K_M Posted October 10, 2004 Share Posted October 10, 2004 I got my yahoo email account hacked a few days back. Don't know how! I never open any attachments or click any URLs sent to my emailbox, or even sign in at some unknown site! The hacker seems to have a master password to my account. I changed my password 6/7 times(within a week), yet the hacker sends emails to my 'address book contacts' in yahoomail. What may be wrong, can anyone tell? And are TotalChoiceHosting Servers safe from hackers? As compared with Yahoomail and hotmail severs? Share your thoughts. I deal with $$ and do not want people snooping in my email accounts. Quote Link to comment Share on other sites More sharing options...
TCH-Thomas Posted October 10, 2004 Share Posted October 10, 2004 I dont know what its called, but there are programs that can register every key you press on your keyboard and then sends it to a predefined adress in the virus or whatever its called. Quote Link to comment Share on other sites More sharing options...
K_M Posted October 10, 2004 Author Share Posted October 10, 2004 I dont know what its called, but there are programs that can register every key you press on your keyboard and then sends it to a predefined adress in the virus or whatever its called. The program which you are saying is called keylogger. But I do not have any of those on my PC. I have Wintasks software always running on my PC. Also, I have Trojanhunter and norton antivirus 2005, zonealarm firewall, spybot/adaware always running on my PC. So its not anything from my PC. It's something else. Maybe a server loophole or maybe the hacker is too intelligent. Now what is it is what I want to know. Quote Link to comment Share on other sites More sharing options...
K_M Posted October 10, 2004 Author Share Posted October 10, 2004 Should I be using YahooEmail or TCH-email for commercial purpose, if SECURITY is the ONLY concern? Which one is better? Which one do you recommend? I would like a reply from TCH security expert. I hate sleepless nights, mind you. Quote Link to comment Share on other sites More sharing options...
TCH-Bruce Posted October 10, 2004 Share Posted October 10, 2004 Since you are talking about a yahoo email account, that is a webmail account and your address book is not stored on your computer it's on one of the Yahoo servers. So their server could have been hacked not your computer. I would bring this up with someone from Yahoo. Or stop using it. Quote Link to comment Share on other sites More sharing options...
K_M Posted October 10, 2004 Author Share Posted October 10, 2004 I would bring this up with someone from Yahoo. Or stop using it. I have already emailed yahoo. Lets see what they say. What else do you recommend Bruce? Which email service or simply TCH email which comes with my normal website hosted at TCH? Quote Link to comment Share on other sites More sharing options...
TCH-Bruce Posted October 10, 2004 Share Posted October 10, 2004 I use my TCH mail for business and Gmail and my ISP for personal. Quote Link to comment Share on other sites More sharing options...
K_M Posted October 10, 2004 Author Share Posted October 10, 2004 Any other views? Anyone else? Quote Link to comment Share on other sites More sharing options...
TCH-Don Posted October 10, 2004 Share Posted October 10, 2004 I use MY TCH-mail for all but the default contact address in cpanel for that I use my ISP. And never any trouble. Quote Link to comment Share on other sites More sharing options...
Madmanmcp Posted October 10, 2004 Share Posted October 10, 2004 What exactly is being sent to your contacts? If its spam you probably have a virus or worm infection. To be "hacked" could be accomplished in several ways and for us to tell you with the few facts you supplied is impossible. As Thomas suggested there could be a key logger or password stealing program running on your computer, or a Back Oriface type program. The "hackers" could have guessed your password or used a password cracking program to discover it. Maybe its a friend or neighbor or family that has access to your computer and you have it set to remember your password. They just sit at your computer and do as they please. Maybe its a co-worker who has access to your work computer where you also log into yahoo mail and have it set to "remember me" next time you log in. So it could be any number of things, you need to investigate more to figure out what exactly it is. Good luck. Quote Link to comment Share on other sites More sharing options...
K_M Posted October 10, 2004 Author Share Posted October 10, 2004 What exactly is being sent to your contacts? If its spam you probably have a virus or worm infection. Yes, the 'so called hacker' sends ATTACHMENTS to people in my contacts list. No not just contacts list, but to people, who send me email(the people whose email remains in my inbox). And for that, I think the person should physically login to my account and then send attachments to email IDs in my inbox. A virus can send email to ALL people in address book. But a virus cannot send email to only a few contacts from address book, and to email IDs from my inbox. I hope the point is clear to you. SOMEONE IS LOGGING IN AND MESSING WITH MY ACCOUNT AND I DON'T KNOW WHO HE IS. Spam isn't a problem(one click delete) but a hacker is a BIG problem. And it scares me a lot. I feel uneasy thinking that some one may get into my online bank account and transfer all my hard earned money to his/her account. Or even steal my credit card number. My computer is at my residence. And I use 'lock my PC' software to lock my computer screen when I am away. So it's highly impossible for anyone to do anything to my PC because he needs the password to 'lock my PC' which starts with windows each time and asks password(and i regularly change that password too). I use cable internet connection. Is it possible that someone is sniffing packets sent from my PC in between my PC and yahoo server? Quote Link to comment Share on other sites More sharing options...
