View Full Version : OT: I Just Spammed Myself!!

21st Jul 2002, 03:53
Has this ever happened to you? Up until about a week ago I had both an aol & an msn account. I decided to cancel msn because I never used it & didn't want to spend the money on two accounts. Just today, however, I received a spam email from my own old msn account!! It was definitely spam & not something that I could have generated intentionally or by accident.

Naturally, I'm pretty angry at whoever is responsible--this is, after all, my identity. Is there anything I can do other than complaining to microsoft about this?

21st Jul 2002, 09:07
Standard practice is to send the full e-mail (with header text shown, which can be switch on in 'options') to "abuse@" followed by the domain where the e-mail was sent from, for instance abuse@hotmail.com .

21st Jul 2002, 11:19
http://spamcop.net !

I have received a lot of this kind of spam recently (it started only a few weeks ago), and it made me MAD. The idea alone that some jerk uses MY email adress to spam people, arrrrrrrgh!!!!

Luckily, my new ISP has a spamfilter enabled (using some goodie from spamcop.net)... it has filtered already the incredible amount of 800-1000 spams to my domain. In the last 3 weeks, or what it is.

If there gets one through, I report it manually at spamcop.net... that makes sure it goes to the right recipient, you know. For the case that the spammer is faking everything.

21st Jul 2002, 11:40
Originally posted by ChowYunFat
..... I decided to cancel msn because I never used it & didn't want to spend the money on two accounts.....

I just cancelled my msn account for a new ISP. When I filled out the application form for the new service, I screwed up, and had my mail forwarded to the old address. Of course this doesn't work very well if you still want to recieve mail but it does keep you from recieving all that spam. The End. :D

Just a silly story,

21st Jul 2002, 13:16
It is of course entirely possible that it's not coming from your address, but just that it appears so.
For example, I, and a friend, have received Porn Spam from an address that says it is "alex@ttlg.com", :O.o: however no such email address exists and the mail doesn't pass through the ttlg server until it's received by it. Another example is "Mortgage refinancing" from "eberon@ttlg.com", in this case, however, the email address actually *does* exist, but again the email is not sent from the ttlg server. It's incredibly easy to fake the address where an email comes from.

Many viruses will also use a random email address from an infected users address book, Temporary Internet Files, or My Documents as the "From Address" in an email, again I have had virus emails from "digi@ttlg.com", "eberon@ttlg.com". and even "dave@ttlg.com" (my own email address) yet these emails do not originate from these addresses. I imagine the purpose of this is to make it much harder to tell infected users that they are infected and thereby extend the life of a virus "in the wild".

arh, 2 cents :)

21st Jul 2002, 21:38
Thank you all for the good information. :) I'm inclined to blame Microsoft for all this because it is their service. I never used the msn account for email & I don't think I ever even sent a mail with it (although I may have sent out a test email or two when I first got the account--so the address which received this spam could have been in the file server somewhere as an address to which the msn address had sent mail but nobody should have been able to access that). I've never received mail like this before & the fact that it occurred right after I had cancelled my account makes me very suspicious about what happened. I'll try writing to them, but don't expect to get any satisfaction from it.

Munin the Raven
29th Jul 2002, 02:50
It is very easy to fake an email address. However, it is more difficult to fake IPs and routing information. If you are suspicious about the origin of an email, compare the header to that of an authentic email from the sender. Chances are that the source IP and routing are completely different.

CDs with thousands of email addresses can be purchased online (they are popular for spammers and hackers). If you use popular online services such as AOL, MSN, or Hotmail, your email address has most likely already been sold or otherwise obtained. As to how the addresses are actually obtained, there are several possible culprits: the ISP and email companies (who knows how honest they are), disgruntled employees of such companies, "web bugs" and other forms of spyware, and hackers using all sorts of techniques (hacking into databases, "war-dialing/mailing", etc.). Also, worms are a major culprit for ripping through address books and hard drives and establishing mass-mailing databases.

I know that at least one of my email addresses has been used as a false address.

When you sign up for an ISP or email account, you are merely "adopting" an email address, not creating one. The email address you have chosen may have already been used as a fake address for thousands of spam and/or virus emails, could already be blocked by thousands of users, or at the worst monitored by authorities for suspicious activity. The only real protection your email account has is your own discretion, and your ingenuity with security software programs.