How can I fix my email?
June 18, 2009 3:45 PM Subscribe
After years of trouble-free computer use, it appears that my email account has been hacked. It seems to be more annoying than dangerous, but I realise the potential for danger is there, and I'm losing sleep over it. How can I fix it?
A couple of weeks ago, I discovered that my email (Hotmail, on Windows XP, and yes I have anti-virus software) had been 'reset' to send automatic vacation replies which are an advertisement for a Shanghai businessman. Insert panic here.
I deleted the text, unchecked the 'send vacation reply' box, ran an anti-virus scan (which found nothing), and have had no problems since.
Until this morning. It's happened again. But this time, the emails contain a WMV file (which I'm not brave enough to open) and the vacation reply box is still unchecked text-free. It has attempted to send to a small number of my contacts, but they've bounced back to me (as have the genuine emails I've just tried to send too). I'm unable to find out yet if the recipients had emailed me first, thus generating a kind of 'vacation reply' - it's a bit early in Oz to make panicked phone calls to friends.
I've googled and metafiltered and asked random strangers in the street (nah, not really), but every reference I can find to hacked email seems to be about changed passwords and keystroke-remembering programs and whatnot. This doesn't appear to be that serious. (But I'm still worried enough to not do any net-banking.)
So, as a newbie to the whole cyber-violation thing, can the hive mind please suggest how I can fix this? Or am I destined to call everyone I know and advise them of a new email address?
A couple of weeks ago, I discovered that my email (Hotmail, on Windows XP, and yes I have anti-virus software) had been 'reset' to send automatic vacation replies which are an advertisement for a Shanghai businessman. Insert panic here.
I deleted the text, unchecked the 'send vacation reply' box, ran an anti-virus scan (which found nothing), and have had no problems since.
Until this morning. It's happened again. But this time, the emails contain a WMV file (which I'm not brave enough to open) and the vacation reply box is still unchecked text-free. It has attempted to send to a small number of my contacts, but they've bounced back to me (as have the genuine emails I've just tried to send too). I'm unable to find out yet if the recipients had emailed me first, thus generating a kind of 'vacation reply' - it's a bit early in Oz to make panicked phone calls to friends.
I've googled and metafiltered and asked random strangers in the street (nah, not really), but every reference I can find to hacked email seems to be about changed passwords and keystroke-remembering programs and whatnot. This doesn't appear to be that serious. (But I'm still worried enough to not do any net-banking.)
So, as a newbie to the whole cyber-violation thing, can the hive mind please suggest how I can fix this? Or am I destined to call everyone I know and advise them of a new email address?
Response by poster: No, I've never changed it and I have no idea why I didn't think of such a basic solution. I'll do it now, thanx, peanut. Let's see what happens...
posted by malibustacey9999 at 3:57 PM on June 18, 2009
posted by malibustacey9999 at 3:57 PM on June 18, 2009
That should stop it from happening again--pick a really strong password that you don't use for anything else.
posted by peanut_mcgillicuty at 4:00 PM on June 18, 2009
posted by peanut_mcgillicuty at 4:00 PM on June 18, 2009
Response by poster: I've just changed it to the most complicated password in the history of passwords, totally devoid of any connection whatsoever to anything in my life.
However, I've just tried to send a test email to a mate & it has bounced back from her work address that I use on a daily basis with no problems. I suspect a setting has been changed somewhere that I need to investigate. Sigh. (Hackers are bastards. I hate 'em.)
posted by malibustacey9999 at 4:16 PM on June 18, 2009
However, I've just tried to send a test email to a mate & it has bounced back from her work address that I use on a daily basis with no problems. I suspect a setting has been changed somewhere that I need to investigate. Sigh. (Hackers are bastards. I hate 'em.)
posted by malibustacey9999 at 4:16 PM on June 18, 2009
Also I would call hotmail. This happened to my friend's gmail and they took her step by step on the phone so that all of her bases were covered.
posted by whoaali at 4:18 PM on June 18, 2009
posted by whoaali at 4:18 PM on June 18, 2009
One note, be wary when registering for websites using the same password as your e-mail/banking/etc. You really don't know how secure they are. If stored as plain text rather than encrypted, bingo, anyone with access or that can hack into the DB has your e-mail and password.
Ok, second note, anti-virus isn't any help in this scenario. It's not a virus, it's a hijacking of your account (presumably).
posted by hungrysquirrels at 4:21 PM on June 18, 2009
Ok, second note, anti-virus isn't any help in this scenario. It's not a virus, it's a hijacking of your account (presumably).
posted by hungrysquirrels at 4:21 PM on June 18, 2009
It's possible if someone was using your account to send high-volume spam that it's essentially been blacklisted, and that could cause messages to bounce. I don't know if most mailservers are set up that way (seems like it would make it pretty trivial to pull a Joe Job on someone) but it strikes me as a possibility.
If you can get a human being at Hotmail support, they might be able to explain how to fix the effects of a hack; it has to happen pretty often.
posted by Kadin2048 at 4:21 PM on June 18, 2009
If you can get a human being at Hotmail support, they might be able to explain how to fix the effects of a hack; it has to happen pretty often.
posted by Kadin2048 at 4:21 PM on June 18, 2009
Assuming they have a "forgot your password?" option that emails a secondary account, you'll want to look into that, as well as changing your security questions.
posted by dhammond at 4:22 PM on June 18, 2009
posted by dhammond at 4:22 PM on June 18, 2009
Surprisingly, hotmail are very helpful in terms of customer service and an email to them outlining what you've said here would get you some decent advice.
