Send bad email, but all is well?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
A friend "sent" me an email that included a link to some site that AVG
woulnd't let me go to.

I checked with her and she didn't send it at all, and she says it was
sent to eveyrone on her email contact list.   The one that went to me
also went to about 5 other people.  We have only left each ot her
messages, so I don't know if t he outgoing email to me shows in her
outbox or not. .

Based on many meals eaten together, and the conversation, her nephew
seems to know a lot more about this stuff than I do. I think he works
in data processing for a livilng, and I know he set up the office
network etc. for his cousin, a friend of mine.  He told her to run her
AV program, so she scanned the computer with McAfee, and it found
nothing.

She seems satisfied with this.  It sounds like her nephew didn't tell
her to call back if it didn't find anything.

She still has a worm or something, doesn't she?    Shouldn't she
continue to pursue this?

Will it cause her more harm than just antagonizing friends?   (She's
retired, so she can't antagonize her boss!)

Will it limit itself to just sending obnoxious emails in her name?
Because that's easy enough to handle.


Re: Send bad email, but all is well?

A friend "sent" me an email that included a link to some site that AVG
woulnd't let me go to.

I checked with her and she didn't send it at all, and she says it was
sent to eveyrone on her email contact list.   The one that went to me
also went to about 5 other people.  We have only left each ot her
messages, so I don't know if t he outgoing email to me shows in her
outbox or not. .

Based on many meals eaten together, and the conversation, her nephew
seems to know a lot more about this stuff than I do. I think he works
in data processing for a livilng, and I know he set up the office
network etc. for his cousin, a friend of mine.  He told her to run her
AV program, so she scanned the computer with McAfee, and it found
nothing.

She seems satisfied with this.  It sounds like her nephew didn't tell
her to call back if it didn't find anything.

She still has a worm or something, doesn't she?    Shouldn't she
continue to pursue this?

Will it cause her more harm than just antagonizing friends?   (She's
retired, so she can't antagonize her boss!)

Will it limit itself to just sending obnoxious emails in her name?
Because that's easy enough to handle.


Re: Send bad email, but all is well?

I finally called her when she was home and it turns out she uses
Hotmail and does her emailing from the hotmail webpage.  That's where
her contract list is also.   Duh.

Her nephew told her to run the scan and change her password, and I
guess now that I know the facts, that's all that needed to be done.

Sorry to have bothered you alll.  


But a couple questions if you don't mind. :   Does an web-based site
like hotmail let a bot just keep trying passwords?   Are there
programs that do this, that then go to the contact list and compose
emails and send them.

 Do they just somehow enter the keystrokes that a valid user would
have to enter, or do they read the info off the screen or off the data
stream, and then send the email from their computer using their own
software?  

If they did it the second way, would their IP addresss show up, a) in
the email, b) in the records of the sending ISP, c) in the records of
the receiving ISP?

FWIW, different emails were sent to different groups of people.


wrote:

Quoted text here. Click to load it


Re: Send bad email, but all is well?


Quoted text here. Click to load it

The email account was compromised.  Yes, the password must be changed but it
should be a
"strong password".
http://en.wikipedia.org/wiki/Password_strength

--
Dave
Multi-AV Scanning Tool - http://multi-av.thespykiller.co.uk
http://www.pctipp.ch/downloads/dl/35905.asp



Re: Send bad email, but all is well?

On Sun, 6 Nov 2011 21:29:59 -0500, "David H. Lipman"

Quoted text here. Click to load it

Thanks.  She didnt' use the word strong but said she had one with lots
of  numbers and letters,   She has a Ph.D. in biochem, from a good
school. .  Sort of unusual for a woman over 65, I think.   OTOH, she
seems more interested in living things than computer-type stuff.  But
I'll send her your link.


Re: Send bad email, but all is well?


Quoted text here. Click to load it

Possibly an address, birthdate, wedding anniversary date and/or a
combination of such. I've observed neurosurgeons use really dumb and
insecure passwords. [g]. It's such an annoyance for most, they refuse to
pick strong ones.


--
Walking on a Razor's edge, so hard for me to find my way home. How could it
have come to this? So hard to pick the right from the wrong. I can't try to
hide behind myself anymore. I can't try to reason with the pain and the
torture. So I will grab hold to forever and walk right through this open
door. Walking on this lonely road, the heartbreaking pain at my side.
Without two arms to hold me, nothing but the chain of goodbyes.

Re: Send bad email, but all is well?

wrote:

Quoted text here. Click to load it

She told me how she used to have to have 4 passwords at work, for
different parts of her job.   Ugh.

Re: Send bad email, but all is well?

micky wrote:

[...]

Quoted text here. Click to load it

Of course, just like it would allow a person to keep trying until he or
she gets it right. They do have a timed block (lockout) after a certain
number of tries though.

Quoted text here. Click to load it
 > and compose emails and send them.

I'm not sure about the automation aspect, but I always assumed it was
so. I've even heard of automatic account creation programs that enlist
already compromised computers to 'ransom' their computing power and get
the user to supply answers to 'CAPTCHA' strings as payment.

Quoted text here. Click to load it

Not sure what you're asking here, but 'yes' keylogging in the ways that
you mention makes the brute force method unneeded. If "her" machine were
compromised (even if not a persistent compromise) she might still have a
problem.

Also, there could have been a weakness in the password recovery (secret
question) gizmo.

Quoted text here. Click to load it

Not necessarily. Often, the same miscreant that is trying to steal
hotmail computing power to 'spam out whatever' already has computing
power to spare in the form of bots running on other compromised
computers. Tracing back an e-mail might just get you a previous victim's
IP#.

[...]

Re: Send bad email, but all is well?

On Mon, 07 Nov 2011 17:40:40 -0500, FromTheRafters

Quoted text here. Click to load it

What!   I've never heard of this.  Extortion by spammers, against
someone who knows he's being extorted.   And like with kidnappers, how
does he know they'll let his computer go free if he pays?
Quoted text here. Click to load it


Darn.  

Thahnks a lot.

Quoted text here. Click to load it


Re: Send bad email, but all is well?

wrote:

Quoted text here. Click to load it
    Does she ever use unsecured wireless ? Used to be easy to see
the persons hotmail login page (and contacts), and even impersonate
the victim,  using firesheep. Don't know if hotmail has done anything
about it.
    []'s

Re: Send bad email, but all is well?


Quoted text here. Click to load it

That's called packet sniffing, and short of hotmail using https, there is
nothing you can do about it. :) ehehe.. thats the trade you make for
unsecured wifi. baby!



--
Walking on a Razor's edge, so hard for me to find my way home. How could it
have come to this? So hard to pick the right from the wrong. I can't try to
hide behind myself anymore. I can't try to reason with the pain and the
torture. So I will grab hold to forever and walk right through this open
door. Walking on this lonely road, the heartbreaking pain at my side. Without
two arms to hold me, nothing but the chain of goodbyes.

Re: Send bad email, but all is well?


Quoted text here. Click to load it

I don't think she uses that but I don't know for sure.

I'll see her at Thanksgiving and ask about this and the other things
mentioned.

Thanks.

Site Timeline