Email Hijacking and Phishing Emails
I have had a tremendous amount of trouble with Spam recently. Twice, I have had a large number of emails I didn't send returned marked `undeliverable'. It seems my email address may have been hijacked. The first time this happened was at the end of November/beginning of December. I saw all these emails appearing on MailWasher. I immediately logged on to my Wanadoo Webmail Account and saw that another 260 or so had gone straight into the Junk Email Folder. Panic. I have Norton Anti-Virus (which automatically updates itself when I am on-line) and email protection from Wanadoo, as well, so I was sure it wasn't a virus email that had caused the problem. I did an immediate virus scan - everything was clean.
For a couple of weeks, I used my webmail account instead of Outlook Express. I downloaded additional programs such as SpywareBlaster and Ad-Aware. Eventually, I opened Outlook Express. Of course, all the mail I had read on Wanadoo downloaded as un-read. Then, it all happened again on dates between 30th December and 2nd January. I was worried that Wanadoo might close my account for sending out Spam so I wrote to them for advice. Their reply was vague, just telling me that some Internet users use spoof email addresses and that many viruses also take email addresses from the address books of infected computers. They also told me how to report Spam by copying the IP address from the email header.
In November 2001, I opened an attachment and got the Badtrans.B worm, which immediately emailed itself to everyone in my "cache" so I know about viruses using address books. This 'sporadic hijacking' is different so what is causing it and can I do anything about it other than changing my email address? Have I got something nasty on my computer or is it an external problem? My Outlook Express folders are now in a total mess and I still haven't got round to sorting and deleting all those `unread` emails!
Do you know anyone this has happened to? I would appreciate any advice!
Now, a warning: a few days ago, I received an email telling me that I had just received a virtual postcard from Aunt Edna. I don't have an Aunt Edna, so I was suspicious. BUT, could it be someone I know being facetious? The postcard came from 1001 Postcards so I did a Google search and found the site. A very nice postcard site, I thought, but my pickup code of "35-dodge-treads-aunt" didn't work and I got an "ooops" message. Sent myself a postcard. There were some slight discrepancies between the two emails notifying me of my postcards, not least of which was the address for making a donation at Amazon.com. VERY suspicious by now. No way was I going to click on any of the links in the first email. I even went to the trouble of filling in the comment form at 1001 Postcards telling them that I suspected I had received a phishing email supposedly from them. Well, if it was your postcard website, you would want to know wouldn't you? They might want to put a warning somewhere on their pages.
I decided to do another google search and found confirmation. Yes, it is a phishing email. Clicking on any of the links sends you to a Trojan Site and opens a socks proxy on a random TCP port leaving you vulnerable to a particularly nasty trojan called CoolWebSearch. If you get a postcard notification from Aunt Edna, delete it immediately. If your name is Edna, don't send any postcards from 1001 Postcards to your nephews and nieces! They probably will bin them!