• Dear Guest, and welcome to RailUK Forums. Our non-railway discussion forums are currently restricted until members have five or more posts, and you will not be able to make a new thread or reply to an existing one in this section until you have made five or more posts elsewhere on the forum.

Email Account Hack

Status
Not open for further replies.
Joined
23 Dec 2008
Messages
253
I believe something/someone has hacked my email account.

Outline
My computer has windows 10 installed.
I use McAfee Plusnet Protect supplied by my ISP, Which I constantly update and run.
I have used Spybot (Free Version) and just recently I used MalwareBytes, Both have run and have found no viruses.

The problem is my email account, I have been getting lots of messages of "Returned mail undeliverable", I have not sent these personally, so something within the email set-up is.

Simple question, I Hope, How to I get rid of the virus or sort this problem?

Anyone any advice?
 
Sponsor Post - registered members do not see these adverts; click here to register, or click here to log in
R

RailUK Forums

90019

Established Member
Joined
29 May 2008
Messages
6,692
Location
Edinburgh
If it's what I think it is, the simplest thing to do is change the password on your email account.
It sounds like it's someone gaining access to send spam to everyone in your contacts.
 
Last edited:

ComUtoR

Established Member
Joined
13 Dec 2013
Messages
7,248
Location
UK
Use a different (uninfected) computer to login to the isp's email
Change password

Check email (is it webmail based ?) online and send emails from the online client.

Delete email client and reinstall. Do NOT save the .pst files or any email settings etc. You want a clean install.


Does it affect all email ? Returned email is usually due to the receivers email not senders.

Which messages have been returned (are they to something dodgy ?)

Have you checked the sent email details ? You should be able to find sender and recipient details on the messages. I have windows 10 and the mail client merges my mailbox so my inbox may have my windows live email and my pop3 email.
 

trainmania100

Established Member
Joined
8 Nov 2015
Messages
2,201
Location
Newhaven
Ensure when logged in to your emails you have HTTPS in the address bar and not HTTP
Change your password to something of at least 8 characters containing one upper case and at least one symbol.
Blacklist any offending emails, and if possible, sign out of all devices. Some mail systems have a feature which enables you to log out everywhere.
 

tony_mac

Established Member
Joined
25 Feb 2009
Messages
3,623
Location
Liverpool
The first thing is to change your email password and make it is something very secure.
In most cases, spammers have just 'guessed' your password, and used your account to send emails - it isn't necessarily something on your computer.

This can also happen if some spammer has decided to use your email address as a 'from' address.
If that is the case, it will sort itself out in a day or two. It may happen again, though, not much you can do about it.
 
Joined
6 Mar 2010
Messages
75
I'd do everything outlined above - for safety in case you have a virus / malware, but bear in mind another possibility is they could simply be sending emails with your address from their servers / PCs - see https://en.wikipedia.org/wiki/Email_spoofing and (for example) https://support.google.com/mail/answer/50200?hl=en.

If you are getting mail back that includes the original email as an attachment, you may be able to use this Google App to learn more about where it is coming from https://toolbox.googleapps.com/apps/messageheader/.
 

Geezertronic

Established Member
Joined
14 Apr 2009
Messages
3,821
Location
Birmingham
I agree with the possibility above - it's not that your account has been hacked, but someone could be using your email for spoofing purposes. It is unfortunately very common for spammers to use their obtained list of email addresses not only to send To but also to spoof the From address as well.

Similar process can be applied to Facebook where someone takes your photos and creates a "duplicate" account with your identity. It's not that your account has been hacked, just the publicly accessible stuff has been nabbed to create a duplicate account. A friend of a friend suffered from this a couple of months ago

Quick note - spammers can obtain your email address from anywhere such as mailing lists you have subscribed to (even eBay or PayPal etc...), or even your forum ID on here so I'd advise not to have your forum ID as your email address
 
Last edited:
Joined
23 Dec 2008
Messages
253
Thanks to everyone for the advice.

My email address is set-up on 1&1 then forwarded to Yahoo mail, simply because I don't like the 1&1 layout and yahoo have an app to receive emails.

I have changed my passwords on both site's and have used the two stage security set-up on yahoo. Which I hadn't previously known about.

I'll give it a couple of days too see if this makes any difference.
 

maniacmartin

Established Member
Associate Staff
Senior Fares Advisor
Joined
15 May 2012
Messages
5,223
Location
Croydon
Sounds like a Joe Job to me. I have had this happen to me in the past, and whilst annoying it if this is the case it will probably subside in a few days.

From addresses in emails are trivially easy to forge and historically spammers have forged the From addresses using other addresses harvested from the internet. When the emails bounce, you get all the backscatter. Luckily recent tech introductions such as DKIM and SPF are making this less viable nowadays for spammers.

I'd also advise changing your forum username to not be an email address
 

swj99

Member
Joined
7 Nov 2011
Messages
759
Echoing what others have said, I guess it's probably just someone somewhere, sending emails out which appear to have come from your email address, even though they probably didn't.
There was a service available some years ago called Spoofmail, where customers could pay via paypal and then send emails, specifying what email address they wanted the email to look like it had come from. I notice it seems to have disappeared now, possibly because it was able to be used for underhand or illegal purposes.
 
Last edited:
Status
Not open for further replies.

Top