Windows 8 and 8.1 Forums

Email hijacked?

  1. #1

    Email hijacked?


    Today, Sunday at 16:00 GMT I received a dozed failed delivery notifications in my inbox. I haven't been using my email. I host a couple of websites with Zyma.com and use EMAP email and Thunderbird. My desktop is secured with AVG and Malwarebytes running all the time and spot scans by other software when I feel the need. Always clean.

    I wonder if my host email has been hacked? Here is the start of the returned notification.....

    This message was created automatically by mail delivery software. A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed:
    Last edited by Brink; 27 Jul 2014 at 12:17. Reason: removed email addresses

      My System SpecsSystem Spec

  2. #2


    Canada
    Posts : 1,950
    windows 8.1 Update 1 Pro 64bit
      My System SpecsSystem Spec

  3. #3


    Yes thanks I understood the reason, what I don't understand is why! I have not sent out lots of emails - ever. So someone is using me to spam??? If so how to stop it. Is it my end or the host?
      My System SpecsSystem Spec

  4. #4


    UK
    Posts : 283
    Windows 8.1


    I have had this type of thing in the past, it might not be that your account has been hacked, check your deleted/sent items see if anything strange is there, I would also recommend changing password just to be sure

    When you set up an email account you have the option of specifying your email address (doesn't have to be your actual email address for the account)
    so for example I could have my email sent out from mine, but have it look like it has come from joebloggs@spamme.com (made up address so not sure if this is allowed to be posted), these spammers seem to get valid email addresses and then use this as the email for their account (you don't need access to the account to pretend to be it), so anything I send would show as coming from that account and any replies would go to it, I would never see them as my correct email is not shown

    Unfortunately there is no way of stopping this, the best you can do is have a look at the mail headers and see if you can work out what domain it has come from and report it to them

    Can you post the full mail headers (taking out anything that relates to your email address)
      My System SpecsSystem Spec

  5. #5


    Header:


