bbs.spamgourmet.com

discussion forums for spamgourmet
https://bbs.spamgourmet.com/

Has My Account Been Hijacked?

https://bbs.spamgourmet.com/viewtopic.php?f=4&t=1122

Page 1 of 1

Has My Account Been Hijacked?

PostPosted: Thu Mar 27, 2008 9:51 am
by surferdude
I received a suspicious looking email that is definitely spam, but I can't determine if they used my address or not.

The header information looks like this
(envelope-from <+somename+exampleaccount+93b0d22de6.clarkmclowna#7ms.com@spamgourmet.com>

I don't know what the 93b0d22de6 etc means, and I don't see this in my account as a listed email.

Have they figured out a way to spam my account?

PostPosted: Fri Mar 28, 2008 1:47 am
by josh
all incoming messages look like that when you have reply address masking enabled -- that way, if you reply, the message will come back through our server, and our code will make it so that your messages comes "from" the disposable address.

PostPosted: Fri Mar 28, 2008 7:10 am
by surferdude
Thanks but I believe the spammers are hijacking my addresses. They aren't creating new ones but rather they are using ones that already exist. It's really weird.

Is there someone I can chat with privately about this? I'd like to show you the entire header so you can see what I'm talking about.

Several emails have been received on accounts that no one else should have been aware of.

PostPosted: Sat Mar 29, 2008 7:17 pm
by fdude
On 3/28/2008, I also got several messages that were replies to spamgourmet id's that I never made. Most were system messages about delivery problems. I know I never made these id's or used them before and they were all similar in nature. I logged onto my spamgourmet account and indeed found that there were these and many other id's that I never had used... I guess it's possible someone who knows how spamgourmet works saw my account and decided to use it instead of theirs, which would seem to defeat the purpose since they'll never get the return emails. It's just odd though.

Advanced Mode Watchwords and Prefixes

PostPosted: Sat Mar 29, 2008 9:00 pm
by surferdude
@fdude: In Advanced Mode you can create a "Prefix" or a "Watchword" to avoid someone using your ID that way. I may have to start using one in this particular account. Take a look at the FAQ and search that window for Advanced Mode or Watchword.

My problem is many of my existing emails have been compromised. I guess eventually they will all max out and just get eaten.

Re: Advanced Mode Watchwords and Prefixes

PostPosted: Mon Mar 31, 2008 7:03 am
by gourmet
surferdude wrote:My problem is many of my existing emails have been compromised. I guess eventually they will all max out and just get eaten.


Yep... Or you can login and se those accounts to 0.

PostPosted: Mon Mar 31, 2008 6:07 pm
by SysKoll
A popular tool used by spammer is an address collection program. There are several of them out there running as payload in Windows viruses. But some collectors are buggy and drop the first few characters of emails, resulting in new word creations.

Nothing to worry about. Just use a watchword.

If you really are concerned, send Josh or me the headers of a typical message and we'll review it.
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
http://www.phpbb.com/