Login or Join Now

Upload your photos, chat, win prizes and much more

Username:
Password:
Remember Me

Can't Access your Account?

New to ePHOTOzine? Join ePHOTOzine for free!

Like 0

How do I get rid of `bounced' or `faked bounced' emails

Join Now

Join ePHOTOzine, the friendliest photography community.

Upload photos, chat with photographers, win prizes and much more for free!

Attention!

This topic is locked.
Reason: not doing anyone any favours
User_Removed
26 Jan 2013 - 12:19 AM

Paul the subtle point you don't understand is that they don't need to access your email account to send emails in your name. They can send emails in any name they like from their own account on any account they control.

Even Outlook Express in Win 98 would let you put anything@anything.com as your reply address, I remember winding friends up with emails "from" famous people.

Sponsored Links
Sponsored Links 
26 Jan 2013 - 12:19 AM

Join ePHOTOzine for free and remove these adverts.

Paul Morgan
Paul Morgan e2 Member 1315362 forum postsPaul Morgan vcard England6 Constructive Critique Points
26 Jan 2013 - 12:36 AM


Quote: Paul the subtle point you don't understand

I understand OK Chris, it got to the point where my email provider was threatening to close my account.

But it was all my own fault really, I purchased a new router and I did not change the log in name and password, I`d just left it as default, so I was asking for trouble, my PC was easily exploited along with many of my accounts.

Even my broadband speed was drastically effected and it crawled, Comparing what was coming out of the wall to what an online speed test gave away the whole game, I`d been exploited.

User_Removed
26 Jan 2013 - 12:43 AM

That's a different situation where software is installed on your machine and emails are sent out using your connection.

It's not the same as email spoofing.

Have you ever had email that appears to come from PayPal, Barclays Bank or eBay, but the links in it are dodgy?

How do you think they made the sender's address look genuine? By hacking eBay's router?

They don't have to hack in order to send email in your name (which is probably what's happened to the OP)

They do have to hack to send email from your machine and upset your ISP, (which is what happened to you). Try to understand the subtle difference mate.

Paul Morgan
Paul Morgan e2 Member 1315362 forum postsPaul Morgan vcard England6 Constructive Critique Points
26 Jan 2013 - 12:55 AM


Quote: That's a different situation where software is installed on your machine and emails are sent out using your connection

No they were sent from an IP adress in the US, using my email account, I`d slept all night and worked all day, it was late in the evening when I discovered what was going on, when I first switched the PC on.

I noticed hundreds of returned mails in my inbox, and my internet connection was very slow compared to what was coming in at the wall, it was a dead give away.

I sussed and rectified the problem by the time I had opened the email from Pete.


Quote: Have you ever had email that appears to come from PayPal, Barclays Bank or eBay, but the links in it are dodgy?

Of cause I have, and If I`d been stupid enough to answer them, my reply would not go back to the real paypal, not the same is it.

Yet those that replied to the spam I had sent(another person, another PC) came back to me.

Last Modified By Paul Morgan at 26 Jan 2013 - 1:01 AM
Paul Morgan
Paul Morgan e2 Member 1315362 forum postsPaul Morgan vcard England6 Constructive Critique Points
26 Jan 2013 - 1:06 AM

What the poster needs to do is check the message source, this is a great give away.

User_Removed
26 Jan 2013 - 1:11 AM


Quote: my reply would not go back to the real paypal.

YES IT WOULD MAN! You still don't get it! Go read Email 101

26-01-2013-01-07-55.jpg

Clicking links in the fake PayPal email won't take you to PayPal, but replying to it will send an email to the real PayPal. Where do you think it would go if you hit reply and your email program puts the PayPal address in the TO: section???

Anybody can send an email and make it looks like it comes from anyone they fancy, if it bounces or the person replies the person whose email address was used gets the bounced emails. That's what is happening to the OP.

What makes you think that the same thing that happened to you is happening to them?

Last Modified By User_Removed at 26 Jan 2013 - 1:13 AM
Paul Morgan
Paul Morgan e2 Member 1315362 forum postsPaul Morgan vcard England6 Constructive Critique Points
26 Jan 2013 - 3:16 AM


Quote: What makes you think that the same thing that happened to you is happening to them?

Why because that is typical symptom of a hijacked account, the solution is quite simple, change your email account password, and from that point on, no more returned mails, your on about spoofing, its not the same.

Also checking the returned emails source will give a lot of information, including the source of the spam with a corresponding IP address, and the email account used.

In my case, I could see it was sent from my email account, but it was sent from an IP address in the US.

I`m not in the Posters address book so I was never sent a spam mail, that`s how it works.

It would be a bit long winded for a spammer to use dozens or hundreds of individual email address, its a lot easier and more efficient for them to first exploit someone's account, then automatically send out spams to everyone in there address book.

Last Modified By Paul Morgan at 26 Jan 2013 - 3:21 AM
cats_123
cats_123 e2 Member 104023 forum postscats_123 vcard Northern Ireland25 Constructive Critique Points
26 Jan 2013 - 9:19 AM

thanks for all the `conflicting' Smile advice...and Paul for your PM Smile

have tried chceking for the sender's address, but as far as I can tell the messages are all coming from a server that controls virginmedia's outgoing messages. In fact the messages coming in suggest these are `fake' and or `bounced'. The route appears to be my wife's email address attempting to send an email containing a hyperlink...this goes out to, say, half a dozen (what appear to be) `genuine' email accounts and the receiving server is rejecting the messages, and bouncing them back. The systems must try 3 or 4 times before it gives up...but the messages are clearly generated by a nifty piece of software as they re-generate under different guises. I imagine they are hoping some gullible person will click on the link.

I will try changing the router id, but as said, before, have no access to virginmedia (despite their website saying I can access my wife's email account without being an account holder). I don't really want to spend hours on a support line (I doubt they would understand the problem anyway Wink)

User_Removed
26 Jan 2013 - 9:24 AM


Quote: the solution is quite simple, change your email account password

That wouldn't stop anyone sending thousands of spam emails in your name that looks like it comes from you (with you getting the returns), as pointed out, they don't need you user name, password or any access to your account to do that.

Quote: In my case, I could see it was sent from my email account, but it was sent from an IP address in the US

Which is exactly what would happen if someone sent emails in your name!! No evidence on your machine or in the sent folder of your webmail. Maybe the penny will drop. I've had messages off people saying "he just won't get it". I think you can. Try thinking about it logically Paul. How could you see it was sent from your account?

Quote: I`m not in the Posters address book so I was never sent a spam mail, that`s how it works

You don't need to be in anybody's address book for spammers to send an email in your name that looks like it comes from you

Quote: be a bit long winded for a spammer to use dozens or hundreds of individual email address

They buy a list of two million email addresses the program they use sends a message to everyone on the list, the sender's address is chosen randomly from the list every thousand emails. That person gets the bounce backs. That person thinks they've been hacked, even though they haven't and the IP address the emails come from is in the US and they have noting in their sent folders. Ring any bells?

mikehit
mikehit  56456 forum posts United Kingdom9 Constructive Critique Points
26 Jan 2013 - 6:17 PM

I think Chris's emails describe the options quite well. When you look at your email inbox you will see an email with the sender name on the 'From' column. Assuming I receive an email from Paul Morgan:
- Paul Morgan sends me an email
- Someone has hacked Paul's email account and is sending emails from his account without him knowing. If I look at the full header details (right-click, View full header in my account) I will see it is from Paul Morgan and the trail points to Paul Morgan's account. There are ways that the 'fake sender' can hide the sent emails so that Paul Morgan is unaware of this if he checks his 'Sent' box, so checking this is not a guarantee
- someone has got Paul Morgan's email address from somewhere (either they bought it from somewhere else of they have hacked someone else's account and got his address from there). They send an email to me, and they use 'Paul Morgan' in the settings to make it look as though it came from his, but when 'View full header' I will be able to see the route it came from. The e-mail has never been anywhere near Paul Morgan's account. As Chris says, this is like someone finds Paul's address book in the street and sees my name and address, then they post a letter to me with ''From Paul Morgan' on the reverse.

I understand from the IT guys at work that the last one is by far the most common - all they want is for the recipient to think 'Great, an email from Paul' and open it. Nowadays, computer programs are such that once a hacking programme breaks an email account they raid the address book and send out the required emails with the spammer doing absolutely nothing other than press 'run'.

Now you may take the view that, given the permutations, you may prefer to change passwords etc just in case but the chances are it is not necessary.

Paul Morgan
Paul Morgan e2 Member 1315362 forum postsPaul Morgan vcard England6 Constructive Critique Points
26 Jan 2013 - 8:14 PM


Quote: That wouldn't stop anyone sending thousands of spam emails in your name that looks like it comes from you

That would stop them getting into your account and auto spamming everyone in your address book.


Quote: even though they haven't and the IP address the emails come from is in the US and they have noting in their sent folders. Ring any bells

I can log into my email accounts from any location, however if I check the sent folder it will be empty for the simple reason, sent emails are stored on the machine that sent them, all I would have access to on another machine at a different location will be my address book(it will be a tiny file)

mikehit
mikehit  56456 forum posts United Kingdom9 Constructive Critique Points
26 Jan 2013 - 9:04 PM

I am not sure if you are denying Chris's explanation is a possibility, or if you are saying you do not believe it is the case in your situation (or why you do not believe it is the case).


Quote: That wouldn't stop anyone sending thousands of spam emails in your name that looks like it comes from you

That would stop them getting into your account and auto spamming everyone in your address book.

You are describing where someone has actually hacked your account and using your account to send e-mails. Chris is describing a situation where they send emails from their account and make it look like they came from you. Changing password will stop the former but not the latter.




Quote: even though they haven't and the IP address the emails come from is in the US and they have noting in their sent folders. Ring any bells

I can log into my email accounts from any location, however if I check the sent folder it will be empty for the simple reason, sent emails are stored on the machine that sent them, all I would have access to on another machine at a different location will be my address book(it will be a tiny file)

Strange. Because I can log into any machine and see all my sent emails in my sent box (I have three computers at home and I can see all sent items on all of them, and have accessed my sent items from an internet cafe in Canada): they are held on my ISP server, not my computer.

Last Modified By mikehit at 26 Jan 2013 - 9:05 PM
Paul Morgan
Paul Morgan e2 Member 1315362 forum postsPaul Morgan vcard England6 Constructive Critique Points
26 Jan 2013 - 9:19 PM


Quote: I am not sure if you are denying Chris's explanation is a possibility, or if you are saying you do not believe it is the case in your situation (or why you do not believe it is the case).
You are describing where someone has actually hacked your account and using your account to send e-mails

In my case and in other peoples cases I have helped people with since, the problem has been with hacking, how else would they get your email account, password and address book Smile

You lot seem to argue for the sake of it Sad


Quote: Chris is describing a situation where they send emails from their account and make it look like they came from you. Changing password will stop the former but not the latter

Yes and he has a problem understanding other peoples situations, I have repeated and explained the situation on countless occasions through out this thread, are you two thick or something.

chris.maddock
26 Jan 2013 - 9:21 PM


Quote: Strange. Because I can log into any machine and see all my sent emails in my sent box (I have three computers at home and I can see all sent items on all of them, and have accessed my sent items from an internet cafe in Canada): they are held on my ISP server, not my computer.

That depends on how the email is being sent. If it's via a webmail facility then, yes, the sent mails will be on the ISPs server.
If, however, it's done using a proper email client (eg Thunderbird portable on a USB stick that can be plugged into and run from any PC) then the sent mails will be in the email client's sent items.

mikehit
mikehit  56456 forum posts United Kingdom9 Constructive Critique Points
26 Jan 2013 - 9:26 PM

Paul - No, I am not 'think or something' and I understood your email perfectly well.
Maybe we were talking at cross purposes: I (and I believe Chris) were referring to the OP and saying they may not have been hacked. You seemed to be taking an experience of yours (which did involve hacking) and saying to the OP that that was their problem. As I say, not mutually exlcusive.

Attention!

This topic is locked.
Reason: not doing anyone any favours