TCH-Dick Posted October 11, 2004 Share Posted October 11, 2004 Dont take offense to this, but everything you have described sounds like a virus of some sort. why would someone take the time to "hack" into your computer to send spam e-mails to ppl? A virus doesnt send e-mail only to ppl in your address book, it can send it to ANY e-mail address you have on your pc, recieved mail, cached web pages, text files etc. Quote Link to comment Share on other sites More sharing options...
Madmanmcp Posted October 11, 2004 Share Posted October 11, 2004 I also believe this is sounding like a virus. Now you asked for others views and I gave several. Did you know that typing in all caps is consider YELLING? If you really want help, please don't "yell" at those that are trying to help. The current batch of worms and virus out there use your address book and mail attachments (itself) to others to attempt to replicate and spread. The actual adresses used are random. Is your virus scanner current, have you updated with the most recent virus signatures? When was the last time you did a full scan of your system. Try scanning after booting in "safe mode". This will help find the virus's that can hide from scanners. Quote Link to comment Share on other sites More sharing options...
K_M Posted October 11, 2004 Author Share Posted October 11, 2004 I also believe this is sounding like a virus. Now you asked for others views and I gave several. Did you know that typing in all caps is consider YELLING? If you really want help, please don't "yell" at those that are trying to help. The current batch of worms and virus out there use your address book and mail attachments (itself) to others to attempt to replicate and spread. The actual adresses used are random. Is your virus scanner current, have you updated with the most recent virus signatures? When was the last time you did a full scan of your system. Try scanning after booting in "safe mode". This will help find the virus's that can hide from scanners. Wives and hackers make me yell! Sorry, won't yell again. My Yahoomail account got hacked. It has nothing to do with my PC. I access my account only when I go online(via browser, opera). I do not use SMTP or POP3 services. Also, my norton AV 2005 is set to automatic live update. If it's a virus then it must be on the yahoo servers, right? Even I receive files with attachments from unknown people(maybe a virus or a hacker). I delete such files with one click. But when someone(a virus) sends files to others with my email ID as sender, then it hurts my trust and reputation. If it's a hacker then I must stop him/her somehow. Now tel me how? I emailed Yahoo today. Don't know when will they reply. I am not a newbie. I am a computer expert and am in front of my computer screen most of the time, everyday. This thing bogs me down. Virus/hacker. I am searching for a solution to this problem. And the nearest answer I can think of is using TCH email account. The problem is, i have several websites and so wanted a single main account to manage all the smaller one's. I started using yahoomail heavily since a few months. No problems till this one. Yahoo.com is a lot faster than my site(s) hosted at TCH and at other web hosts. So it's confusing me and I am getting more and more frustrated. Please help! Quote Link to comment Share on other sites More sharing options...
K_M Posted October 11, 2004 Author Share Posted October 11, 2004 Can I trust TCH team and shift my main email account to TCH from Yahoo? Do they apply regular updates and patches? Can TCH servers fight hackers? Quote Link to comment Share on other sites More sharing options...
Deverill Posted October 11, 2004 Share Posted October 11, 2004 A virus can send email to ALL people in address book. But a virus cannot send email to only a few contacts from address book, and to email IDs from my inbox. This is incorrect. A virus program could easily pick 5 random contacts from your address book and send something to them. In fact, I would write one that does just that so it would not be immediately obvious you were the source of the problem. I'll agree with those who have spoken already - it sounds like a virus of some kind and what "hacker" would waste the time to spam a few of your friends by hand? It would take a lot of time and have very little payoff as far as spammers go. Quote Link to comment Share on other sites More sharing options...
Madmanmcp Posted October 11, 2004 Share Posted October 11, 2004 What this is sounding more like is one of the virus's that have infected someone else's computer and is sending emails out and is placing YOUR address in the "from:" field. YOU are not the one infected, someone else is, possibly a friend of yours or just someone who has YOU in THEIR address book. If this is the case, you are perfectly safe, no 0one has "hacked" your computer or you Yahoo account. And sorry to say there is not much you can do about it, you will not be able to track down who is actually infected. You have to just weather the storm and hope they soon discover the infection and clean it themselves. Quote Link to comment Share on other sites More sharing options...
