My e-mail adress spammed itself?

[beGi]

I have multiple e-mail accounts, and one of them is YahooMail..... Today I went to check my mail, and noticed that my Bulk (spam) folder received few new mails, and I decided to check them before deletion. But when I saw that one of that mails was actually sent from my own yahoo address I couldn't believe (my surprise was even greater when I saw subject of that mail -> MensHealth ID....WTF, I don't read that quasi-journalism)..... I regulary scan my HDD for viruses and spyware, I never used that mail adress for anything than coresponding with my friends, and that mail adress wasn't "published" on any website. Did anyone had similar experience? And can anyone explain how is this possible? Thanks

[qviri]

"From" field is easily faked. Lots of spam is sent with same address in "From" and "To".

[rkawakami]

One likely scenario...

one of your friend's system was infected with malware and read their address book. Then the computer was used as a mail bot and sent out the spam, faking the sent address as yours. If you check the email headers it might be possible to figure out where it actually came from. Although I'm no email expert, this is what I've done before:

Plug the IP address in the "X-Originating-IP:" line into this site: http://www.ip2location.com/ If it really was sent by a Yahoo account it should resolve to the yahoo.com domain.

Plug the IP address in the "Received:" line into ip2location and see if it resolves to your ISP.

Of course email headers can be faked/spoofed so this might not be a sure bet, but if the IP addresses don't match what you know to be true, then there's a good chance that your system is fine.

[GomJabbar]

Timely post, Ray. I will have to check out your link.

This week has been problematic for me. My inbox is being filled with undeliverable email messages - all from Spam. So far this week over 250 such messages have appeared in my inbox.

I have verified that these messages did not originate from my computer. For one thing, they were created using Outlook. I use the SeaMonkey email client. Although have Outlook 2003 on my computer, I have never gone through the setup wizard. I just verified this again, to be sure. Secondly, I use an Authenticated SMTP email server which requires that I enter my password before a message can be sent. Finally, I performed a full virus scan with up-to-date Kaspersky Internet Security 7, and I performed a full Spybot scan using the latest updated version. I came up clean on both counts.

I did a little research on this and it appears that either someone elses computer has become an email zombie (what Ray was referring to above) or else a spammer randomly acquired my email address though trial and error. When someone uses an email address in this way for sending Spam, it results in something called "backscatter".

http://www.spamnation.info/notes/guides ... erFAQ.html

I am hoping that this problem will go away on it's own - otherwise I will probably be forced to abandon my long-used email address. I have contacted my isp (email provider) to see if they can do anything about this.

[jdhurst]

I see messages from myself in my spam filter (never in my inbox). Now my email address has been in use since 1995, so that is probably the cause, and not that I use Outlook. ... JDH

[GomJabbar]

Plug the IP address in the "X-Originating-IP:" line into this site: http://www.ip2location.com/ If it really was sent by a Yahoo account it should resolve to the yahoo.com domain.

Plug the IP address in the "Received:" line into ip2location and see if it resolves to your ISP.

I plugged several of the "X-Originating-IP:" addresses in, and they were each from a different place. Several were from different states in the US, one from Canada, and one from France. None that I saw were from my isp.

The "Received:" addresses matched the "X-Originating-IP:" addresses in the ones I checked.

[GomJabbar]

I wasn't blaming Outlook. I just meant that the messages did not originate from my machine since the text in the messages said they were created with Outlook. Well at least several of them were - I did not check them all.

[beGi]

Plug the IP address in the "X-Originating-IP:" line into this site: http://www.ip2location.com/ If it really was sent by a Yahoo account it should resolve to the yahoo.com domain.

This was helpful, turns out that most of information was faked (it says that i really sent it to myself), but X-Originating-IP traced to Lithuania, it seems that someone of my friends computers is really infected..... Thank you for posting.

[bhurley]

If you have your own domain, one way to reduce the volume of this sort of thing is to have your domain host disable the "catch-all" feature that treats any email address on your domain as valid. Many domains are set up so that addresses like "you@you.com" or "me@you.com" or "anyone@you.com" will all be considered valid addresses by the email server and you'll see those messages in your in-box, even if you had only set up one address for yourself, let's say "joe@you.com." If you disable the catch-all feature, all emails to your domain will be blocked except for those to joe@you.com and postmaster@you.com.

My understanding is that spam robots will randomly fabricate email addresses and test them, rejecting any that bounce back. So if your catch-all feature isn't disabled, the spam robot will use spoofing to send thousands of spam messages from thousands of random addresses on your domain, and your in-box will be flooded with all the spam messages that get sent to inactive addresses and are returned as undeliverable. This happened to a colleague of mine; she was receiving more than 2,000 returned emails a day until we figured out what was going on.

I've been getting spam messages from my own address for many years, it's nothing to get worried about, and it's most likely not due to any virus. It's all done with spam robots spoofing your address.

[Andersonjoe711]

spam robots......I hate spam robots.....

adapted from the best movie ever....the Blues Brothers.