If you want peace of mind open a new hotmail account. Migrate slowly and don't close your current account until you're sure you've updated all your subscriptions, registrations and you've notified your friends/family.
posted by fire&wings at 4:25 PM on June 18, 2009
If you want peace of mind open a new hotmail account. Migrate slowly and don't close your current account until you're sure you've updated all your subscriptions, registrations and you've notified your friends/family.
posted by fire&wings at 4:25 PM on June 18, 2009
If your hotmail account used the same password that you use for other online activities (bank accounts, credit cards, facebook, whatever), you should consider those accounts compromised as well. Log in to as many of them as you can remember and change your password to something new (and strong).
posted by chrisamiller at 4:35 PM on June 18, 2009
posted by chrisamiller at 4:35 PM on June 18, 2009
Response by poster: Good suggestions, thanx to all. I gratefully accept your advice, and will now check my secondary account and contact Hotmail.
posted by malibustacey9999 at 4:38 PM on June 18, 2009
posted by malibustacey9999 at 4:38 PM on June 18, 2009
anti-virus isn't any help in this scenario.
One of the most popular methods used by profit-motivated attackers to hijack accounts (as appears to have happened here) is via convincing the user to install a keylogger on their machine. Competent antivirus software can detect and prevent or detect and remove such a keylogger. No AV software is perfect, but AV can prevent many attack vectors associated with mail hijacking.
My advice here would be to change your password again, using another computer that you have never used before, because if they did use a keylogger to get your password the first time, they've already got the new one.
posted by deadmessenger at 4:39 PM on June 18, 2009
One of the most popular methods used by profit-motivated attackers to hijack accounts (as appears to have happened here) is via convincing the user to install a keylogger on their machine. Competent antivirus software can detect and prevent or detect and remove such a keylogger. No AV software is perfect, but AV can prevent many attack vectors associated with mail hijacking.
My advice here would be to change your password again, using another computer that you have never used before, because if they did use a keylogger to get your password the first time, they've already got the new one.
posted by deadmessenger at 4:39 PM on June 18, 2009
Response by poster: The thot plickens. Googling to find Hotmail contact details led to me a thread on a Windows Live forum about this exact issue (possibly the same hacker, the details are eerily similar), which didn't come up on my previous googling.
The Windows Live bloke recommended running a Windows Live malware scan as that has solved the problem for others. I'm doing that now.
And thanx for your suggestion too, deadmessenger. I suspect you might be right. I've thought a bit more about it, and I've realised a couple of things: first, my PC died so I've been using my daughters laptop for a few weeks now. And I've suddenly, in the last few weeks, started to receive spam.
I'm wondering if my daughter has opened an attachment or something that's installed this nasty little bug. (How many times have I warned her about online security? 452 million times. I guess after school today it will be 452,000,001 times.)
You guys are priceless. Your advice & suggestions are valuable, helpful and just what I needed. Thank you all so much.
posted by malibustacey9999 at 5:07 PM on June 18, 2009
The Windows Live bloke recommended running a Windows Live malware scan as that has solved the problem for others. I'm doing that now.
And thanx for your suggestion too, deadmessenger. I suspect you might be right. I've thought a bit more about it, and I've realised a couple of things: first, my PC died so I've been using my daughters laptop for a few weeks now. And I've suddenly, in the last few weeks, started to receive spam.
I'm wondering if my daughter has opened an attachment or something that's installed this nasty little bug. (How many times have I warned her about online security? 452 million times. I guess after school today it will be 452,000,001 times.)
You guys are priceless. Your advice & suggestions are valuable, helpful and just what I needed. Thank you all so much.
posted by malibustacey9999 at 5:07 PM on June 18, 2009
Also, you should write down your password on a slip of paper and keep it somewhere safe. That way you can be more secure in using complicated passwords without forgetting them.
posted by delmoi at 5:13 PM on June 18, 2009
posted by delmoi at 5:13 PM on June 18, 2009
You may already be doing this, but your day to day user account in XP and your daughter's account should not be assigned administrator rights. Surfing the net as a non-admin user makes it harder for the viruses (sp?) to find a place to enter you system.
non-admin-acount for safer computing thread.
posted by SantosLHalper at 6:13 AM on June 20, 2009
non-admin-acount for safer computing thread.
posted by SantosLHalper at 6:13 AM on June 20, 2009
Response by poster: I didn't know that about administrators, SantosLHalper, I'll check it straight away. Thanx. And I hadn't considered that it may have been something picked it up from the net itself - I had jumped to the conclusion that it must have been an email attachment.
FWIW, the problem seems to have... um... I don't know that I'd call it resolved, but I currently appear to have no further problems since implemention of most suggestions here. No more unauthorised sending or unexpected receipt of emails, at least, although my emails to the friend at work still bounce back every time.
And I'll remain ultra-cautious. I realise now that I was making a lot of basic mistakes like having the same password for every login, and I should have known better.
I hereby promise to remain vigilant and as prepared as possible for the worst case scenario, because I think I was bloody lucky this time ("so far", she thinks, crossing her fingers & praying hard) that it wasn't more destructive.
posted by malibustacey9999 at 10:57 PM on June 21, 2009
FWIW, the problem seems to have... um... I don't know that I'd call it resolved, but I currently appear to have no further problems since implemention of most suggestions here. No more unauthorised sending or unexpected receipt of emails, at least, although my emails to the friend at work still bounce back every time.
And I'll remain ultra-cautious. I realise now that I was making a lot of basic mistakes like having the same password for every login, and I should have known better.
I hereby promise to remain vigilant and as prepared as possible for the worst case scenario, because I think I was bloody lucky this time ("so far", she thinks, crossing her fingers & praying hard) that it wasn't more destructive.
posted by malibustacey9999 at 10:57 PM on June 21, 2009
This thread is closed to new comments.
posted by peanut_mcgillicuty at 3:51 PM on June 18, 2009 [1 favorite]