Security Basics mailing list archives
RE: Compromised email account?
From: Tariq Naik <Tariq_Naik () symantec com>
Date: Thu, 10 Feb 2011 23:00:50 -0800
Hi, It could be one of the following four reason and you need to look at the header to find out. 1...If the bounced mail origin is from your service provider SMTP, your machine is most probably infected as SMTP worm/Bot can make use of APIs on your machine to send email to propagate or spam or launch a DoS attack. In this case you first need to clean your machine using AV. 2...If the bounced mail origin is from another ISP SMTP then it might be that a SMTP worm/Bot on someone else's machine is spoofing your email address to propagate or spam or launch a DoS attack. In such a case you cannot do much. Your ISP needs to deploy countermeasures on their SMTP server to prevent such bounced messages from reaching you. 3...If the bounced mail origin is from another ISP SMTP there is also a chance(less likely) that your machine is infected as SMTP worm/Bot can make use of their own SMTP engines on your machine to send email on your behalf(email address) to propagate or spam or launch a DoS attack. In this case you first need to clean your machine using AV. 3... If the bounced mail origin is from another ISP SMTP then it can also be(less likely if your email domain is not a high profile one) that your email domain is a victim of backscatter attack where lot of mails are sent spoofing email addresses from your email domain including your email address to target a lot of bounced messages to your email domain. Your ISP needs to deploy countermeasures on their SMTP server to prevent such bounced messages from reaching you. Sent in personal Capacity. Regards, Tariq Naik -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of olufemimogaji () gmail com Sent: Thursday, February 10, 2011 3:43 AM To: Jacob Bednarz; listbounce () securityfocus com; security-basics () securityfocus com Subject: Re: Compromised email account? Jacob, Just change your password, make sure it's long and complex, and do it quick. That should help Femi M. Lagos, NG ------Original Message------ From: Jacob Bednarz Sender: listbounce () securityfocus com To: security-basics () securityfocus com Subject: Compromised email account? Sent: 8 Feb 2011 04:14 Hi, After awaking this morning, I found my inbox riddled with failed delivery notices from my service provider. Wierd thing is I haven't sent emails from the address in weeks. Does this mean my inbox has been compromised? If so, is there anything I can do to reclaim it and maintain it without this issue occuring again? Jacob. ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------ Sent from my BlackBerry wireless device from MTN ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Fwd: Compromised email account?, (continued)
- Message not available
- Fwd: Compromised email account? Kai Renz (Feb 10)
- Message not available
- Re: Compromised email account? Javier Bassi (Feb 10)
- Re: Compromised email account? Michael Cassano (Feb 11)
- Re: Compromised email account? Javier Bassi (Feb 11)
- Re: Compromised email account? Michael Cassano (Feb 11)
- Re: Compromised email account? Vedantam Sekhar (Feb 10)
- Re: Compromised email account? Adam Pal (Feb 10)
- Re: Compromised email account? Jacob Bednarz (Feb 10)
- Re: Compromised email account? Michael Cassano (Feb 11)
- Re: Compromised email account? Jacob Bednarz (Feb 10)
- Re: Compromised email account? travislee . petersen (Feb 10)
- Re: Compromised email account? olufemimogaji (Feb 10)
- RE: Compromised email account? Tariq Naik (Feb 11)
- Re: Compromised email account? Omar Salvador Alcalá Ruiz (Feb 11)
- Re: Compromised email account? William Taylor (Feb 11)
- Re: Re: Compromised email account? aaron . beauregard (Feb 11)
- Re: Re: Compromised email account? ichib0d crane (Feb 15)