emails seemingly from my contacts

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
I am getting a few emails every week marked from friends in my contacts
list, but they are links to advertising web pages. I have run Malwarebytes
and Super anti spyware with no results. Does anyone have information on this
particular problem and how to deal with it?

Quilljar


Re: emails seemingly from my contacts

After serious thinking Quilljar wrote :
Quoted text here. Click to load it

There's a nym (or name) I haven't seen for a while.

Without seeing the headers it isn't possible to determine where they
actually came from. Maybe this is because of fairly recent breaches in
security from social networking sites like LinkedIn? Password hashes
were leaked out and spammers have apparently made use of them.



Re: emails seemingly from my contacts




After serious thinking Quilljar wrote :
Quoted text here. Click to load it

There's a nym (or name) I haven't seen for a while.

Without seeing the headers it isn't possible to determine where they
actually came from. Maybe this is because of fairly recent breaches in
security from social networking sites like LinkedIn? Password hashes
were leaked out and spammers have apparently made use of them.

You may not have seen me but I look at this NG every day and have found it
very helpful.
I have deleted the emails I referred to, but if any more come I will take
the details and let you guys know. Thanks for replies. Come to think of it
they have only come from relatives with my same surname...plus one who is on
Facebook.

Q


Re: emails seemingly from my contacts


Quoted text here. Click to load it

"Seemingly" from you contacts. How do you know they WEREN'T from your
contacts? Did you ask them to check their sent items?

Perhaps some of your contacts got phished, and their accounts were
hacked.
--
To reply via e-mail, remove The Obvious and .invalid from my e-mail address.

Re: emails seemingly from my contacts


Quoted text here. Click to load it

    One of your friends was probably hacked/malwared. Or maybe you
use open wireless and they just gathered your contacts with a sniffer.
Easy enough if you use msn or yahoo etc.
    More details would be welcome .... headers, etc. You can
replace real email addys with xxxxxxxxxxx.
    []'s
--
Don't be evil - Google 2004
We have a new policy - Google 2012

Re: emails seemingly from my contacts

Hi,
Below  this is the copy of the Properties of one of the emails that I was
talking about.

These are the return address given by two of my correspondents. They are not
their true ones.
alek_dakov@yahoo.com
alpt993681@yahoo.com


X-Apparently-To: quilljar@btinternet.com via 188.125.84.49; Wed, 19 Sep 2012
21:20:24 +0000
X-YahooFilteredBulk: 98.138.91.168
Received-SPF: none (domain of yahoo.com does not designate permitted sender
hosts)
X-YMailISG: gz1xWYsWLDvTi1XQvZSKtwxEtiz_bGRoUxeLMeJjLhTUKxHa
SNxU0F_WcKNEwcYFmpfpdO6hm3MbV2H8Tb1vPt5gtNxzQzExekeTp8_0LgQR
yLu6Sfkt9OLsWj7iNIw6fTHmabeF9QgW7Ynrm1n0S9UlIx3LzonVLTHC9Qn0
2eE7hXQFU0vecx0rEgEBPabR0lFhTRzzl0duzJHJPe.XWMhbs5xhDrx7LoyG
KWeMpxCp5e7SkrsJKZgLMOoEUqxGf6bFFS5kZ0xTu90HsCXMRWDP3tBE7mHx
.Y3SR2qIFO_wkSzBX6nJWmS1YAHGkYEmFTaNqw5BE7YnugL3uaCgN.Z27z5m
Ly06ed6Q86TLiunJo5VFA5pdLj6WY533o3ViJmdR.hOywNchT8OAZBUQoAuy
Y.LyhKlRKcsm4_CFrIXBcsXiYEXXY2.sg9ufmblhPE3Z1EjiemSiHvJnhYKP
mBoVrQ.44lUoU1qch1H1V30Kj3xq7W2PpY3IogeGGDBcXamxkPSLLJkFW.6f
.OeV6el1Z7ht23a31tSqjrwKufJO5hb5rerTE9Ogyquz1fIAaR.DZjVKqB3V
rdZ24gfdeOIq1_RphUuktFhqVXBjWduGPU8SEklokLCjYSnmiuqeDUXNXbav
2P1Yi09xolzHjeXcyv_iS5RwA1PYboPg4ImdI5h1kVZdTWtZrn.vmSSYiugS
EWfxXPB25Vo5lxPugH6Lap5l.4tU3a9FN1XN6hInFTCO3RakmHN8Py.rdSOO
tm1rFyA5H9KRe78r5BcfFPjzWCttEXrJANDvnxqVCtP_GgZYqtDphUV7oYS7
pN.0g7B43mg_t_mq28Ojs4ZPDopmAGF9ovOA4vuMiG3oKPbaOANOHywatoPr
4wVmoC8jnDjc6j7mG2hnBc3..TyrYW189B4syjd1TobVsfLFmfAjthdNeHid
c5sah.3IZ_vBANAoKDM27tjDWXX6IosEYyc7trkXnPHnwOg0
X-Originating-IP: [98.138.91.168]
Authentication-Results: mta1012.bt.mail.ird.yahoo.com  from=yahoo.com;
domainkeys=pass (ok);  from=yahoo.com; dkim=pass (ok)
Received: from 127.0.0.1  (HELO nm8-vm4.bullet.mail.ne1.yahoo.com)
(98.138.91.168)
  by mta1012.bt.mail.ird.yahoo.com with SMTP; Wed, 19 Sep 2012 21:20:24
+0000
Received: from [98.138.90.56] by nm8.bullet.mail.ne1.yahoo.com with NNFMP;
19 Sep 2012 21:20:23 -0000
Received: from [98.138.89.161] by tm9.bullet.mail.ne1.yahoo.com with NNFMP;
19 Sep 2012 21:20:23 -0000
Received: from [127.0.0.1] by omp1017.mail.ne1.yahoo.com with NNFMP; 19 Sep
2012 21:20:23 -0000
X-Yahoo-Newman-Id: 14346.70614.bm@omp1017.mail.ne1.yahoo.com
Received: (qmail 13384 invoked by uid 60001); 19 Sep 2012 21:20:22 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024;
t=1348089622; bh=MmRAASoz2nkq3LyriM5Xq447i5BuvCN9t8krN64ppcE=;
h=X-YMail-OSG:Received:X-Mailer:Message-ID:Date:From:Reply-To:Subject:To:MIME-Version:Content-Type;
b=Jv0vJDZErpcel1muWRrUJ++Y/z+fNC5CvRpZzz15C16w+Kr3qvG/EEQYlx2prP4sB6fOO3bzsgkPyhfJsO9ZMHBMP69wGg/emunoQsTIWcbYRtDL6PTxatBwaZbsbIGSl/cjpgOKo0RH+Xo044FjcJVRzjN4XPGWuGP9lsa2bv4=
DomainKey-Signature:a=rsa-sha1; q=dns; c=nofws;
  s=s1024; d=yahoo.com;
 