TCH-Rick Posted October 11, 2004 Share Posted October 11, 2004 Just because an email says that it came from your Yahoo account does not mean that your account was hacked. It is easy enough for someone to spoof your email address. Many viruses now will pull an address from the address book of the infected machine and use it in the From and Reply-To fields so it looks like it came from someone else. This happens with all email accounts whether Yahoo, Hotmail, Gmail, or your TCH account. We get many Help Desk tickets from folks concerned that someone has hacked their email account. In every case that I can remember it was a spoofed address and looking at the headers of the message showed it came from a non-TCH server. Quote Link to comment Share on other sites More sharing options...
K_M Posted October 11, 2004 Author Share Posted October 11, 2004 The emails sent have "subjects" like: Mail Delivery (failure myemailID@yahoo.com) Postcard [none] Illegal Websites Approved Bill Your document News These are just 7 emails(there are several more), all having attachments. I do not send such emails to people! Yet they complain! Ok, my next question is, can a virus or a hacker attack your PC if you open .doc or .zip or .pif files? I feel .doc is harmless and .zip can't do anything unless I unzip it and run .bat or .exe file from it. I don't know anything about .pif Any expert opinions are welcome. Quote Link to comment Share on other sites More sharing options...
TCH-Rick Posted October 11, 2004 Share Posted October 11, 2004 The information from the bounced message body is meaningless. It just means that a message with your email address in the From or Reply-To field tried to be delivered and was rejected on the remote server. You would need to look at the headers for the original message to see if it came from your Yahoo account or another server. I would bet that it originated from another server based on the hundreds of similar messages I have looked at. Quote Link to comment Share on other sites More sharing options...
Madmanmcp Posted October 11, 2004 Share Posted October 11, 2004 Sounds like the NetSky virus based on the subjects you listed. Read here for information about this virus. h_tp://www.f-secure.com/v-descs/netsky_s.shtml Ok, my next question is, can a virus or a hacker attack your PC if you open .doc or .zip or .pif files?Not sure I completely understand the question...but. You can be "infected" by those files, yes. Each can contain a virus or worm or a executable program and there are lots of them currently out there. Can a "hacker" "attack" your PC, maybe...but this is a complicated process. A hacker could send you a specially built that could attack you...my question would be why would someone want to do this. Do you have an enemy with a reason to want to cause you problems? If not you are safe. I don't know anything about .pif A .pif is a windows executable file, it normall is a "shortcut" pointing to another executable file and contains instructions on how to "run" or "execute" the file. And a .doc or a .zip is not harmless, there were lots of virus's written for the bugs and holes in the MS Word file format and for its ability to execute program code. A zip file is still used to compress and hide worms and trojans and other types of virus. Quote Link to comment Share on other sites More sharing options...
K_M Posted October 11, 2004 Author Share Posted October 11, 2004 Sounds like the NetSky virus based on the subjects you listed. Read here for information about this virus.h_tp://www.f-secure.com/v-descs/netsky_s.shtml Ok, my next question is, can a virus or a hacker attack your PC if you open .doc or .zip or .pif files? Not sure I completely understand the question...but. You can be "infected" by those files, yes. Each can contain a virus or worm or a executable program and there are lots of them currently out there. Can a "hacker" "attack" your PC, maybe...but this is a complicated process. A hacker could send you a specially built that could attack you...my question would be why would someone want to do this. Do you have an enemy with a reason to want to cause you problems? If not you are safe. I don't know anything about .pifA .pif is a windows executable file, it normall is a "shortcut" pointing to another executable file and contains instructions on how to "run" or "execute" the file. And a .doc or a .zip is not harmless, there were lots of virus's written for the bugs and holes in the MS Word file format and for its ability to execute program code. A zip file is still used to compress and hide worms and trojans and other types of virus. Thanks Madmanmcp. I think you have hit the target. This is the virus which is causing all the trouble. It's on someone else's PC who knows my email address. The virus sends itself to me and to several other people(don't know how it sends with my name. Maybe you are right, spoofing........). Then those people complain to me that I have sent them a virus. I ask for proof. They forward me the attachment(s). I think I should open it and inspect it. But I come here and post. Hmmmmmmmm Now everything is clear. It's not a hacker. It's a virus! But Yahoomail use Norton 2004 for scanning attachments. Then how did the virus attachment go unscanned? Thanks to all of you again. Rock Sign I :heart TCH and TCH Team Quote Link to comment Share on other sites More sharing options...
