News0 min ago
Mail delivery failure spam
5 Answers
I am getting about 30 or so "mail delivery failure" emails each day, from various people and institutions. I suspect this is as a result of someone hijacking my account to send out spam.
I am with freeserve, who have email accounts in the format [email protected] where he "efgh" is the part that varies, depending on the user. The part before the @ can be anything you like.
These mail delivery failure responses are all aimed at my account "efgh" but use prefixes I have never used, and are usually just a series of random letters. I have secured my wireless network, changed all my passwords, bought junk mail filtering software and still they come. Can anyone tell me what I have fallen victim to, and how I can stop it?
I am with freeserve, who have email accounts in the format [email protected] where he "efgh" is the part that varies, depending on the user. The part before the @ can be anything you like.
These mail delivery failure responses are all aimed at my account "efgh" but use prefixes I have never used, and are usually just a series of random letters. I have secured my wireless network, changed all my passwords, bought junk mail filtering software and still they come. Can anyone tell me what I have fallen victim to, and how I can stop it?
Answers
Best Answer
No best answer has yet been selected by AllYourBase. Once a best answer has been selected, it will be shown here.
For more on marking an answer as the "Best Answer", please visit our FAQ.It's very unlikely that anyone is hijacking your account. Because most e-mail addresses can be predicted from the domain name (freeserve.co.uk in your case) it's a very simple matter for a program to generate random e-mail addresses where simply by chance the majority will be genuine. There are two things that can happen next.
Say I'm the spam-bot:
I generate a load of addresses
I don't know which are genuine, but it's a fair bet that more than 50% of them are.
Scenario 1
I now send out 10,000 e-mails and spoof the "from" address using my generated addresses
At the destination a spam filter detects that they are junk or the e-mail server doesn't recognise the "to" address
In either case it and "bounces" them to what it believes is the sender.
The apparent sender (i.e. you) then gets the bounced mail.
Scenario 2.
I generate 10,000 e-mails that APPEAR to be bounces from an e-mail server, and send them direct to my random addresses (of which you are one).
The theory in both cases is that you are curious enough to open the "bounced" e-mail, because you are under the impression taht it came from you. I have now achieved my objective of delivering the payload, which could be simple spam or a link to a malicious site or an embedded virus.
Say I'm the spam-bot:
I generate a load of addresses
I don't know which are genuine, but it's a fair bet that more than 50% of them are.
Scenario 1
I now send out 10,000 e-mails and spoof the "from" address using my generated addresses
At the destination a spam filter detects that they are junk or the e-mail server doesn't recognise the "to" address
In either case it and "bounces" them to what it believes is the sender.
The apparent sender (i.e. you) then gets the bounced mail.
Scenario 2.
I generate 10,000 e-mails that APPEAR to be bounces from an e-mail server, and send them direct to my random addresses (of which you are one).
The theory in both cases is that you are curious enough to open the "bounced" e-mail, because you are under the impression taht it came from you. I have now achieved my objective of delivering the payload, which could be simple spam or a link to a malicious site or an embedded virus.
No, ebay is not to blame, I get around 300 of these a day and don't use ebay. As I said, anyone can make a good guess at a valid e-mail address. They don't know who you are, or even if you (or your e-mail address) exist, and they don't care. If they send out 10,000 e-mails, they have a pretty good chance of hitting 6,000 - 8,000 valid addresses.
I've got exactly the same problem and I know it's a real pain in the botty. I contacted orange (freeserve/wanadoo/orange) who offered little to ****** all help. They mentioned using the filter tool but couldn't get my head around that. Apparently the only real solution is to change email address which would mean closing your account. Bit poor in my opinion! So I have to keep blocking the sender in the hope that it might eventually have an effect. If anyone can offer an alternate solution I too would appriciate some advice.
Related Questions
Sorry, we can't find any related questions. Try using the search bar at the top of the page to search for some keywords, or choose a topic and submit your own question.