1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Distributed Strange emails

Discussion in 'Tech Support' started by KD88, 25 Jul 2015.

  1. KD88

    KD88 Minimodder

    25 Aug 2009
    Likes Received:
    Two days ago I had nearly 300 failed email notifications of emails I hadn't sent. I had about 20/30 each day friday and today the same.

    I've linked screenshots of my inbox and what they look like. I'm presuming It's some sort of virus even though I've got Avast protection.

    Does anyone know what they are and how to prevent any more?


  2. Gareth Halfacree

    Gareth Halfacree WIIGII! Staff Administrator Super Moderator Moderator

    4 Dec 2007
    Likes Received:
    It's unlikely to be a virus - especially if the timestamps of the messages correspond with times when your computer was switched off. Email is an incredibly trusting system, which is why spam works. All that has happened here is that a spammer has got your email address and has used it as the From: address for a bunch of outgoing spam. They haven't got access to your email, or your PC: you can literally type anything you want as 'your' email address in an outgoing message, and the mail server will just go "hurr-durr hokay boss" and take you at your word.

    You should stop receiving the bounces in a bit, because the spammer will move on to using someone else's address.
  3. Pookie

    Pookie Illegitimi non carborundum

    4 May 2010
    Likes Received:
    Also change your email passwords just to be sure.
  4. Flibblebot

    Flibblebot Smile with me

    19 Apr 2005
    Likes Received:
    Check your Sent Items folder just to make sure that someone hasn't got access to your account, but it's more likely to be as Gareth says: just someone using your email address.

    Hint: take it off the screenshot! :D
  5. Captain Haddock

    Captain Haddock Blistering Barnacles

    21 Apr 2008
    Likes Received:
    Not necessarily a virus.
    I get a lot of these and they're sometimes known as "return bounce" or "back spatter" emails.

    Spammer sends the email with an fake From: address and sets the <Return-Path> to something else; result at least one (possibly two) people get the spam email.

    If you (can) examine the mail headers (assuming the party returning the mail includes them; some do some don't) I think you'll find that that the <Return-Path> value is set to a random address your email domain (or maybe an email address you maintain).

    The From: field will to be some other address and the Received: will give a good indication of someone inadvertantly running a mis-configured email server.

    The best advice is simply to bin them, you're unlikely to get anywhere complaining to the admins who run the email server that sent you the bouncing email.
  6. Digerati

    Digerati Minimodder

    19 Feb 2011
    Likes Received:
    I agree with all of the above and this is almost certain to be a badguy spoofing your email address into spam he is sending (most likely from some other compromised computer).

    I assume your Avast is current, you scanned your computer and it came up clean. You also need to make sure your operating system is current. And since no single anti-malware solution is perfect, I recommend running supplemental scans with Malwarebytes's Anti-Malware (MBAM) just to make sure Avast (or you) did not let something slip by.

    Sadly, what happens sometimes in these cases is your email address gets blacklisted and then legitimate emails you send with that address get re-directed into spam folders, or blocked altogether. :( Most of the time, the addresses fall off the blacklists once the spam stops.

Share This Page