e-mail account password stolen

[Cochise]

Some months ago I received a spam email from myself

I mean the mail was sent from my free mail account address at virgilio.it (a telecom italia service) to the same address. Obviously it actually wasn't me the sender.
I never write down login data and similar altough I trust the people closely around me, so being the password an easy one (just a simple dictionary word of 6 letters) I changed it with a more complex one.

Some time later I received another mail from myself .
This time the spam was about cheap drugs.
I useless browsed the provider site looking for the way to withdraw the account.
Googling about I known from other people that a fax communication is needed for the account cancellation, but people that had sent it received after some time a communication asking for the whole data of the ISP account to be cancelled.
Answering that there's no ISP account associated to the free mail box, it come out that the related cancellation procedure is unknown to the provider operators.

I browsed to the police's site to file a charge.
I had to subscribe a quite complex account, to fill a quite complex charge form (that besides do not include informatic crimes, it's just for theft or loss of objects) and, more than an hour after with this, senting the charge I was informed that in the next three days I had to go to the police station to validate the charge....
Considering the time I already wasted with this issue I deicided to forget it.
I just changed the password again.

Today I recived a new mail from my same account

Really don't know what I can do.

[Cochise]

Just wanna add:

I've other mail boxes I currently use beside that one and nothing similar happened with these.

I can't understand why anyone expert enough to stealing passwords then go to send spam to the same mail box invaded...

It's just like a f*cking joke!

[H-Rave]

Have you done a virus scan recently you probably have a trojan horse on your computer.The e-mail is probaly being sent from your own computer.

[Cochise]

I have to check. My AV isn't really updated.

But free mail boxes here can't be entered with clients, just from web.
There's no account set in Outlook in my machine...
Besides, I never save passwords when asked from browser and I've Firefox set for clear private data at every shut down..

[Nestor]

This could be caused by a thread in your own computer, as suggested above, or it could be generated in the server, through very complex programs that still the information, but are nevertheless inside the server itself. So they can handle the information there, but cannot give it to any source whatsoever. The password can be stilled “inside” the server, but cannot be written in any way to third party programs outside the server.

I would suggest you to try the Norton AntiBot, which will work for 30 days, this works in real time and it is very good at stopping this kind of abuses. Then you definitely need to install a “serious” antivirus like NOD32 or any other full featured one, and check ALL your drives with the highest security settings, deep scanning.

Anyway, if I was myself in your skin, I would for sure close this bloody account, and would create a new one, somewhere else. One of the recommended ways to go is Gmail, it works pretty well, and it is very secure because it is based in Ajax technology, and because they are very restrictive about .exe files and the so.

Good luck anyway

[synthetic88]

I get these once in a while, but I just assume they're using one of the email addresses in their library as the "from" account, and my lucky number was up. I use Macs so I don't think it is a virus. I wouldn't panic just yet.

[garyb]

seen it before.

an email can be sent with anything in the "from" box if you know how or have your own smtp server.....it's just a way around the spam filters and has nothing to do with you.

[kensuguro]

there's an antivirus software called AVG, it's free for home use, and kicks norton in a serious way. Actually, my machine got infected a while back, and norton wouldn't install, so I had to use AVG to clean my PC first. And when it found everything an cleaned it, I though, well, why would I need Norton when AVG does the job just fine... it's so much lighter than norton. And I've switched to AVG since then. Seems to get the job done very well. (recommended all over the place)

[Me$$iah]

And i second said recomendation

AVG does fine for me, and its free.

All in all - a result

[garyb]

yeah, AVG is good. i also like AntiVir...

but antivirus alone isn't enough, you also need anti-spyware. Spybot Search and Destroy combined with Spywareblaster and either AVG or AntiVir and you'll never have problems(if you keep the programs updated).

[astroman]

sorry for the confusion, Cochise, but there's absolutely nothing to be worried about.
It just happens (as already mentioned) and it is meaningless.
You can use any 'sender@from.some.where' address in the mail header, anyone can do that - no spyware or special knowledge required.
Ignore and trash, that simple
I occasionally get some spam from one of the office staff, who doesn't even use that account to send mail - I know for sure, because it's our own mailserver inhouse.
Spammers just fake the 'received from' label.
You might check the full header content for the path the message took, but it doesn't change much, as there's nothing you can do about it anyway.

cheers, Tom

[Cochise]

Thank you all guys.

I'll install AVG and update Spybot SnD, Lavasoft etc.

@ synthetic, garyb and astroman:
It's very likely that someone is using my address in the sendbox. That mail box is very spammed at now...

Just wondering about the way to publish that address in many spam filter lists as it possible, then subscribe a new mail box using just a nick in the address instead of first and last name like the one in question.

What a evil thing! Impotent to take away my own e-address from the hands of viagra spammers!

....

[Cochise]

there's absolutely nothing to be worried about.

I know it's a remote hypotesis, but it could be a really nasty thing if such e-mails will be sent to anyone i'm in trouble with.

[valis]

People who are online and technically literate will be aware by now that spam sender addresses are always forged (not sometimes but ALWAYS) and emails that 'look like' they're from a friend but contain spam are fake. This is why people often put their email addresses in publicly viewable forms like:

email AT address DOT com
email#address.com (replace the # with @)
etc

This keeps spammers from being able to comb websites and forums with simple scripts to farm their email address (which is most likely how your address was collected).

[Cochise]

Ok , I'm less worried now about the consequences this kind of things could bring. Thank you mates.


However there's a detail I'd forgotten.

Alhtough in the mail info it looks like the last of these messages was really sent from a different account, some time before I received a delivery status notification about a mail I never sent.
I 'm posting the screenshots in hope anyone can help me to better understand.

In the first two addresses appear. Are the postmaster communicating me that the message anyone sent from by account was not able to reach the addresses or what?

In the second screenshot the return path carries an address different from mine...

[garyb]

the second one is your basic spam.

the first is a trick to get you to check the virally infected attachment. delete both.

[astroman]

I don't think so
the error is a mailbox capacity exceeded (not uncommon...)
a spammer is using Cochise's email as sender adress (just the letters), so any error on a destination account will bounce back to him.
trash and ignore, there's nothing to worry about - and there is no need at all to ever open an email that you cannot explain either ... trash it unread

cheers, Tom