Tags:






Advertise here: Contact FM.


My computer might have a Trojan, now what?
October 5, 2008 1:30 PM   RSS feed for this thread Subscribe

It's become apparent that my computer may have a Trojan. I just received a Returned Mail notice for mail I never sent, which instead of displaying my name it displayed "jasen kimberly," and was sent to a strange russian email address: munsov@pobox.spbu.ru. I'm concerned that this may be the result of a trojan "phoning home," or using my computer to send spam.
posted by matkline to computers & internet (9 comments total)
No need to worry about this. The "From" field of an e-mail does not indicate who sent the mail, it can contain whatever the sender wants. Spammers often use e-mails in their spam list as the From field so that you get spammed when the e-mail bounces. It is away around your filter and the sender's filters.

So don't worry, this doesn't indicate any problem with your computer.
posted by jrockway at 1:35 PM on October 5, 2008


Spam will sometimes spoof other people's addresses as the "from" field of the e-mail. This means that they still get their message out to some unsuspecting individual when the mail bounce message goes to you. I get return mail notices for mail accounts that I only check via a terminal (and thus couldn't possibly have trojans). I wouldn't get too worried as long as your computer isn't acting weird and your antivirus stuff looks OK.

On preview, what jrockway said.
posted by rivenwanderer at 1:38 PM on October 5, 2008


Not necessarily. It's a strong possibility if you've only had one Returned Mail notice that someone who has your email address on their computer has a worm, and it's harvested all the addresses from their computer to send spoofed emails.

Email-distributed viruses that use spoofing, such the Klez or Sobig virus, take a random name from somewhere on the infected person’s hard disk and mail themselves out as if they were from that randomly chosen address. Recipients of these viruses are therefore misled as to the address from which they were sent, and may end up complaining to, or alerting the wrong person. As a result, users of uninfected computers may be wrongly informed that they have, and have been distributing, a virus., or else they get Returned Mail notifications from addresses where the spoofed email hasn't been delivered.
posted by essexjan at 1:39 PM on October 5, 2008


Just seconding jrockway. If this is the only thing wrong then don't worry about it. The likely cause is a spammer or virus that sent a bogus mail to the Russian address, with your legit address in the From field (something that is easily spoofed). The mail bounced back to you for whatever reason. But again, it is unlikely that first message would have originated from your computer.
posted by ellenaim at 1:40 PM on October 5, 2008


Backscattered email... some may call it the result of Joe job spam. In either case, some asshole spammer is using your email address as the "sender" and "return" address, so bounces come back to you. Unfortunately irate recipients may think it's you, too, though this has been going on for years and one would think people would know better by now. My first thought was not that you were infected.
posted by crapmatic at 1:49 PM on October 5, 2008


Some ways that these guys get your email address:
- You posted a message to a Listserv
- Clicked on the "take-me-off-this-mailing-list" link in a marketing email
- Had your email address listed on a website (e.g. as a student)
- Entered a competition that asked for your email address
- Supplied your email to a business when making a purchase without sending them, in writing, your request that they do not sell this on to anyone for marketing purposes
- Dropped your business card into a prize draw box
- Gave your email address on a signed petition
- Forwarded one of those "funny" emails that everyone sends on to their friends
etc.

Don't worry -- I get about 2 of these a week. You learn to live with it ... :-)
posted by Susurration at 1:57 PM on October 5, 2008


If you are really worried, download Spybot Search & Destroy, which will scan your computer for Trojans. It's free, comprehensive, and updated regularly. It also installs a real-time monitoring application (Teatimer), which will protect your PC against future incursions. Just remember to check for updates periodically.
posted by Susurration at 2:00 PM on October 5, 2008


Just in case.
posted by TomMelee at 2:40 PM on October 5, 2008


Wow. I feel a lot better, thanks everyone.
posted by matkline at 3:37 PM on October 5, 2008


« Older Why might my Blogger blog not ...   |   What are some great "powe... Newer »
This thread is closed to new comments.