Hi Everyone, and Happy Holidays!

I’m not sure if this is an Avast question, if it isn’t please direct me.

I have Avast 5.0.677, which does a pretty good job. I also use SuperAntiSpyware.

I have two web based e-mail accounts/addresses (from different main servers) set up in MS Outlook 2003. Recently, my friend e-mailed me to tell me that Spam was sent to her e-mail from my e-mail address that I rarely use. (It was a Nativity scene from Hong Kong).

Since I never send her messages using the rarely used email address, I am wondering how this happened. Did someone hijack my system and invade my Outlook Contacts?

If so, how? And is there anything I can do to stop or prevent it? Avast found no threats in my system when I ran a scan today.

Any help will be appreciated. (I do have Avast Outlook Plug-in set up.)

It can come from the server side, so possibly not your problem as such

The version of SAS it’s free or Pro?

Did you ran already a scan with Malwarebytes?

Whilst this is a very old article, it is none the less still relevant.

Someone’s Sending From My E-mail Address! - How Do I Stop Them?

Extract from Lockerknome newsletter

By Leo of Puget Sound Software

You’re minding your own business, and one day you get e-mail from someone you’ve never heard of, and they’re asking you to stop sending them e-mail. Or worse, they’re angry. Or worse yet, they accuse you of sending them a virus! But you don’t know them, you’ve never heard of them, and you know you’ve never sent them e-mail.

Welcome to the world of viruses, where you can get the blame for someone else’s infection. And there’s worse news to come.

Before I get to that, though, there is always a small possibility that your e-mail account has been compromised. The solution there is simple: change your password immediately. That should prevent someone who’s using your account for malicious purposes from continuing, assuming you’ve chosen a good password.

But these days that’s not the most common cause for the situation I’ve described. Viruses are. And what’s worse, there’s almost nothing you can do.

The MyDoom/Novarg virus currently running rampant is a great example. The virus infects someone’s machine, and then looks in the e-mail address book on that machine, and e-mails a copy of itself to everyone it finds. What it also does is forge the “From:” address for the e-mail that it sends. What does it use to forge the address? Why the addresses in the address book, of course. So an infected machine will send e-mail to everyone in the address book, looking as if it was sent by other people in that address book, even though it was not.

Let’s use a concrete example: Peter’s machine gets infected with the MyDoom virus. In his address book are entries for friends Paul and Mary. Paul and Mary have never met, have never exchanged e-mail, and do not know each other - they each just know Peter. The virus on Peter’s machine will send e-mail with the virus to Paul looking like it came from Mary. Paul may wonder who the heck this Mary person is and why she’s sending him a virus, but she was never involved.

If you’re in Mary’s place, you can see that it would be frustrating to be accused of something that you had nothing to do with and have no control over.

For the record, your e-mail address may end up in the address books of people you don’t know as well. Various e-mail programs will automatically hold on to additional e-mail addresses that were included on e-mail you received, or possibly from e-mail that was forwarded. Viruses have also been known to use other sources of e-mail addresses, or even forward them around as the virus spreads. What that means is that the simple “friend of a friend” example I used with Peter, Paul, and Mary, while simple and certainly possible, is not the only way your e-mail could show up in a forged “from” line.

What’s important here is simply this: one way or another, e-mail viruses lie about who sent them.

If someone accuses you of sending a virus-laden e-mail, and you are positive you did not, then you have very little recourse other than trying to educate them about how viruses work. Point them at this article if you like. But be clear: you’re not necessarily infected, nor is the person who received the mail claiming to be from you. It’s some third party who is. (And identifying that third party is difficult - this is why virus writers use this technique.)

And of course be sure that you’re not going to get infected yourself: don’t open attachments from people you don’t know, and make sure you have an up-to-date virus checker and virus definitions file. I have recommendations for virus scanning software here.

David is correct - and there has been a spate of them recently where the password was compromised at the server

Hello Again!

Thanks so much for all your posts. I am sorry that this was about a very old topic. It’s just that I thought that perhaps some more solutions besides changing the password and running scans would have surfaced. Fortunately, this is the first time in 10 years that someone hijacked my e-mail. I’ve had other virus problems at various times throughout those 10 years, but not this one!)

I use free SuperAntiSpyware, and ran that, as well as Malwarebytes. (Thanks for reminding me about the Malwarebytes, by the way!) Malwarebytes found nothing, but SuperAntiSpyware found tons of cookies. Strange, since I just ran it last week.

I will have my password changed. Again, thanks so much!

You’re welcome.

When you change your password, make sure that it is a strong one, with a mix of upper and lower case letters and numbers and if the ISP/email provider allow the use of certain characters, like # then use that too. This makes your password harder to crack making you less of a target.

Don’t use any name or word in a dictionary as dictionary attacks to try and get entry are common place.