Log in

No account? Create an account

Previous Entry | Next Entry

I'm being spoofed

I keep getting mail delivery failure notifications. Someone (or more likely their pet virus) keeps trying to send a message to companies that I have never had any business with. I've never used Outlook with my current laptop, so unless the virus has infected the Hotmail servers and hacked my account, there's no way that the messages are actually coming from me.

The subject line of the messages supposedly sent by me reads, "Re: details."

The text of the body of the email reads, "See the attached file for details"

Attached is a 98k .pif file titled "your_documant"

Obviously, I have not opened the file to see what it is.

Does anyone know if there's anything I can do about this?


( 9 comments — Leave a comment )
(Deleted comment)
Aug. 26th, 2003 02:49 pm (UTC)
i'm not computer savvy enough to know if there's a connection between the two

Me neither.

but thought i'd point it out anyway to see if it made any sense to you.

It doesn't, but thanks.
Aug. 26th, 2003 03:14 pm (UTC)
I think it's a virus, worm or other virtual critter.
I've gotten tons of mail lately with regards to:
Thank you!
Your details
That movie
Your application
... all with attachments. I assume its like the "I love you" virus considering that some of it is supposedly coming from imdb.com and other domains I recongize.
Aug. 26th, 2003 03:37 pm (UTC)
If someone is using your hotmail email address as their return address, you may have some luck emailing hotmail abuse. They'll want a copy of at least one of the messages with all the headers. That probably won't fix it but it's worth a try.
Aug. 26th, 2003 04:03 pm (UTC)
I get them all the time at work, even though nothing is showing up in my sent folder.

I'm just ignoring them.

Altering the appearance of the sender in e-mail headers can be a
relatively simple process.

It's also really annoying for the victim.

The great thing is that people don't need to hack your hotmail account or outlook to impersonate you. They just need to know your e-mail address.

It used to be that you had to do a couple of Unix tricks to do this. It was the way I would send Scott Z. messages as Dale Cooper. Now anyone with a computer can do it online at a couple of sites. I've sent you a test that will make it look like you sent yourself an e-mail.

Open that e-mail and look at the message headers. You'll notice that they look weird. This is how you can tell that the e-mail was faked.

Spammers don't use web sites, however. It takes too long. Most of them have programs that they run in batches.

Right now, companies have started campaigns agains spoofing:


Some day, maybe, it will cost too much to do this.

The way to tell who REALLY sent a message is to look at your internet message headers (which can be turned on by clicking the "advanced" option of the "message headers" section of the Mail Display Settings which you can get to from the "options" category of Hotmail. I think they're displayed under the "message options" header

For things actually sent by me, my return-path comes from amazon.com, which matches my @amazon.com address

I sent a message to myself as myself using one of these tricks, and it showed my return path as coming from netfirms.com even though my address was still @amazon.com

My received path comes from amazon.com
My spoofed received path comes from psigh.com

So, even if the culpret can't be tracked, it can be proven that it wasn't sent by you.

I know this is kind of like, "That's silly Jimmy! Monsters don't hide under your bed! They hide inside your mattress!" However, you should feel a bit better knowing that your machine wasn't actually compromised.

Of course, someone may actually know more than me about all of this, so take everything I've said with a grain of salt.
(Deleted comment)
Aug. 27th, 2003 09:52 am (UTC)
Re: he he
We were big fans.

Still are, I guess.
Aug. 27th, 2003 05:09 am (UTC)
the virus takes random names out of your address book and sends mail to them from some OTHER random name from your address book.

so in effect, what is happening is that someone that has your address in their book has the virus, and the virus is sending people email with the virus as if it had come from YOUR email.

it's pretty ingenious. it took a while for me and my friend to figure it out, but as far as we can tell, that's it.

and don't worry, the returned mail doesn't or shouldn't have the virus attached. just be sure to delete that crap without reading it.
Aug. 27th, 2003 05:17 am (UTC)
Are you using some kind of e-mail program that keeps an address book on your hard disk? If so, create a bogus e-mail address that appears first in the list, e.g. "000 bogus worm buster".

Also suggest you grab the latest anti-virus software. I use Norton Anti-virus 2003, but there are other good ones too.
( 9 comments — Leave a comment )

Latest Month

August 2017


Powered by LiveJournal.com
Designed by Ideacodes