x404.co.uk :: View topic - Sister's Email's gone done something odd

Return-path: <sister'semailaddress@hotmail.co.uk>
Envelope-to: myemailaddress@xxxxx.com
Delivery-date: Wed, 02 Feb 2011 14:14:13 -0500
Received: from blu0-omc2-s9.blu0.hotmail.com ([65.55.111.84]:33120)
by universe.have-host.com with esmtp (Exim 4.69)
(envelope-from <sister'semailaddress@hotmail.co.uk>)
id 1Pki9b-0000jn-Vo
for myemailaddress@xxxxx.com; Wed, 02 Feb 2011 14:14:12 -0500
Received: from BLU142-W27 ([65.55.111.71]) by blu0-omc2-s9.blu0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4675);
Wed, 2 Feb 2011 11:14:07 -0800
Message-ID: <BLU142-W270411EE272998126D538AE7E40@phx.gbl>
Content-Type: multipart/alternative;
boundary="_501121e4-9128-479e-a9a6-64cabb060df6_"
X-Originating-IP: [182.177.243.185]
From: Nicole xxxxxx <xxxxxx@hotmail.co.uk>
To: <admin@xxxxx-xxxxx.uk>,
<administration@xxxxxx.co.uk>, <admissions@xxxx.co.uk>,
<advice@xxx.co.uk>, <agapantha1@xxxxxxx.com>, <alerts@xxxxx.com>,
<alex@xxxxxxx.com>, <backbaydance@xxxxxxx.xxxx>, <bxxxxxxx@aol.com>,
<xxxxxxx@dsl.pipex.com>
Subject: wg1mao gdvniuxj 43cwnw
Date: Wed, 2 Feb 2011 19:14:07 +0000
Importance: Normal
MIME-Version: 1.0
X-OriginalArrivalTime: 02 Feb 2011 19:14:07.0527 (UTC) FILETIME=[5D2AD370:01CBC30D]

--_501121e4-9128-479e-a9a6-64cabb060df6_
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

http://www.better-pcb.de/images/z117.html u3pxd1s p860e e
                  =

--_501121e4-9128-479e-a9a6-64cabb060df6_
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<html>
<head>
<style></style>
</head>
<body class=3D'hmmessage'><a href=3D'http://www.better-pcb.de/images/z117.h=
tml'>http://www.better-pcb.de/images/z117.html</a> u3pxd1s p860e e<br>    =
         </body>
</html>=

--_501121e4-9128-479e-a9a6-64cabb060df6_--

Author:	ProfessorF [ Wed Feb 02, 2011 7:36 pm ]
Post subject:	Sister's Email's gone done something odd
Appears my sister's Hotmail account has either been hacked or she's got a trojan/worm-malware thing going on. She's got a load of delivery failure notices in her inbox, and I got an email that looks like this - I've had a Hotmail account since before MS took over, and I've never seen this. Any clues? I've got her running a system scan with Avira (I think it's Avira anyway).

Author:	JJW009 [ Wed Feb 02, 2011 7:39 pm ]
Post subject:	Re: Sister's Email's gone done something odd
Check the full message header - it may have been spoofed, in which case it's nothing to do with your sister and there's nothing you can do to stop it.

Author:	JJW009 [ Wed Feb 02, 2011 9:09 pm ]
Post subject:	Re: Sister's Email's gone done something odd
Well it was sent from Pakistan. I'm guessing that's not where your Sister is? However, it looks like it was sent via her Hotmail so yes, she needs to change her password on that account and also anything even remotely connected to it. If that account is used for password reminders for example, then "the bad guys" will be able to reset other passwords using that... In fact, just tell her to change every password and pin number she has. And do it now, or tomorrow her life may belong to someone else.

Author:	ProfessorF [ Wed Feb 02, 2011 9:11 pm ]
Post subject:	Re: Sister's Email's gone done something odd
Ta JJ, we reset her password almost as soon as she got the first email back. I've also passed on the suggestion that she should be changing all her passwords - I've flushed all her browsing history, temp files etc. in IE 8 as well.

x404.co.uk http://www.x404.co.uk/forum/

Sister's Email's gone done something odd http://www.x404.co.uk/forum/viewtopic.php?f=4&t=12338	Page 1 of 1

Page 1 of 1	All times are UTC
Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/