Ubuntu
evolution package

Unauthorized usage of my email account.

Asked by Stephen Smith

I have a problem. Somebody is sending unauthorized emails to my various email contacts (at least six that I am aware of) with an attached "Zip" file THROUGH my Hotmail account. These emails appear to be sent by me with no Subject line. I HAVE NOT sent my contacts any of these emails. My contacts think that I have acquired some type of virus. I, myself, have also received this same mysterious email. I always delete it because I didn't know who sent it, but I had NO IDEA that someone was using my Hotmail account to send emails to my contacts. On various occasions, I will also access my Hotmail account through the computers at our local public library.
Are there any recommendations for Antivirus detection and repair software? Are there any recommendations to correct this problem?
My system is an AMD K6-III cpu @ 333Mhz, 512 Mb Ram, 6 Gb hard disk, running Ubuntu 8.04. Ubuntu is my only operating system and I always downloaded the various upgrades suggested by Ubuntu.
Thank you for your help and suggestions. Stephen Smith.

Question information

Language:
English Edit question
Status:
Answered
For:
Ubuntu evolution Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
arochester (arochester) said : 		#1

I have seen this a few times. I think your email has been hacked. Change you password and it should stop.

Revision history for this message
GREG T. (ubuntuer) said : 		#2

this is one of the problem in using what is called a throw away account . after you change your password never access your Hotmail account through the computers at your local public library or any place like them . they do not have the security people need to be safe .

Revision history for this message
Sam_ (and-sam) said : 		#3

The issue regarding hacked hotmail accounts were presented all over the web.
Google query even brings up variety of howtos.

> because I didn't know who sent it

Well, Sarah Palin didn't either ;-)
The guy who was condemned now, said it took him few minutes finding out the answer to security question via websearch.
Prevention: gpg+brain1.0

You need to view the email with complete headers.
Lines in question are the 'Received: from...', where the last one is on top (usually from own mailserver, provider), so you need to read it backwards.
Look for implausible signs
e.g. does IP belong to domain, is the timestamp different to your mail provider and so on, compare headers of trusted and untrusted email to knowledge the differences.

If you find the abuse header line, you can forward the mail to e.g. abuse_at_domain, usually mainstream providers can receive it this way, or go to website of the domain and find the contact address for abuse.

http://en.wikipedia.org/wiki/Email
http://en.wikipedia.org/wiki/E-mail_authentication
http://wiki.answers.com/Q/How_do_you_stop_spoof_spam_email_from_your_own_email_address
http://clubhouse.microsoft.com/Public/Post/5b26dda1-16bb-4e08-9490-4d0e10fc7ad4

Revision history for this message
mycae (mycae) said : 		#4

email is not a secure protocol -- the from field can be faked and sent from anywhere to anywhere -- it provides not guarantee that the person who is claiming to write it is actually who has written it. There is often no verification that the email actually originated from the computer who is claiming that it is sent is even originating from the correct side of the network.

If you want bullet-proof email, you have to use encryption or digital signatures to prove authorship, however most consider this to be too inconvenient to bother. (https://secure.wikimedia.org/wikipedia/en/wiki/Digital_signature). The reality is that most people simply delete emails that look suspicious, or sound like they were not written by the author (really bad grammar, obvious typos, difference in email presentation, unsolicited attachments).

Revision history for this message
mycae (mycae) said : 		#5

P.S. Your email is unlikely to have been hacked, however changing your password may be prudent for a belt-and-braces approach.

You can send an email purporting to be from your account, to or someone else's account. There are valid reasons for doing this -- for example if you are using several mailing accounts, and want to make people reply to the correct account (eg forging your home email address when you send email to your friends from work -- replies should be sent to the home account (there is the reply-to field, but sometimes this is ignored)).

Can you help with this problem?

Provide an answer of your own, or ask Stephen Smith for more information if necessary.

To post a message you must log in.