec.tangator asááthle sen incathráig ele acusdoráten ricolumcille sì iàfallán dórath dé acusdorodloeg arinmormær .i.bédé gondas tabrád dó acusníthárat acusrogab mac dó galár iarnéré naglerêc acusrobomaréb act mádbec iarsén dochuíd inmormaer dattác naglerec gondendæs ernacde les inmac gondisád slánté dó acusdórat inedbaírt doíb uácloic intiprat goníce chlóic petti mic garnáit doronsat innernacde acustanic slante dó; Iarsén dorat collumcille dódrostán inchadráig sén acusrosbenact acusforacaib imbrether gebe tisaid ris nabad blienec buadacc tangator deara drostán arscartháin fri collumcille rolaboir columcille bedeár áním ó húnn ímác_......


34 posted on 04/16/2008 2:01:33 AM PDT by cowboyway ("No damn man kills me and lives." -- Nathan Bedford Forrest)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Retired Chemist

I have the opposite problem (well, not a problem, really). Our ISP has a super spam blocker/filter, but I’ve been getting a LOT of messages from them lately telling me that the message from “xxx@xxx” has been blocked. Those senders were people I’ve never heard of. With our old ISP, I would get all kinds of spam, especially Russian stuff.


35 posted on 04/16/2008 3:39:13 AM PDT by alwaysconservative (Notice how when Democrats "give" to "charity", it's usually to themselves?)
[ Post Reply | Private Reply | To 1 | View Replies]

To: bolobaby
What you say is true enough. If one is being hit with spam or these bounces from just an occasional source, one can track it down, and have a decent chance of fixing it. This does require some understanding of email headers and whois, just as you describe.

I was speaking from the perspective of someone who gets literally thousands of junk emails per day, on two email addresses (my personal one, and my work one) both of which I have widely exposed to public view for many years.

One can bail out ones fishing boat with a bucket. A single person cannot bail out a ship in tsunami. All one can do in that case is button down the hatches and stay below decks. If the ship is big and strong, and able to be operated without going topside, then it's full steam ahead.

36 posted on 04/16/2008 6:50:17 AM PDT by ThePythonicCow (By their false faith in Man as God, the left would destroy us. They call this faith change.)
[ Post Reply | Private Reply | To 31 | View Replies]

To: alwaysconservative
Well well, isn't that helpful. Trading one kind of spam for another ;).
37 posted on 04/16/2008 6:55:15 AM PDT by ThePythonicCow (By their false faith in Man as God, the left would destroy us. They call this faith change.)
[ Post Reply | Private Reply | To 35 | View Replies]

To: ThePythonicCow

That was sort of my thought, LOLOL!


38 posted on 04/16/2008 7:10:52 AM PDT by alwaysconservative (Notice how when Democrats "give" to "charity", it's usually to themselves?)
[ Post Reply | Private Reply | To 37 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson