Take your photography to the next level and beyond...

  • NEWS
  • REVIEWS
  • INSPIRATION
  • COMMUNITY
  • COMPETITIONS

Why not join for free today?

Join for Free

Your total photography experience starts here


PRIZES GALORE! Enter The ePHOTOzine Exclusive Christmas Prize Draw; Over £10,000 Worth of Prizes! Plus A Gift For Everybody On Christmas Day!

How do I get rid of `bounced' or `faked bounced' emails

Attention!

This topic is locked.

Reason : not doing anyone any favours


User_Removed 10 3.3k 4 United Kingdom
26 Jan 2013 12:19AM
Paul the subtle point you don't understand is that they don't need to access your email account to send emails in your name. They can send emails in any name they like from their own account on any account they control.

Even Outlook Express in Win 98 would let you put anything@anything.com as your reply address, I remember winding friends up with emails "from" famous people.

Join ePHOTOzine for free and remove these adverts.

Paul Morgan e2
13 16.1k 6 England
26 Jan 2013 12:36AM

Quote:Paul the subtle point you don't understand


I understand OK Chris, it got to the point where my email provider was threatening to close my account.

But it was all my own fault really, I purchased a new router and I did not change the log in name and password, I`d just left it as default, so I was asking for trouble, my PC was easily exploited along with many of my accounts.

Even my broadband speed was drastically effected and it crawled, Comparing what was coming out of the wall to what an online speed test gave away the whole game, I`d been exploited.
User_Removed 10 3.3k 4 United Kingdom
26 Jan 2013 12:43AM
That's a different situation where software is installed on your machine and emails are sent out using your connection.

It's not the same as email spoofing.

Have you ever had email that appears to come from PayPal, Barclays Bank or eBay, but the links in it are dodgy?

How do you think they made the sender's address look genuine? By hacking eBay's router?

They don't have to hack in order to send email in your name (which is probably what's happened to the OP)

They do have to hack to send email from your machine and upset your ISP, (which is what happened to you). Try to understand the subtle difference mate.
Paul Morgan e2
13 16.1k 6 England
26 Jan 2013 12:55AM

Quote:That's a different situation where software is installed on your machine and emails are sent out using your connection


No they were sent from an IP adress in the US, using my email account, I`d slept all night and worked all day, it was late in the evening when I discovered what was going on, when I first switched the PC on.

I noticed hundreds of returned mails in my inbox, and my internet connection was very slow compared to what was coming in at the wall, it was a dead give away.

I sussed and rectified the problem by the time I had opened the email from Pete.


Quote:Have you ever had email that appears to come from PayPal, Barclays Bank or eBay, but the links in it are dodgy?


Of cause I have, and If I`d been stupid enough to answer them, my reply would not go back to the real paypal, not the same is it.

Yet those that replied to the spam I had sent(another person, another PC) came back to me.
Paul Morgan e2
13 16.1k 6 England
26 Jan 2013 1:06AM
What the poster needs to do is check the message source, this is a great give away.
User_Removed 10 3.3k 4 United Kingdom
26 Jan 2013 1:11AM

Quote:my reply would not go back to the real paypal.

YES IT WOULD MAN! You still don't get it! Go read Email 101

26-01-2013-01-07-55.jpg



Clicking links in the fake PayPal email won't take you to PayPal, but replying to it will send an email to the real PayPal. Where do you think it would go if you hit reply and your email program puts the PayPal address in the TO: section???

Anybody can send an email and make it looks like it comes from anyone they fancy, if it bounces or the person replies the person whose email address was used gets the bounced emails. That's what is happening to the OP.

What makes you think that the same thing that happened to you is happening to them?
Paul Morgan e2
13 16.1k 6 England
26 Jan 2013 3:16AM

Quote:What makes you think that the same thing that happened to you is happening to them?


Why because that is typical symptom of a hijacked account, the solution is quite simple, change your email account password, and from that point on, no more returned mails, your on about spoofing, its not the same.

Also checking the returned emails source will give a lot of information, including the source of the spam with a corresponding IP address, and the email account used.

In my case, I could see it was sent from my email account, but it was sent from an IP address in the US.

I`m not in the Posters address book so I was never sent a spam mail, that`s how it works.

It would be a bit long winded for a spammer to use dozens or hundreds of individual email address, its a lot easier and more efficient for them to first exploit someone's account, then automatically send out spams to everyone in there address book.
cats_123 e2
10 4.2k 25 Northern Ireland
26 Jan 2013 9:19AM
thanks for all the `conflicting' Smile advice...and Paul for your PM Smile

have tried chceking for the sender's address, but as far as I can tell the messages are all coming from a server that controls virginmedia's outgoing messages. In fact the messages coming in suggest these are `fake' and or `bounced'. The route appears to be my wife's email address attempting to send an email containing a hyperlink...this goes out to, say, half a dozen (what appear to be) `genuine' email accounts and the receiving server is rejecting the messages, and bouncing them back. The systems must try 3 or 4 times before it gives up...but the messages are clearly generated by a nifty piece of software as they re-generate under different guises. I imagine they are hoping some gullible person will click on the link.

I will try changing the router id, but as said, before, have no access to virginmedia (despite their website saying I can access my wife's email account without being an account holder). I don't really want to spend hours on a support line (I doubt they would understand the problem anyway Wink)
User_Removed 10 3.3k 4 United Kingdom
26 Jan 2013 9:24AM

Quote:the solution is quite simple, change your email account password

That wouldn't stop anyone sending thousands of spam emails in your name that looks like it comes from you (with you getting the returns), as pointed out, they don't need you user name, password or any access to your account to do that.

Quote:In my case, I could see it was sent from my email account, but it was sent from an IP address in the US

Which is exactly what would happen if someone sent emails in your name!! No evidence on your machine or in the sent folder of your webmail. Maybe the penny will drop. I've had messages off people saying "he just won't get it". I think you can. Try thinking about it logically Paul. How could you see it was sent from your account?

Quote:I`m not in the Posters address book so I was never sent a spam mail, that`s how it works

You don't need to be in anybody's address book for spammers to send an email in your name that looks like it comes from you

Quote:be a bit long winded for a spammer to use dozens or hundreds of individual email address

They buy a list of two million email addresses the program they use sends a message to everyone on the list, the sender's address is chosen randomly from the list every thousand emails. That person gets the bounce backs. That person thinks they've been hacked, even though they haven't and the IP address the emails come from is in the US and they have noting in their sent folders. Ring any bells?
mikehit e2
5 7.1k 11 United Kingdom
26 Jan 2013 6:17PM
I think Chris's emails describe the options quite well. When you look at your email inbox you will see an email with the sender name on the 'From' column. Assuming I receive an email from Paul Morgan:
- Paul Morgan sends me an email
- Someone has hacked Paul's email account and is sending emails from his account without him knowing. If I look at the full header details (right-click, View full header in my account) I will see it is from Paul Morgan and the trail points to Paul Morgan's account. There are ways that the 'fake sender' can hide the sent emails so that Paul Morgan is unaware of this if he checks his 'Sent' box, so checking this is not a guarantee
- someone has got Paul Morgan's email address from somewhere (either they bought it from somewhere else of they have hacked someone else's account and got his address from there). They send an email to me, and they use 'Paul Morgan' in the settings to make it look as though it came from his, but when 'View full header' I will be able to see the route it came from. The e-mail has never been anywhere near Paul Morgan's account. As Chris says, this is like someone finds Paul's address book in the street and sees my name and address, then they post a letter to me with ''From Paul Morgan' on the reverse.

I understand from the IT guys at work that the last one is by far the most common - all they want is for the recipient to think 'Great, an email from Paul' and open it. Nowadays, computer programs are such that once a hacking programme breaks an email account they raid the address book and send out the required emails with the spammer doing absolutely nothing other than press 'run'.

Now you may take the view that, given the permutations, you may prefer to change passwords etc just in case but the chances are it is not necessary.
Paul Morgan e2
13 16.1k 6 England
26 Jan 2013 8:14PM

Quote:That wouldn't stop anyone sending thousands of spam emails in your name that looks like it comes from you


That would stop them getting into your account and auto spamming everyone in your address book.


Quote:even though they haven't and the IP address the emails come from is in the US and they have noting in their sent folders. Ring any bells


I can log into my email accounts from any location, however if I check the sent folder it will be empty for the simple reason, sent emails are stored on the machine that sent them, all I would have access to on another machine at a different location will be my address book(it will be a tiny file)
mikehit e2
5 7.1k 11 United Kingdom
26 Jan 2013 9:04PM
I am not sure if you are denying Chris's explanation is a possibility, or if you are saying you do not believe it is the case in your situation (or why you do not believe it is the case).


Quote:That wouldn't stop anyone sending thousands of spam emails in your name that looks like it comes from you

That would stop them getting into your account and auto spamming everyone in your address book.



You are describing where someone has actually hacked your account and using your account to send e-mails. Chris is describing a situation where they send emails from their account and make it look like they came from you. Changing password will stop the former but not the latter.




Quote:even though they haven't and the IP address the emails come from is in the US and they have noting in their sent folders. Ring any bells

I can log into my email accounts from any location, however if I check the sent folder it will be empty for the simple reason, sent emails are stored on the machine that sent them, all I would have access to on another machine at a different location will be my address book(it will be a tiny file)



Strange. Because I can log into any machine and see all my sent emails in my sent box (I have three computers at home and I can see all sent items on all of them, and have accessed my sent items from an internet cafe in Canada): they are held on my ISP server, not my computer.
Paul Morgan e2
13 16.1k 6 England
26 Jan 2013 9:19PM

Quote:I am not sure if you are denying Chris's explanation is a possibility, or if you are saying you do not believe it is the case in your situation (or why you do not believe it is the case).
You are describing where someone has actually hacked your account and using your account to send e-mails



In my case and in other peoples cases I have helped people with since, the problem has been with hacking, how else would they get your email account, password and address book Smile

You lot seem to argue for the sake of it Sad


Quote:Chris is describing a situation where they send emails from their account and make it look like they came from you. Changing password will stop the former but not the latter


Yes and he has a problem understanding other peoples situations, I have repeated and explained the situation on countless occasions through out this thread, are you two thick or something.
chris.maddock 13 3.4k United Kingdom
26 Jan 2013 9:21PM

Quote:Strange. Because I can log into any machine and see all my sent emails in my sent box (I have three computers at home and I can see all sent items on all of them, and have accessed my sent items from an internet cafe in Canada): they are held on my ISP server, not my computer.


That depends on how the email is being sent. If it's via a webmail facility then, yes, the sent mails will be on the ISPs server.
If, however, it's done using a proper email client (eg Thunderbird portable on a USB stick that can be plugged into and run from any PC) then the sent mails will be in the email client's sent items.
mikehit e2
5 7.1k 11 United Kingdom
26 Jan 2013 9:26PM
Paul - No, I am not 'think or something' and I understood your email perfectly well.
Maybe we were talking at cross purposes: I (and I believe Chris) were referring to the OP and saying they may not have been hacked. You seemed to be taking an experience of yours (which did involve hacking) and saying to the OP that that was their problem. As I say, not mutually exlcusive.