have just discovered, by idly looking through the enormous amount of junk mail in our 'webmail' site, that our full and correct email address - which is an old ...fsnet.co.uk one - is being used to send spam, as there are emails purporting to emanate from our address in there.
We kept the 'fsnet' address as we'd always had it and everyone knows it and the hassle of changing it seemed unnecessary. Also most of our business contacts have it - and it's on our business cards.
(Before anyone screams at me - quite rightly - that we shouldn't be using this for business, let me add that our business does not operate via email or the web, it's really only the very occasional person who contacts us this way, it's only on our cards because these days you have to)
Could someone please tell me what we can do about this, or do I have to scrap this address and finally go through the hassle of a new one and informing everyone etc. Having said which, I am still toying with the idea of changing ISP, mainly due to well documented email hassle.
Easy - Perform a full anti-virus scan on any machines you use to access that particular account. Once you are fully satisfied that there are no nasties then change the accounts password.
Next you really need to assess how it happened in the first place, was it by entering the account details in to a page accessed from a dodgy phishing email or a virus on your machine(s)?
Keep in mind that virus creators go through great lengths to ensure that their malware goes undetected by AV signatures. AV companies are ALWAYS one step behind the crooks.
Easy - Perform a full anti-virus scan on any machines you use to access that particular account. Once you are fully satisfied that there are no nasties then change the accounts password.
That will make no difference at all. The hijackers don't need to access your computer to send emails using your email address.
Have performed 'full system scan' thro Norton - which took 3 1/2 HOURS! - which turned up nothing apart from a few 'tracking cookies'; Norton is up to date as it seems to keep updating itself every other day, and allegedly runs background checks most of the time; its' history is most impressive with thousands of threats apparently stopped dead in their tracks. However, I digress .....
I am now seriously considering changing ISP - still half the time don't know if my emails arrive at destination and still am unable to contact (very ill) friend on AOL.
Have performed 'full system scan' thro Norton - which took 3 1/2 HOURS! - which turned up nothing apart from a few 'tracking cookies'; Norton is up to date as it seems to keep updating itself every other day, and allegedly runs background checks most of the time; its' history is most impressive with thousands of threats apparently stopped dead in their tracks. However, I digress .....
Chances are your address was harvested from a contact of yours (so nothing to do with Orange or their email system) probably via Gmail or Hotmail who both have experienced this recently.
So it's like cloning a bank debit card all they need is the relevant detail rather than the actual debit card.
That will make no difference at all. The hijackers don't need to access your computer to send emails using your email address.
Best move is to ditch it and get a new one.
You're right, they don't need access to spoof your email address but any sensible person should rule out all possibilities in order of severity. It would be stupid of me (as a security engineer) to recommend a password change without first confirming that there are no viruses present.
It's always best to assume the worst in these situations, nasty malware is quite capable of harvesting keystrokes and related logins so for privacy and peace of mind you should always first confirm that the machine is not infected with a virus before jumping to any conclusions.
Borednow wrote:
Chances are your address was harvested from a contact of yours (so nothing to do with Orange or their email system) probably via Gmail or Hotmail who both have experienced this recently.
So it's like cloning a bank debit card all they need is the relevant detail rather than the actual debit card.
Again you don't want to jump to any conclusions, especially considering the sheer number of ways an attacker is able to gain access to your computer or personal information.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