h=X-YMail-OSG:Received:X-Mailer:Message-ID:Date:From:Reply-To:Subject:To:MIME-Version:Content-Type;
 
b=WvQKpN2dSnUBdmRkujGR9BuxFGNNPZCN0KTfhcqSmIE3tPix9T/WzMSaO6gbfhIINxlh/xk3+utXhRn2Qid6Isch3EIc92xtw39RX3pWo3aji9GGDpqM45nGV1BSqhCdSpNMCSlcNJE4HgZT0BrNhdbQ7mfXI9Ml2FX/EscELK4=;
X-YMail-OSG: wYRuMXIVM1lytoEDmSbMvyocF3NMa0_B1tWBdPTBMp5xOiL
IfPyGZkmqZNsrBXU7LTmaTAx7Medgu.YTvNlOt5EVYWQ6cnclS_dyzD1tt_T
i0tBjrROR41KLF0aXZZd8svz0YyDtw7JlRjcveUUKNgHTVoWhupJqvT.4ror
IbLrGRbEWgSHuxVDspKwKcyEh6IX3VV5jFUAN62RveCHcoI9bUiC_5gor6g4
RSwWPeNwO.SS7hkb4VxE7Dh4.iDHJiRImw.e4Sp_Uy7NWLroEcj4XkGuBlHs
H3JRjQ65d.l_urLLQcLzJBadlUkOKmTBKBYbOFF1G8Y3Mbws9BSNDko1cbcx
jptKP2mSmeTgnKrr2t6WaTLe_jeQ31k2TTfVDoVUk2Q_7K9zRg1O3y81QoT_
6Bk0UFhXH5QwjnkizwcTnBzXiNRi_p8H7AS1lTZLLUUBVSqGBms7j_Kz7Dsh
e.6ihD0d3VJL4srzcxZ76ZfG_CsGLZnZ1sZiIjAkjuJIVNi8vfutTQol5G4n
hoWNRK5vXohUtkh885SNsNkEUsjhE3cnbuTdeHRz_qJq.mvMfFKtF4NWRxlV
hJ5YI.gD1JB4QxSNlnpo-
Received: from [116.82.23.17] by web113503.mail.gq1.yahoo.com via HTTP; Wed,
19 Sep 2012 14:20:22 PDT
X-Mailer: YahooMailWebService/0.8.121.416
Date: Wed, 19 Sep 2012 14:20:22 -0700 (PDT)
Reply-To: alpt993681@yahoo.com
Subject: [Bulk] for Christopher
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii


Re: emails seemingly from my contacts


Quoted text here. Click to load it


    116.82.23.17 = nttkyo378017.tkyo.nt.ngn.ppp.infoweb.ne.jp

    Some bulk emailer in japan.
    Unusual, that.
    []'s
--
Don't be evil - Google 2004
We have a new policy - Google 2012

Re: emails seemingly from my contacts

Make a new Password with your laptop at yahoo

for the computer is Hijack........  

Site Timeline