Results 1 to 13 of 13
  1. #1
    New Lounger
    Join Date
    Aug 2012
    Posts
    14
    Thanks
    2
    Thanked 0 Times in 0 Posts

    Spam from Yahoo account coming to my Comcast.net account

    Yahoo Help was no help at all. It just doesn't have an answer for my problem.
    By now I got yahoo email from *apparently* a friend and 3 others from a relative. I asked the relative and she said she didn't send the mail. The "friend" mail was from a yahoo account like the "relative" emails and resembled the "relative" emails.

    Is there some way to get Yahoo to look into this problem? Or should I try some other company or agency?

  2. Get our unique weekly Newsletter with tips and techniques, how to's and critical updates on Windows 7, Windows 8, Windows XP, Firefox, Internet Explorer, Google, etc. Join our 480,000 subscribers!

    Excel 2013: The Missing Manual

    + Get this BONUS — free!

    Get the most of Excel! Learn about new features, basics of creating a new spreadsheet and using the infamous Ribbon in the first chapter of Excel 2013: The Missing Manual - Subscribe and download Chapter 1 for free!

  3. #2
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    2,138
    Thanks
    102
    Thanked 208 Times in 181 Posts
    Be careful with the first few levels of Yahoo! Support, you, or your friends, may get blocked by Yahoo!; they really don't understand how these spoof emails and hacks work, often the innocent get blamed and blocked.

    Get the full headers of the spam emails and input them into a good email tracker like http://www.ip-adress.com/trace_email/, this should allow you to work out the originating IP, whether the email was sent via webmail or a program and you should be able to work out the OS it was sent from too.

    I'd advise you and your affected friends to get to a malware help forum and have the computers checked over, bleepingcomputer, majorgeeks, techsupportforum, etc. in case one or more of you are infected.

    It only takes 1 chain email to harvest thousands of related email addresses, never reply to them. As a general rule, always use BCC not CC when sending to multiple contacts.

  4. #3
    New Lounger
    Join Date
    Aug 2012
    Posts
    14
    Thanks
    2
    Thanked 0 Times in 0 Posts

    yahoo spoof email

    satrow, thanks for responding! I put the email header in the malmail analyzer as per your suggestion. It came from an Argentina ISP. I don't know what to do next.

    Here's the header, except I replaced the relative's name with "<relative>"

    Return-Path: <<<<removed as per advice from satrow>>>>
    Last edited by socampbell; 2012-08-08 at 16:41.

  5. #4
    New Lounger
    Join Date
    Aug 2012
    Posts
    14
    Thanks
    2
    Thanked 0 Times in 0 Posts
    rats, parts of the previous email was replaced by a smilie. I must have done something wrong.

  6. #5
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    2,138
    Thanks
    102
    Thanked 208 Times in 181 Posts
    There is (Recent Login Activity under the Security section of Account info) a page to check recent logins on Yahoo, get your relative to check it and see if that Arg. IP (or any other strange one) actually logged into her account or not.

    Your relative needs to change all passwords that might be related to that Yahoo! email address, include any banking, PayPal, Amazon, FaceBook, online games, etc, that might be associated with it as it looks like someone 'guessed' the password and sent the email(s) via webmail. Then get her to run the anti-malware detection scans from one of the above forums to ensure her machine isn't infected.

    You'd better edit the contents of the email in your last post to remove email and IP addresses now.

    Was the email just spam or a phishing attempt or did it have anything attached? Have you checked the full headers of the email 'from' your friend to see if the time/dates/IP's match?

  7. #6
    New Lounger
    Join Date
    Aug 2012
    Posts
    14
    Thanks
    2
    Thanked 0 Times in 0 Posts
    satrow, I edited the post as per your suggestion. I have not checked the time/dates/IP matches yet, but I did check the return addresses. I saved 4 of the strange email. Each has a different return address, all Yahoo email addresses, 4 of them. I do not know my relative's actual yahoo address. I doubt my friend has a Yahoo address, her email to me has been from another service. Maybe if I listed those return addresses, someone might recognize one or more of them.

  8. #7
    New Lounger
    Join Date
    Aug 2012
    Posts
    14
    Thanks
    2
    Thanked 0 Times in 0 Posts
    I ran 3 of the spoof email through the malmail analyzer that satrow suggested. It's sorta like Where's Waldo. Argentina, Thailand, Vietnam.

    I want to display details, but maybe that's unwise.

  9. #8
    New Lounger
    Join Date
    Aug 2012
    Posts
    14
    Thanks
    2
    Thanked 0 Times in 0 Posts
    Oh, forgot. My relative said, *no* Yahoo email account. I do have a Yahoo email account, and maybe I should cancel it.

  10. #9
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    2,138
    Thanks
    102
    Thanked 208 Times in 181 Posts
    So the email return addresses were spoofed and the emails themselves were probably sent via proxy servers or spambot machines. Not much you can do about it, once your email addresses are in the public domain, you're going to get hit with these things.

    Whatever you do, don't neglect to follow the methods outlined by a good malware forum to detect any infection once you suspect something is amiss, likewise, change all your passwords.

  11. #10
    New Lounger
    Join Date
    Aug 2012
    Posts
    14
    Thanks
    2
    Thanked 0 Times in 0 Posts
    Thank you for the advice.

  12. #11
    Lounge VIP bobprimak's Avatar
    Join Date
    Feb 2009
    Location
    Hinsdale, IL, USA
    Posts
    2,306
    Thanks
    138
    Thanked 113 Times in 97 Posts
    Yahoo has been having internal security problems for several months now. In addition to over 250,000 email passwords being leaked (I'm sure you've seen news reports about this one) there have been numerous incidents of contacts lists being used to send malicious spam. It happened to me twice in the past three months, even after I changed my Yahoo password. The spammers have infected Yahoo's own servers, or simply hacked into unhashed (unsecured) databases within Yahoo. This is a Yahoo problem and users who still need Yahoo accounts (for Yahoo Groups or such services) are simply going to have to put up with Yahoo's complete incompetence at in-house security.

    http://bits.blogs.nytimes.com/2012/07/12/yahoo-breach-extends-beyond-yahoo-to-gmail-hotmail-aol-users/

    http://www.csoonline.com/article/710804/yahoo-security-breach-shocks-experts

    http://news.yahoo.com/dropbox-admits-recent-security-breach-led-spam-attacks-013052216.html

    http://money.cnn.com/2012/07/12/technology/yahoo-hack/index.htm

    S
    o you can see how bad things are at Yahoo. A sure sign of a dying enterprise. If the rumored merger deal with Alibaba ever gets approved, things are sure to get worse at Yahoo. Alibaba is a Chinese company whose security reputation is even worse than Yahoo. And Alibaba servers reside behind China's Green Dam Firewall. YECH!!
    -- Bob Primak --

  13. #12
    New Lounger
    Join Date
    Aug 2012
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Hi,
    One day I received an email from myself - from yahoo - sent to my comcast email.
    I went to my yahoo account. I hadn't logged in months, if not years. It seems
    that my address book had been hacked as I was the ONLY name in my address
    book. I changed my password for yahoo and left my comcast address as the only contact
    in the address book.

    It's been a while now and everything is OK.

  14. #13
    5 Star Lounger
    Join Date
    Dec 2009
    Location
    Slough, Berkshire UK
    Posts
    918
    Thanks
    52
    Thanked 52 Times in 50 Posts
    you could set your only contact as your yahoo address then only use Comcast.
    Clive

    All typing errors are my own work and subject to patents pending. Except errors by the spell checker. And that has its own patients.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •