I’ve got a Yahoo mail account that I use for the rare instances I need to use an e-mail address on-line or to sign up for something. I rarely check it, and basically consider it a spam catcher.
Anyway, I go to check it today, and see a large number of messages (46) in my Yahoo bulk folder. I check them out, thinking they are spam.
Nope, they are ALL “Delivery Status Notification (Failure)” messages.
I open one and find the following:
This is an automatically generated Delivery Status Notification.
The clincher is that the end of the message contains HTML graphics of electronic items, what appears to be japanese text, what appears to be an ordering form.
All of teh message are slight variations of the same thing, different products and different failed recipients (all of which are variants of my yahoo addy).
Now I’m panicked (and f***ing pissed off) that my PC is being used as a spam relay.
The problem is I’m computer savvy enough to know what might be going on here, but not enough to determine for sure. So, couple o’ questions.
Is this a sign that my PC is compromised? Is it possible that my address only has been hijacked? I looked in my “sent items” folder and there is nothing, so I’m thinking that maybe the spammer just spoofed my adress to make it look like I’m sending these. If so, fine. I’ll close the account, no loss. My main concern is that my home PC is secure.
If I do have a worm/trojan/bot running somewhere on my machine, how do I find out and then how do I get rid of it?
how could this have slid in? I’m pretty careful about security. I have a firewall (ZoneAlarm), regularly update antivirus software, regularly run AdAware and Spybot, and don’t open suspicious e-mails. Even more strange, I haven’t done anything with this e-mail account in months that would unleash a worm, even if I wasn’t careful.
Almost certainly this is another computer entirely, sending out spam or virus-attached emails, and spoofing your address as the reply-to field. There’s no reason whatsoever for you to worry, as long as nothing else untoward is happening with the account or the computer.
Unlikely. Delivery status notification failure (or mail delivery system :Undeliberable) is one of the known trick subject lines used by spammers. I could be wrong but I suspect these messages are just examples of that trick.
Incedentally I have ‘hanmail.net’ in my spam detector list.
And since Yahoo is web-based, it almost cannot be your computer. It’s probably as GorillaMan said, they just used your address. At worst, they guessed your Yahoo password. Couldn’t hurt to change the password, if you haven’t already.
GorillaMan has pegged it. Spammers’ email software allows them to put whatever they like as a return address on their spamvertisements. (There’s very little risk someone hacked into your Yahoo account.)
This happened to me last summer, and I was quite peeved about it, personally.
You see, I use my yahoo account primarily as a return address when job hunting, and now that address is attached to a couple bazillion “herbal viagra” emails floating around the internet. So if a prospective employer decides to google me using my email address, they’re going to think that I’m a shill for penis pills…
I sent a complaint to Yahoo, but got no reply.
However, they and Earthlink and other large providers have filed suit against major spam advertisers, accusing them of email fraud. So they may be interested in at least keeping track of what is being done to whom and how, so send them a note telling them that someone is using your address as a return address for mass unsolicited commercial email.
And keep an eye on your inbox so you can apologize to anyone who replies. I sent out about a dozen apologies in response to complaints that landed in my inbox. In a couple cases, the person on the other end didn’t believe me and still thought I was the spammer… so they “plonked” me in response to my apology.
Ha… I would have never emailed them anyway. No big loss.
It just a random thing and it will go away soon. The same thing happened to me with the email that I use for the SDMB. One of the monkeys with a typewriter came up with ‘hajario’ randomly one day and spoofed me.
It’s a bit more interesting than what has been said so far.
Way back in The Golden Days of The Net, mail servers were by default set up to relay mail. Spammers used this to route their spam thru them in order to make finding the source harder. So most “open mail relays” have gone away (although places like China still have too many).
So the spammers turned next to another feature of mail servers: If a server gets mail that it can’t deliver, it bounces the message back to the sender. So all the spammer has to do is send deliberately undeliverable mail to such a server with you listed as the sender. So their spam goes to the server, gets bounced and ends up in your email box. Since the subject lines usually don’t indicate if it’s really your bounced mail or not, many people are inclined to read it, thinking their email to Nana has bounced.
People running mail servers are catching on to this and are changing the settings so the mail is only bounced back to the actual source domain. But like with “open relay servers”, it’s taking a while to get everybody to reconfigure their server. Every now and then a spammer finds another unfixed server and bam, we get a bunch of bounced spam.