Brizy spam: can it be prevented?

[rgrosz]

Last week my wife got an email from one of her Gmail accounts inviting her to join the web site brizy.com. For some reason, she logged in using her Gmail name and password. The site immediately sent the same message out to a few people in her Gmail address book, including me.

The next time she loaded Gmail, she got a warning message in red near the top of the page. Gmail said that her account had been accessed from another state, and suggested she change her password.

We did that, and then I checked the WebRoot security logs, and re-scanned her system. It did not find anything. At that point, I assumed the problem was solved.

But last night she got an email from brizy.com again. And it apparently sent out another set of spam invites. I have attached a picture of the email I received, without the pretty pictures. EVERY link in that email looks like this:
(BRIZY web site)/rmd.php?a=l&v=3&q=(125 alphanumeric characters here)&vm=brizy-mta18

I did some Google searches on this Gmail / Brizy problem. I was surprised at how little information there was. The standard recommendation is to NOT open any emails from brizy.com. I downloaded MalwareBytes Anti-Malware and ran its scan. I also re-ran a WebRooot Secure AnyWhere scan, but netiher of these found anything.

I want to keep this from happening the NEXT time she gets mail from brizy.com. I flagged the mail she received as spam, but don't know if that is sufficient. I am hoping someone here has a solution, or can point me in the right direction.

[Paul T]

There is only one solution:
Do not accept invitations from email, ever.
Never log into a site you don't know using credentials form another web site.
Use a different password on every web site and store them in a free password manager.

Your security is up to you to maintain.

cheers, Paul

[ruirib]

I don't think you can prevent anyone from emailing you, other than flagging them as spammers. It will still end up in the "spam folder". Thing your wife's contacts will have to do the same.

[Doc Brown]

This is why you should use "throw away" e-mail accounts. I have a couple of them. Once I'm comfortable with a company, and decide I really want thier e-mail, I change it to my "real" e-mail address. If it doesn't work out, I just "throw away" the dummy account.

[rgrosz]

Yes, those are all good responses, and that is exactly what I do myself.

My wife tends to click first and worry about it later. I have to bail her out of some sort of malware problem every six months or so ...

[Mike Feury]

But last night she got an email from brizy.com again. And it apparently sent out another set of spam invites.

As described, this does not mean another infection or account hijack. Brizy probably harvested her email and associated contacts list the first time, and from now on will send periodic emails to her contacts using her as the 'From' address.

If it's practical, simplest fix is to get a new email address at Gmail--I assume it would be easy to transfer boxes and addresses. Then her contacts can blacklist her old address. If contacts start reporting her current address as a spammer, that might cause her problems.