Skip to comments.
I am sending spam
vanity
| 06/10/06
| self
Posted on 06/10/2006 7:59:10 AM PDT by FarmerW
I hope this isn't a dimwitted post, but I am having a computer issue. I was just discussing it with my mother who brought up the issue of terrorism and spam. Her IT guy swears it is going on. Curious what other people think. Let me explain my problem.
I changed isp's at the beginning of the year. When I left my old isp,they offered me a one time charge of $20 to keep my email address. It would only be able to receive emails, not send. I thought this was handy until I got all my contacts updated to my new address. If it wasn't for this I wouldn't have a clue what my computer was doing now.
Five days ago, I began receiving email failure notices when attempts where made to send outgoing email on that old incoming only email address. These failed outgoings where being sent to people I didn't know and had never received email from. They were also going out at times I wasn't actively on the computer. They orginally listed my first and last name as the sending. Over the past few days my name is altering with new last names in the send attempts.
The "terrorism" part comes in with the body of the email. They are all oil or gas penny stock tips. When I researched a couple of the names, I found that these were legitimate companies. One of the company had info on the situation and disavowing themselves from the emails. I have read some stock type sites that say these spam emails are threatening to tank the stock prices of these legitimate companies because people now believe, due to the spam, that the companies are involved in fraud.
Is this what terrorism to effect US oil companies would look like? Is there such a thing?
As an side, no program can find the virus on my computer. Hopefully someone will figure it out soon and I am really worried whatever it is I have will act like a beacon and draw more attacks on my computer.
TOPICS: Computers/Internet
KEYWORDS: email; oilstock; sabatoge; spam; stocktip
Navigation: use the links below to view more comments.
first 1-20, 21-27 next last
1
posted on
06/10/2006 7:59:13 AM PDT
by
FarmerW
To: FarmerW
If the E-mails are going out when you aren't on your computer, how is it your computer's problem? Sounds like your old provider has a problem.
2
posted on
06/10/2006 8:02:48 AM PDT
by
saganite
(Billions and billions and billions-------and that's just the NASA budget!)
To: FarmerW
They are all oil or gas penny stock tips. When I researched a couple of the names, I found that these were legitimate companies. The companies ARE legit, but they are being touted by these spammer scammers. The spammers flood the net with great "news" about company XYZ, people buy the stock, driving up the price, the spammers sell out, and everyone else is left holding the bag, because the value wasn't really that high.
As for WHY you're sending it out, it's because your box is being used as a mail relay. Even if you don't have a virus, you have ports open and the spammers know about it.
3
posted on
06/10/2006 8:03:40 AM PDT
by
Izzy Dunne
(Hello, I'm a TAGLINE virus. Please help me spread by copying me into YOUR tag line.)
To: saganite
My computer is rarely, if ever, shut down. It is just in rest mode. A habit I have now stopped. I assume that is why it can happen.
The "sent" emails don't show up in my sent box. I would have no way of knowing about them if it wasn't for the fact they were failing.
4
posted on
06/10/2006 8:05:37 AM PDT
by
FarmerW
("We have the freedoms we fight for, and we lose those we don't defend." -Rushdie)
To: FarmerW
Based upon this statement
Five days ago, I began receiving email failure notices when attempts where made to send outgoing email on that old incoming only email address. These failed outgoings where being sent to people I didn't know and had never received email from. I would summize that your old ISP has a virus, and is sending everyone who ever sent or received an email, these messages on each of their accounts. If you ran an up-to-date virus scan; the chances are that the fault is not with you.
However, one question remains .... "are you on broadband?", and if so, "Are you using a Router?"
I have indicated this in the past, and will do so again for your benefit. One cannot over-emphasize the importance of purchasing a $30 Router from Wal-Mart if you are using Broad band.
5
posted on
06/10/2006 8:06:15 AM PDT
by
Hodar
(With Rights, come Responsibilities. Don't assume one, without assuming the other.)
To: FarmerW
What happens is that some spammers will steal an email address and use it as a the return address on their emailings.
This doesn't require them to have access to the server on which the email address resides, or to the ISP's network, or to your computer. Just as anybody can send a letter via USPS using a fake or stolen return address, the same can be done with email.
6
posted on
06/10/2006 8:06:19 AM PDT
by
coconutt2000
(NO MORE PEACE FOR OIL!!! DOWN WITH TYRANTS, TERRORISTS, AND TIMIDCRATS!!!! (3-T's For World Peace))
To: Izzy Dunne; FarmerW
Yes - plus the stock tips arrive in the form of attachedimages so you can't even screen to elimate words in the text/body.
7
posted on
06/10/2006 8:07:49 AM PDT
by
bwteim
(bwteim = begin with the end in mind)
To: coconutt2000
That makes me feel MUCH better! Making sure I understand you correctly. A spammer stole my email address and is sending out emails from their computer using it? There is no virus on my computer? They don't have access to my computer, just my email address?
Still isn't it odd that they are targeting oil and gas stocks?
By the way my old isp is earthlink.
8
posted on
06/10/2006 8:09:54 AM PDT
by
FarmerW
("We have the freedoms we fight for, and we lose those we don't defend." -Rushdie)
To: bwteim
elimate = archaic form of eliminate, obliterate, erase...
9
posted on
06/10/2006 8:10:21 AM PDT
by
bwteim
(bwteim = begin with the end in mind)
To: FarmerW
I wonder if earthlink SOLD your email address to spammers. You might want to contact them and raise a little hell.
10
posted on
06/10/2006 8:19:38 AM PDT
by
wizardoz
To: FarmerW
Five years ago, when I was on dial-up, I began to notice my email program trying to dial out frequently when I wasn't connection (and wasn't myself trying to send an email).
After some checking, I discovered that I had some kind of email virus. It would try to send some file out. But, it would erase the file either after it was sent or if it got interrupted. So it was difficult to track down. I had to disconnect the phone cable to keep it from dialing.
I ended up having to reformat and reinstall in order to rid myself of the problem.
Run a good virus program to see whether you have a virus.
[Many people on dial up fail to run virus programs or keep them updated because they think they are immune, being on dial up. They aren't. A virus can sneak in via email or web page or messenger, and they may be tiny in size.]
Anyone who has your email address may have been infected or it may be your computer. Some email viruses spawn emails based on every email in the victim's address book. It accumulates other from other victims, too. So it can be acquiring email address from your computer AND sending out a compilation file of date from your computer.
The point is, email viruses are not mild and can collect and send your personal info out. That may be a compilation file just to screw up others' email or it could be a data mining group collecting passwords, credit card numbers, etc. They are not benign, especially if you have any kind of personal/business information on your computer.
11
posted on
06/10/2006 8:20:13 AM PDT
by
TomGuy
To: FarmerW
Still isn't it odd that they are targeting oil and gas stocks? By the way my old isp is earthlink.
That's really interesting. I get several of those penny stock tips every day. I never received any spam until I switched to earthlink. Their spamblocker catches all of them, but I still have to sift through them for any legit email caught by mistake. It's likely that the spammers are targeting earthlink because of their size, and you (and me) just got caught in the fray.
12
posted on
06/10/2006 8:26:01 AM PDT
by
The_Victor
(If all I want is a warm feeling, I should just wet my pants.)
To: FarmerW
My ISP email gets all kinds of spam. Some are to my addy, and some are to every addy in the ISP files.
I use a pre-viewer to check all email before I ever download it and open it.
Mailwasher is one such program that is very good.
http://mailwasher.net/
Another (I have not tried it; it is new) is advertised as free and stops spam is Comodo AntiSpam
http://www.comodogroup.com/products/antispam.html
13
posted on
06/10/2006 8:26:26 AM PDT
by
TomGuy
To: FarmerW
It is difficult to diagnose this problem without specifics, like the headers of one of the bounce mails. If you post that, someone can tell you if the emails are in fact coming from your computer or if someone is forging your address.
Generally, spammers will compromise a machine and use the address book of the compromised machine to randomly forge the headers of the spam that they are sending. So, it could be someone else's computer sending the spam and that computer had you in the address book. Viruses do this as well.
Many spammers will use custom code and write their own backdoors that will go under the radar of your antivirus program.
Are you using a firewall on your computer?
To: TomGuy
I have up to date firewalls and software and multiple adware programs. They have found nothing. Talked to people in my address book, they have received nothing. I have a really small address book. The email address being used isn't even my default.
It makes more sense now, that it isn't on my computer at all but my old email is being used by someone at another location. I am still going to unplug my computer when I am not using it and keep searching it for a few days and see if anything comes up.
15
posted on
06/10/2006 8:28:18 AM PDT
by
FarmerW
("We have the freedoms we fight for, and we lose those we don't defend." -Rushdie)
To: Hodar
What does the router do for you? I recently switched to bb
16
posted on
06/10/2006 8:35:13 AM PDT
by
digger48
To: perfect_rovian_storm
Is this the header? (I am x'ing some info on for privacy) ----- Transcript of session follows ----- ... while talking to mail.value.com.au.: >>> RCPT To: <<< 550 unknown user 550 5.1.1 ... User unknown -------------------------------------------------------------------------------- Return-Path: Received: from sxxxx.fxxxx.com.au (sxxx.fxxxxx.com.au [172.1xxxxxxx]) by oxxxx.fxxx.com.au (8.13.6/8.13.6) with ESMTP id k5A52GgZ00xxxx for ; Sat, 10 Jun 2006 15:02:16 +1000 Received: from RExxx.jexxx.net ([61.1.21xxx]) by sxxxxx.fxxxxx.com.au (8.x3.x/8.xx.x) with ESMTP id k5A51jMs02xxxx for ; Sat, 10 Jun 2006 15:02:11 +1000 Message-Id: <20060610xxxx2.k5A51jMs02xxxssxxx.fxxxx.com.au> From: "Txxxxx Mcgowan" To: Subject: look through the email fcyi.pk have a look Date: Sat, 10 Jun 2006 10:30:49 -0500 MIME-Version: 1.0 X-Mailer: Microsoft Office Outlook, Build 11.0.x X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.x Thread-Index: eZRA7y50oj1jV3X7rTBxxxxxxxx Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: 7bit X-Archived: SAVE1uoT24@oxxxxx.fxxxxx.com.au
17
posted on
06/10/2006 8:37:48 AM PDT
by
FarmerW
("We have the freedoms we fight for, and we lose those we don't defend." -Rushdie)
To: FarmerW
my old email is being used by someone at another location
That could be it. Someone who has your old email addy either has a virus that is sending emails out from their computer or had their address book data mined.
If that is the case, there is probably little you can do about it, if you don't know where the emails are originating.
18
posted on
06/10/2006 8:40:32 AM PDT
by
TomGuy
To: FarmerW
What is happening is that someone is "spoofing" your email address - sending spam, pretending that your address is the real sender. Thus delivery failure notices go to you. This is not particularly uncommon and part of the reason I think spammers should be forced to eat their own testicles live on TV just before they are drawn and quartered.
19
posted on
06/10/2006 8:41:05 AM PDT
by
thoughtomator
(A thread without a comment on immigration is not complete)
To: FarmerW
It is still a good idea to check out your computer with a anti-spyware, anti-viral software package, but from what you've described, the most likely culprit are international spammers who are sending the emails from their own computers. All that's needed to send out spam is an SMTP server. These are the equivalent of mail carriers. Once a message is accepted by an SMTP server for delivery, it is sent on its way to the destination address. If delivery should fail, the SMTP network returns the failed letter to the return address instead of to the point of origin. A person with a tech background could look at the bounced messages and trace the message back to the point of origin. You could to. 1) Open your mail client. 2) Find one of the bounced messages. 3) Highlight the message by clicking on it once. 4) Right-click on the message, or if you're using a Mac with a one button mouse, Control-Click on the message. 5) You want to view all the message headers, so select from the pop-up menu the option most likely to show you the complete message headers. The message headers are normally invisible when reading your email, but they contain the routing information for a message. 6) Once the message is expanded, and you're viewing the message headers, look for information indicating the point of origin. It will sometimes look like this: Received: from the-spammer.smtp-server.com (the-spammer.smtp-server.com [555.555.555.555]) by your-email-server.your-isp.com (8.13.4/8.13.4) with ESMTP id k4OEkVG3013134 for ; Wed, 24 May 2006 09:46:42 -0500 With most spammers, the best you'll be able to do is track it to the SMTP server they used to send the email from. There are a number of these email servers that strip out the point of origin, or allow a local account connection so that the point of origin appears to be the email server. However, if the spammer uses a commercial server to send their message, the message will contain more than one "Received:" tag, and the second one should note the point of origin, as an IP address. The IP address can be compared against your external IP address to see if you were the point of origin, or if you want to locate the original sender, using a traceroute program (Google: traceroute), then you can narrow down the sender to the city of origin, node, and ISP. Of course, the sender might be a slave machine that the spammer hacked, and may not be the spammer but is instead a tool, at which point tracking the spammer beyond that point would require either hacking the machine yourself, or getting the ISP that machine is hooked up to to do the trace back on connections into the machine. But I hope this gives you a picture. You could probably also try and google information on tracing emails to their point of origin.
20
posted on
06/10/2006 8:42:42 AM PDT
by
coconutt2000
(NO MORE PEACE FOR OIL!!! DOWN WITH TYRANTS, TERRORISTS, AND TIMIDCRATS!!!! (3-T's For World Peace))
Navigation: use the links below to view more comments.
first 1-20, 21-27 next last
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson