Problem with email spamming
-
Problem with email spamming
I have a friend with a hotmail account who is suffering spamming attacks. She only accesses Hotmail through the browser - does not use the Windows Mail or Live Mail clients. I had her scan the system with MBAM which found and cleaned up some stuff (though I didn't see the log). I followed up later via remote support with Hitman Pro and TDSSkiller. I ran disk cleanup and Ccleaner to dump the browser caches, temp files and restore points. The scans are coming back clean and I'm not observing any of the usual behaviors associated with resident malware, however the spamming continues. I wonder if her email address has been hijacked/spoofed and the problem is out of her control at this point? She continues to see spam messages sent to her contacts that appear to originate from her account, but of course don't. She was pretty unhappy when I told her she might need to change her email address. Can someone kindly explain the attack vector and suggest a course of action? TIA
-
-
I assume you've already advised her to change her password from a known clean pc.
And, regarding the solution, i'm not sure. I'll try to find some solution tomorrow. Gotta sleep now. Wait, just give Norton Power Eraser a try.
But tell her to be careful, it may produce false-positives.
Regarding the attack vector, your friend's email might have been hijacked and her pc has become a part of a botnet and so the spams.
-
Did you tell her to change her password??
-
-
It's actually best to that close that account and open a new one with a new password.
-
I would advise her to change her password at the very least. Better still, create a new account and only give the contact information to trusted people, i.e. those whom she wants to have it. Secondly, get her to setup Outlook/Windows Live Mail or one of the other Email programs as her client. These clients are more sophisticated than the web interface and they can be configured to automatically trap and deal with most SPAM messages. Tell her to only use the web interface if for some reason the other access method fails.
-
Probably just safer to change the account, hotmail addys are a dime a dozen, so to speak.
Also, don't answer the password recovery questions with accurate answers. Generic questions such as "What was your schools mascot" and "What was your fathers name" are all easily Googled.
-
-
I suggest she close the email account that is giving her grief.
Things for her to remember in the future -
1.Stop posting her main e-mail address on a public forum or website. It is estimated that 95% of all junk e-mail is caused by a person publicly disclosing his or her e-mail address.
2. Avoid: Popular newsgroups etc- robots often scour these lists for addresses.
Chat rooms like Yahoo Chat etc- spammers or spam-bots are actively mining in popular chat rooms.
3. Use spam blocking tools. Most web-mail providers offer them, or you can download one.
4. Use disposable addresses to identify and shake off sources of spam.
Have one main account, and give this address to limited / trusted people only.