Results 1 to 8 of 8
  1. #1
    Star Lounger
    Join Date
    Dec 2009
    Location
    South Carolina, USA
    Posts
    77
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Like the title says, I got an email from myself in my IMAP inbox. I use Outlook 2007 to download my AOL mail. I hate to think thousands of people are getting spam from me. Is it likely that someone Phished my AOL password? I am always very careful to avoid getting hooked like that, and I sure as heck didn't type in my AOL password. The spam link in it was lampapple.com

    Here is the header:
    Return-Path: <envision@lion.equinoxx.com>
    Received: from mtain-ma01.r1000.mx.aol.com (mtain-ma01.r1000.mx.aol.com [172.29.96.9]) by air-db05.mail.aol.com (v126.13) with ESMTP id MAILINDB054-86994b65cd479d; Sun, 31 Jan 2010 13:34:48 -0500
    Received: from 93-114-164-227.energydot.ro (unknown [93.114.164.227])
    by mtain-ma01.r1000.mx.aol.com (Internet Inbound) with SMTP id 5379B380000D1;
    Sun, 31 Jan 2010 13:34:34 -0500 (EST)
    Date: Mon, 01 Feb 2010 00:31:02 +0600
    Subject: You can wear Vacheron Constantin watch now
    From: <myname@aol.com>
    To: <myname@aol.com>
    Message-ID: <Iew28C9HCF.3hu7czmwneurknrusty@aol.com>
    X-Mailer: Mozilla/5.0 (Macintosh; U; PPC; en-US; rv:1.3.1) Gecko/20030701
    Content-Type: text/html;
    Content-Transfer-Encoding: 7Bit
    x-aol-global-disposition: S
    x-aol-sid: 3039ac1d60094b65cd3a2a0e
    X-AOL-IP: 93.114.164.227
    MIME-Version: 1.0


    What do y'all think about this?

    Thanks,
    Rusty

  2. #2
    Administrator
    Join Date
    Mar 2001
    Location
    St Louis, Missouri, USA
    Posts
    23,572
    Thanks
    5
    Thanked 1,057 Times in 926 Posts
    It is more likely that someone you have e-mailed has been hacked and your e-mail address was harvested from them. It is trivial for a spammer to change the "from" part of the email header or any part of the header for that matter.

    Joe
    Joe

  3. #3
    Star Lounger
    Join Date
    Dec 2009
    Location
    South Carolina, USA
    Posts
    77
    Thanks
    0
    Thanked 0 Times in 0 Posts
    So if that's the case, changing my AOL password would accomplish nothing. I will notify AOL, but I expect that will also accomplish nothing.

    Thanks for your reply.

    Rusty

  4. #4
    3 Star Lounger jockmullin's Avatar
    Join Date
    Dec 2009
    Location
    St-Eustache,QC,Canada
    Posts
    239
    Thanks
    10
    Thanked 21 Times in 20 Posts
    The bit of interest in the headers would be:
    "Received: from 93-114-164-227.energydot.ro "
    That looks like somewhere in Romania.
    According to www.ripe.net/whois, that IP is in a range allocated to:
    inetnum: 93.114.160.0 - 93.114.167.255
    netname: SC-ENERGY-DOT-SRL
    descr: SC ENERGY DOT SRL
    descr: Str Grigore Alexandrescu, Nr 56,
    descr: Sector 1, Bucuresti Romania

    Of course the IP address may be totally bogus.

    Suffice it to say it did not originate in your AOL account. All this means is someone got your email address from somewhere. It is a frequent tactic of spammers to send to you from your own email address in the hopes of thwarting local spam filters.

    I would say this is nothing to worry about, beyond the mild concern of that somehow they got your email.

    Jock

  5. #5
    Star Lounger
    Join Date
    Dec 2009
    Location
    South Carolina, USA
    Posts
    77
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Thanks, that makes me feel better. I did not know the headers could be tampered with. Email protocol is something I've never learned much about.

    Rusty

  6. #6
    New Lounger
    Join Date
    Dec 2009
    Location
    Silkeborg, Denmark
    Posts
    10
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Forging the "From" header in an email is as easy as forging the sender of a real paper letter. The SMTP protocol was never designed with authentication in mind.
    Cheers,
    Peter

  7. #7
    New Lounger
    Join Date
    Dec 2009
    Location
    Silkeborg, Denmark
    Posts
    10
    Thanks
    0
    Thanked 0 Times in 0 Posts
    By the way, spoofing sender data is so common it even has a name, a Joe Job. There's no real protection against it, but some email service providers do offer backscatter protection so you don't see the effects of someone having used your email address as the sender address on their spam messages.
    Cheers,
    Peter

  8. #8
    Star Lounger
    Join Date
    Dec 2009
    Location
    South Carolina, USA
    Posts
    77
    Thanks
    0
    Thanked 0 Times in 0 Posts
    People sure do spend a lot of time making the world worse for everybody. Not that I just now figured that out.
    Thanks for the replies,
    Rusty

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •