Canadian Pharmacy

Topic

New Reply

My son is having problems with one of the sites he visits… we think.

Every now and then everyone in his address book (which we think is his Hotmail address book, as he doesn’t use any other email application) will get one or two emails from him with no subject and just a short ‘hello’ message and a link to a website. The link takes you to the infamous Canadian Pharmacy, which will provide to you super-cheap prescription medicine. The headline example is normally for Viagra but lots of other stuff is offered. I thought he was having a bit of a joke with me at first but he assures me that lots of people got the add, the spam didn’t just single me out!

The problem is, how is this done? We’ve scanned for viruses and malaware with quite a few applications and it always comes back clean. How did it get his entire address book, particularly when it’s a Hotmail account?

Has this happened to anyone else? Is there anything we can do about it? We’re not even sure if it is just one site he visits, which site it may be, or even if it is a site. We’re pretty sure there’s nothing loaded on his laptop, so what else could it be?

Any ideas/advice would be appreciated.

Thanks.

Reply | Quote

Replies

There were news stories a couple of months’ back about a quantity of Hotmail accounts being harvested by spammers. Your son seems to be fallen victim…

BATcher

Plethora means a lot to me.

Reply | Quote

Hi :

It would have been helpful IF you had mentioned the Names of the
programs that were used to scan for “viruses” ( which no longer exist )
and/or malware !? IF they did not include Malwarebytes Anti-Malware
and/or “SUPERAntiSpyware”, BOTH of which come in a “Free”
Version, then I recommend you do so . Sounds like there MAY be
what is called a “Spam Bot” on the computer !?

Edit : May want to consider using the Free “program” available at
http://temerc.com/Check_Spammers/ !? “Temerc” is the
UserName of an experienced, CERTIFIED, Volunteer
“Malware Removal Specialist” .

Reply | Quote

Every now and then everyone in his address book (which we think is his Hotmail address book, as he doesn’t use any other email application) will get one or two emails from him with no subject and just a short ‘hello’ message and a link to a website.

Not all spam mysteries can be solved, but we should at least try to figure out whether it is coming from your son’s PC and/or is being sent through his Hotmail account. See whether you can get the message headers, sometimes called the Internet headers, for one or more of those messages. Checking the IP addresses at the top of the headers will help you determine whether they are coming from your son’s PC (if they have the IP address of his PC as the origin, then that is likely) and whether they are being sent through Live Hotmail or some other service (usually the last IP address before the recipient is the “real” mail server). Because the sender name, and much other information in the header, can be spoofed, this kind of analysis is not definitive, but it seems worth a try.

Note that different mail programs and webmail sites display the headers in different ways. (Someone should make a chart, or maybe there’s one out there already. )

== Edit ==

I just realized you got the messages. If you still have them, you can start by looking at those headers.

Reply | Quote

Thanks everyone.

I’ve tried checking the headers on one of the offending emails however, there isn’t really much I can tell from them. I’ve compared them to valid emails from my son and can’t see anything that could be considered unusual.

I’ve run the IP addresses through http://temerc.com/Check_Spammers/ and the worst that comes up is some addresses listed on the PBL, which doesn’t appear to be a bad thing.

We’ve used Malawarebytes and Nortons’ free scan shows some minor tracking cookies but nothing else. I haven’t had a chance to run the SUPERAntiSpyware yet as the computer (which is a laptop) was being used today at Uni.

All in all, I think the decision is to trash his email address and close the account as it looks like it may actually be one of the stolen Hotmail addresses. If further investigation turns up anything, I’ll let you know.

Thanks again for all your great advice.

Cheers, Andy.

Reply | Quote

All in all, I think the decision is to trash his email address and close the account as it looks like it may actually be one of the stolen Hotmail addresses. If further investigation turns up anything, I’ll let you know.

If the addresses in his address book have already been harvested then closing his account will do no good. Changing an email header to have it appear to be from someone else is trivial to do programatically.

You could perform a test by creating a new account at another site such as Yahoo or Gmail, adding that new email address to his address book, then see if it receives an email the next time the others do. If it does then his account is compromised and should be closed. If it does not then his address book has been harvested sometime in the past and no matter what he does with the account now it is too late.

Joe

--Joe

Reply | Quote

Your son is far from being the only victim and Hotmail is far from being the only source. I have the same problem from a variety of sources and it is obvious that in at least some cases they have my name and email address. Others are addressed to someone other than me, so how I end up with them has always been a mystery. I will admit that my email filters seem to do an excellent job, and I think that is just Microsoft’s own, although it’s possible Kaspersky is part of it as well.

The recent ebook Privacy and Security in Office from WindowsSecrets might be an investment to consider. (If I recall correctly, I think we get a discount.)

Reply | Quote

I have just looked it up and it is the Outlook Junk Mail Filter that is doing such a fine job of sending junk to the Junk-email Folder instead of to the Inbox. I guess if you’re not using Outlook you don’t enjoy the benefit of that, and how you get Outlook for less than a king’s ransom I don’t know UNLESS YOUR SON QUALIFIES FOR A STUDENT EDITION.

It may be more complicated than that, but if someone really is a student then they can get Office for a (relative) song (and I think that will include the free upgrade to Office 2010 when that comes out even if you purchase 2007 now). Even more interesting is that Office 2010 comes in 32-bit and 64-bit flavours, and if your son’s computer happens to support 64-bit then the security of Office 2010 will be substantial indeed. No matter how advanced or otherwise your son may be, it is a profitable (in more than one sense) suite to learn. Be sure of the conditions before you invest, but if you can legitimately get it I recommend you do so.

Amended to include more information:

Here is the link to Privacy and Security in Office[/url] You get a discount if you are a subscriber to any of the Office Watch newsletters (which just happens to be free). The price is $9.95 for subscribers. If you don’t have Office (or Outlook), you can download a free 60-day TRIAL ,which should just take you to the approximate release date of Office 2010.The Home and Student edition is a considerable saving over the regular suite. In order to get the automatic upgrade to the 2010 version, you must have the 2007 version installed and registered first.

Reply | Quote

I guess if you’re not using Outlook you don’t enjoy the benefit of that, and how you get Outlook for less than a king’s ransom I don’t know UNLESS YOUR SON QUALIFIES FOR A STUDENT EDITION.

Microsoft actually switches out Outlook for OneNote in the Home/Student edition, so while this suite is a great deal, it isn’t a cheap way to get a copy of Outlook.

Reply | Quote

Microsoft actually switches out Outlook for OneNote in the Home/Student edition, so while this suite is a great deal, it isn’t a cheap way to get a copy of Outlook.

Ouch. Sorry for the bum steer. OneNote is arguably a better choice for student use in any case, but it doesn’t help in this case.

Admittedly, Outlook is a whopper of a program and while there are lots of alternatives; it just happens to be the one thing that in my case really does a fine job of separating the spam from the legitimate messages. I don’t know the territory, but there must be lots of other filters that will accomplish the same thing. Does anyone know of a spam filter we can recommend?

Reply | Quote

All right, here is one recommendation. This is similar to Hotmail in that it is a type of cloud computing, and in certain respects many will argue that it is better. The recommendation is that you use GMail, which is a free mail service from Google. This does have a spam filter available for it, and it has a gigantic (by present standards) 1 GB online storage capacity. What is more, if and when you acquire Outlook, it is a simple matter to add GMail to your list of services. There is no need to discontinue Hotmai (or any other mail service), and it may be best to keep both accounts for a certain length of time so that you can be sure you have notified all of your legitimate contacts of the address change. The quickest way to find out more is to visit GMail FAQ. There is also an extensive set of online services in addition to GMail that might interest you.These are Google Apps, and there is both a free version and a paid version.

A second recommendation is to look into Thunderbird, which is the email program that is associated with Firefox.

Reply | Quote

All right, here is one recommendation. This is similar to Hotmail in that it is a type of cloud computing, and in certain respects many will argue that it is better. The recommendation is that you use GMail, which is a free mail service from Google. This does have a spam filter available for it, and it has a gigantic (by present standards) 1 GB online storage capacity. What is more, if and when you acquire Outlook, it is a simple matter to add GMail to your list of services. There is no need to discontinue Hotmai (or any other mail service), and it may be best to keep both accounts for a certain length of time so that you can be sure you have notified all of your legitimate contacts of the address change. The quickest way to find out more is to visit GMail FAQ. There is also an extensive set of online services in addition to GMail that might interest you.These are Google Apps, and there is both a free version and a paid version.

A second recommendation is to look into Thunderbird, which is the email program that is associated with Firefox.

I have used Thunderbird for years, and its junk mail filtering is quite good. I highly recommend it.

Recently a friend had a worm infection that sent a malicious link to everyone in their email address book. I didn’t even know about that “bad” email, since it went straight to the Junk folder.

Reply | Quote

If you don’t need to connect to an exchange server, I would take thunderbird any day.

Reply | Quote

I agree with rgrosz, and Thunderbird is free. Also not vulnerable to having the address book stolen, as in OE and Outlook. I’ve used it almost since its inception.

Reply | Quote