K_M Posted October 11, 2004 Author Share Posted October 11, 2004 The information from the bounced message body is meaningless. It just means that a message with your email address in the From or Reply-To field tried to be delivered and was rejected on the remote server. You would need to look at the headers for the original message to see if it came from your Yahoo account or another server. I would bet that it originated from another server based on the hundreds of similar messages I have looked at. I checked and can only say that it's not from my IP address. It shows an IP of an ISP(local ISP). Maybe a client of that ISP is infected. Quote Link to comment Share on other sites More sharing options...
jandafields Posted October 11, 2004 Share Posted October 11, 2004 Anyone can send email to anyone they want and make it have your FROM address and Name on it. When I setup Outlook Express, it asks for my FROM email address, I could just as easily put yours there if I wanted to. Then, everything I send will be from you. The average person will have no idea how to tell it wasn't really from you, and they will 100% believe it was from you. Viruses do the exact same thing. They put your address in the FROM address, and lots of other peoples in the TO address. Those other people will 100% believe it is from you. Unfortunatly, there is nothing you can do to stop it. The best thing to do is to educate everyone that complains to you about the emails you supposedly sent. The Yahoo! servers are very secure. They have so many accounts that they are responsible for, one hack could put Yahoo! all over the news in a bad way. And, with so many accounts in Yahoo!, the chances of someone targeting you is quite slim. Quote Link to comment Share on other sites More sharing options...
Madmanmcp Posted October 11, 2004 Share Posted October 11, 2004 I think I should open it and inspect it. I would suggest that you delete the file and leave well enough alone. These are not the type of things you should fool around with unless you are trained and know what you are doing. I'd hate to see you back here asking how to get rid of this nasty virus Quote Link to comment Share on other sites More sharing options...
oompahloompah Posted October 11, 2004 Share Posted October 11, 2004 Bob... hmmm for all we know, we may not even see K_M for awhile until two weeks later with expletives strewn all over at the end of this forum thread. Naughty Quote Link to comment Share on other sites More sharing options...
MikeJ Posted October 11, 2004 Share Posted October 11, 2004 Can I trust TCH team and shift my main email account to TCH from Yahoo? Do they apply regular updates and patches? Can TCH servers fight hackers? TCH takes any and all security issues seriously and does act on them, as well as taking preventive measures to minimize risk to our customers accounts. However, in the case of someone spoofing your address as appears to be the case, it doesn't matter who your mail provider is, because it's someone else sending them from another network not related to your email provider. Quote Link to comment Share on other sites More sharing options...
TCH-Rob Posted October 11, 2004 Share Posted October 11, 2004 I think I should open it and inspect it. I would suggest that you delete the file and leave well enough alone. These are not the type of things you should fool around with unless you are trained and know what you are doing. I'd hate to see you back here asking how to get rid of this nasty virus Heck, I open those things all the time. I agree with Bob though and would leave well anough alone. Quote Link to comment Share on other sites More sharing options...
K_M Posted October 11, 2004 Author Share Posted October 11, 2004 No I won't open it. Don't worry. Thank you all for your help. I Love TCH forums and it's members. Quote Link to comment Share on other sites More sharing options...
oompahloompah Posted October 11, 2004 Share Posted October 11, 2004 That's great, being careful although on the other hand it's good to be curious all the same. I've opened some that were more of jokes than anything, pretending to wipe out my entire hard drive. I nearly had a heart attack over the file that a friend sent over. Quote Link to comment Share on other sites More sharing options...
TCH-Rob Posted October 11, 2004 Share Posted October 11, 2004 I do not recomend opening anything like that unless you are in a controlled environment. The potential is too great to go blindly in. Quote Link to comment Share on other sites More sharing options...
oompahloompah Posted October 11, 2004 Share Posted October 11, 2004 Definitely agree. I was young and stupid back then. Now I'm old... and still stupid. Quote Link to comment Share on other sites More sharing options...
TCH-Rob Posted October 11, 2004 Share Posted October 11, 2004 Cant touch that one kettle. Quote Link to comment Share on other sites More sharing options...
cajunman4life Posted October 13, 2004 Share Posted October 13, 2004 The only "virus" that I decided to keep was one that would flip my screen upside-down. I found it so amusing that I actually kept it, and when I feel like I've lost it all, I run it and have a laugh. Quote Link to comment Share on other sites More sharing options...
jandafields Posted October 13, 2004 Share Posted October 13, 2004 I like to keep keylogger-viruses and the blaster-virus on my computer just for fun too, you know... Quote Link to comment Share on other sites More sharing options...
MikeJ Posted October 13, 2004 Share Posted October 13, 2004 I still keep the virus called Microsoft Windows on one of my machines... woooot Quote Link to comment Share on other sites More sharing options...
Samrc Posted October 13, 2004 Share Posted October 13, 2004 I also have the upside-down on my machine, but my favorite is the one that you see what your computer looks like underwater....the screen gets watery and shimmery. Very cool gag. Another one I used to have asked if you wanted to access your built in cup holder, then opened your CD drawer. Unfortunately, that one got wiped from my machine by a virus detection software. -Samantha Quote Link to comment Share on other sites More sharing options...
TCH-Thomas Posted October 13, 2004 Share Posted October 13, 2004 built in cup holder, then opened your CD drawer. I have one, do you want me to email you it? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.