Spam e-mail from my sister on an account that's not hers?

This morning I received an e-mail from what looked like my sister.

The e-mail had my sister’s name in the from field with the e-mail address <>. Which she says not only is not hers, but she never had a Yahoo account. I told her to run a malware/virus scan and update her passwords, but how could this random e-mail address have gotten her name?

What likely happened is this: somebody (not your sister) has your sister’s e-mail address in his address book (among others). This person’s computer got infected by a malware which took the e-mail addresses (including your sister’s) from this address book and generated spam e-mails, pretending these persons (including your sister) were the ones who wrote the e-mails.

This is really nasty because the recipients of these spam e-mails often mistakenly assume that the persons who appear to be the senders of these emails are either spammers themselves or (alternatively) too stupid to properly secure their computer.

There isn’t much your sister can do, unfortunately.

Then how did it get sent to me? I have never seen that e-mail address before. Searching my gmail brings up no results. My sister and I don’t even have the same last name.

Coulda been the three of you (you, sister, the Yankee) were on the same CC list in some email, and they got cobbled together like how Donnerwetter describes.

My guess would be that your e-mail address and your sister’s address are both in the address book of the person whose computer was infected with malware, i. e. maybe a common friend or acquaintance.

Doesn’t have to be malware at all. Whoever sent that probably just connected your name and your sister’s name from gathering info almost anyone nosy enough could find on various social sites.

I get stuff like that occasionally. Sometimes “from” relatives, sometimes “from” people I don’t even know but have the same last name as me or a friend or relative. Gmail is usually smart enough to send it to the spam folder.

I did a search this morning on " How are you doing? I found an amazing site" and came across this thread. What interested me on the one my Dad received this morning is that “my name” is the one I use on facebook. I don’t have that listed in any email anywhere. And indeed the salutation for Dad was his first name on facebook. I think the origin of the bot was facebook data.

Interesting. I got one like that the other day from my daughter, but it obviously wasnt really from her.

Is your sister’s first name a pretty common one?

Occasionally I get spam mail purporting to come from me (as in, the From entry contains my first and last names, which are not very common, with an unrelated address such as <>). They probably figure I’ll read e-mail coming from myself. But clearly their database contains my first and last names with my e-mail address.

It would not cost the spammers much to try some common first names such as Nancy or Roger, with my last name, and hope it happens to match a member of my family.

I’ve used AdAware for years, on all my computers. I’ve read that you should use AdAware and SpyBot, together, as each will not always clean everything out. But the more I read about SpyBot, the more confusing it is, so I just stick with AdAware and make sure it is updated regularly.

It’s common, but we have different last names, so it had to be pulled from somewhere.

I’ve been getting a lot of these lately. They are putatively from someone I know and have exchanged email with, but from bogus or throwaway addresses. I have tried to map out whose account might be the source, from the combinations of people in it, but without success. I don’t get any from names I don’t recognize, which is the part that gives me a chill - they don’t just have the list of contact names, they have a meaningful history of exchanges, too.

I just joined this forum because I have been receiving the same type of spam for the past few months. The “from” name tends to vary, but I noticed it is ALWAYS the name of a Facebook friend. I am pretty certain it’s using Facebook friend names because one instance of the spam used a specific name my friend only uses for Facebook.

I believe we are receiving the spam because of a Facebook application we may have authorized to 1) Use our email address from our Facebook profile, and 2) Access our friends list. Which means it might be likely we all used the same Facebook application that is collecting or has collected our email address and names of Facebook friends.

I have already gone through all of my Facebook applications connected to my account and removed the ones I don’t use, but before anyone else does that, there might be a common application we all have installed. You can view your installed Facebook apps by going to Facebook, click the Settings menu (top right), and then clicking Account Settings. Then click “Apps” in the left column to see all of the apps you have installed.

ACH Virtual Bake Sale
Appcelerator Titanium
Facebook Studio
Graph API Explorer
Stack Overflow
(^a^) ~ Maki-san

Gmail is even smarter than that! It’s so smart, it even sends non-spam to my spam folder! Happened to me again just a few days ago.

The same thing happened to me a few years ago. Everyone was getting spam, supposedly from me. So I sent out the following message:

“Many of you have received spam with my name on it. Rest assured that it came from someone using my name. If I had actually sent it out, I sure as hell would not be putting my real name on it. So if you receive spam with another name attached to it, then you’ll know it’s actually from me.”