    From - Sun Jul 27 17:01:40 2014 X-Account-Key: account1 X-UIDL: UID3160-1400167536 X-Mozilla-Status: 0001 X-Mozilla-Status2: 00000000 X-Mozilla-Keys: Return-path: <> Envelope-to: xxx@briansphotoblog.com Delivery-date: Sun, 27 Jul 2014 16:53:38 +0100 Received: from mailnull by scorpion.zyma.com with local (Exim 4.82) id 1XBQlW-0039ir-47 for xxx@briansphotoblog.com; Sun, 27 Jul 2014 16:53:38 +0100 X-Failed-Recipients: assistant@responsecenters.org, fara-dix@hotmail.fr, loveuse42115@live.com, lassad124@hotmail.com, othmanemarzougui@yahoo.fr Auto-Submitted: auto-replied From: Mail Delivery System <Mailer-Daemon@scorpion.zyma.com> To: xxx@briansphotoblog.com Subject: Mail delivery failed: returning message to sender Message-Id: <E1XBQlW-0039ir-47@scorpion.zyma.com> Date: Sun, 27 Jul 2014 16:53:38 +0100 This message was created automatically by mail delivery software. A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed: assistant@responsecenters.org Domain briansphotoblog.com has exceeded the max defers and failures per hour (5/5 (100%)) allowed. Message discarded. fara-dix@hotmail.fr Domain briansphotoblog.com has exceeded the max defers and failures per hour (5/5 (100%)) allowed. Message discarded. loveuse42115@live.com Domain briansphotoblog.com has exceeded the max defers and failures per hour (5/5 (100%)) allowed. Message discarded. lassad124@hotmail.com Domain briansphotoblog.com has exceeded the max defers and failures per hour (5/5 (100%)) allowed. Message discarded. othmanemarzougui@yahoo.fr Domain briansphotoblog.com has exceeded the max defers and failures per hour (5/5 (100%)) allowed. Message discarded. ------ This is a copy of the message, including all the headers. ------ Return-path: <brian@briansphotoblog.com> Received: from [37.214.237.86] (port=29299 helo=briansphotoblog.com) by scorpion.zyma.com with esmtpa (Exim 4.82) (envelope-from <xxx@briansphotoblog.com>) id 1XBQlV-0039ZY-Ca; Sun, 27 Jul 2014 16:53:38 +0100 Message-ID: <86716e5c87f5$99f28383$5e70d6aa$@hotmail.com> From: lassad <lassad124@hotmail.com> To: <assistant@responsecenters.org>, <fara-dix@hotmail.fr>, <loveuse42115@live.com>, "MARZOUGUI OTHMANE"
    <lassad124@hotmail.com>, "miss misss" <othmanemarzougui@yahoo.fr> Subject: Date: Sat, 27 Jul 2014 04:53:38 +0000 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_26F9_C9C9F16E.2C3DA2CA" X-Priority: 3 X-MSMail-Priority: Normal Importance: Normal X-Mailer: Microsoft Windows Live Mail 16.4.3522.110 X-MimeOLE: Produced By Microsoft MimeOLE V16.4.3522.110 X-Antivirus: avast! (VPS 140727-0, 27.07.2014), Outbound message X-Antivirus-Status: Clean This is a multi-part message in MIME format. ------=_NextPart_000_26F9_C9C9F16E.2C3DA2CA Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable https://www.google.com/url?pl n0Iqp9N6-q4EgwH&q8%74tp%3a%2f%2Fl1%2egs%2Fet= JsdaN&sa=C3=90usg=C2=AFQjCNEjpg_wHR9779MXCbG9IOY6LqTSmQ --- =D0=AD=D1=82=D0=BE =D1=81=D0=BE=D0=BE=D0=B1=D1=89=D0=B5=D0=BD=D0=B8=D0=B5 = =D1=81=D0=B2=D0=BE=D0=B1=D0=BE=D0=B4=D0=BD=D0=BE =D0=BE=D1=82 =D0=B2=D0=B8= =D1=80=D1=83=D1=81=D0=BE=D0=B2 =D0=B8 =D0=B2=D1=80=D0=B5=D0=B4=D0=BE=D0=BD= =D0=BE=D1=81=D0=BD=D0=BE=D0=B3=D0=BE =D0=9F=D0=9E =D0=B1=D0=BB=D0=B0=D0=B3= =D0=BE=D0=B4=D0=B0=D1=80=D1=8F =D0=B7=D0=B0=D1=89=D0=B8=D1=82=D0=B5 =D0=BE= =D1=82 =D0=B2=D0=B8=D1=80=D1=83=D1=81=D0=BE=D0=B2 avast! AVAST 2014 | Download Free Antivirus Software for Virus Protection ------=_NextPart_000_26F9_C9C9F16E.2C3DA2CA Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable <HTML><HEAD></HEAD> <BODY dir=3Dltr> <DIV dir=3Dltr> <DIV style=3D"FONT-SIZE: 12pt; FONT-FAMILY: 'Calibri'; COLOR: #000000"> <DIV><A href=3D"https://www.google.com/url?pl n0Iqp9N6-q4EgwH&q8%74tp%3a%2= f%2Fl1%2egs%2FetJsdaN&sa=C3=90usg=C2=AFQjCNEjpg_wHR9779MXCbG9IOY6LqTSmQ">ht= tps://www.google.com/url?pl n0Iqp9N6-q4EgwH&q8%74tp%3a%2f%2Fl1%2egs%2FetJs= daN&sa=C3=90usg=C2=AFQjCNEjpg_wHR9779MXCbG9IOY6LqTSmQ</A></DIV></DIV></DIV>= <br /><br /> <hr style=3D'border:none; color:#909090; background-color:#B0B0B0; height: = 1px; width: 99%;' /> <table style=3D'border-collapse:collapse;border:none;'> <tr> <td style=3D'border:none;padding:0px 15px 0px 8px'> <a href=3D"http://www.avast.com/"> <img border=3D0 src=3D"http://static.avast.com/emails/avast-mail-stamp.= png" /> </a> </td> <td> <p style=3D'color:#3d4d5a; font-family:"Calibri","Verdana","Arial","Helv= etica"; font-size:12pt;'> =D0=AD=D1=82=D0=BE =D1=81=D0=BE=D0=BE=D0=B1=D1=89=D0=B5=D0=BD=D0=B8=D0= =B5 =D1=81=D0=B2=D0=BE=D0=B1=D0=BE=D0=B4=D0=BD=D0=BE =D0=BE=D1=82 =D0=B2=D0= =B8=D1=80=D1=83=D1=81=D0=BE=D0=B2 =D0=B8 =D0=B2=D1=80=D0=B5=D0=B4=D0=BE=D0= =BD=D0=BE=D1=81=D0=BD=D0=BE=D0=B3=D0=BE =D0=9F=D0=9E =D0=B1=D0=BB=D0=B0=D0= =B3=D0=BE=D0=B4=D0=B0=D1=80=D1=8F <a href=3D"http://www.avast.com/">avast! = Antivirus</a> =D0=B7=D0=B0=D1=89=D0=B8=D1=82=D0=B0 =D0=B0=D0=BA=D1=82=D0=B8= =D0=B2=D0=BD=D0=B0. </p> </td> </tr> </table> <br /> </BODY></HTML> ------=_NextPart_000_26F9_C9C9F16E.2C3DA2CA-- Thread-Index: AV72inpvbTh0MDk2dWczeGt6cmowNg==
      My System SpecsSystem Spec

Email hijacked?
Related Threads
IE 11 tells me that my IE proxy is set to 127.0.0.1:9666 so i can't browse websites. And in the internet options, Lan setting , proxy is disabled.... And in the regestry, HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer is set to 127.0.0.1:9666,the most...
I have a new ASUS notebook and it uses Windows 8. On my home pc I have Windows Vista and was able to set up multiply email accounts in Window Live Mail. (my charter, my hubby charter, 2 school google accounts and yahoo) I was able to read mail coming thru our main email acct (my charter), if an...
Solved Home Page Hijacked in System Security
After doing a recent update to Win 8, my home page on Fire Fox has been hijacked, and I can't get rid of it. I've restored to system to the day prior to when the new page appeared, I've deleted cookies, I've reset the homepage within Fire Fox, I've run Avast and Malwarebyte; it's still there. ...
I am extremely new to Windows 8 (like as of today) so I apologize in advance if I sound stupid in this. I was handed over a work computer today that runs Windows 8, the previous employee set everything up using her personal email information (IE: the email from the main email envelope is her...
Hi All I have had an issue recently whereby my IE has been hijacked by an adware site. The site URL is: ...
How to Create a "New Email Message" Shortcut in Vista, Windows 7, and Windows 8 This tutorial will show you how to create or download a shortcut that will open a new email message window in your default email client program with or without a specified recipient in Vista, Windows 7, and Windows...
Eight Forums Android App Eight Forums IOS App Follow us on Facebook