Go Back   Technibble Forums > Technical Discussions > Security, Viruses and Trojans

  Technibble Sponsor

Reply
 
Thread Tools Display Modes
  #11  
Old 05-31-2012, 12:51 AM
Mr.Mike Mr.Mike is offline
 
Join Date: Aug 2009
Location: California Central Coast
Posts: 1,131
Mr.Mike is on a distinguished road
Default

Yep. Four of my client AT&T users were sending each other bad emails a couple of weeks back. I suspected someone was just using their old addresses or spoofing and ran scans on all their machines. Nothing very dangerous showed up. Ultimately I set them up with new addresses and much stronger passwords.
Reply With Quote
  #12  
Old 05-31-2012, 01:39 AM
angry_geek's Avatar
angry_geek angry_geek is online now
 
Join Date: Apr 2009
Location: herrin, il
Posts: 2,798
angry_geek is a jewel in the roughangry_geek is a jewel in the roughangry_geek is a jewel in the rough
Send a message via MSN to angry_geek
Default

For the last few years, I've seen a very disproportionate number of Yahoo users infected with various malware. A while back, I set up a vm and let it run with several Firefox and IE tabs open to various pages displaying Yahoo ad streams. After 2 days and several random clicks on various ads, that vm was unusable. Since then, I have constantly urged people to get away from Yahoo. It just seems as though Yahoo doesn't really care if people get infected from their services. It's a shame really. I used to like them.
__________________
Loring Preston
The Computer Doctor
Email Me

Reply With Quote
  #13  
Old 05-31-2012, 02:00 AM
Mr.Mike Mr.Mike is offline
 
Join Date: Aug 2009
Location: California Central Coast
Posts: 1,131
Mr.Mike is on a distinguished road
Default

Quote:
Originally Posted by angry_geek View Post
For the last few years, I've seen a very disproportionate number of Yahoo users infected with various malware. A while back, I set up a vm and let it run with several Firefox and IE tabs open to various pages displaying Yahoo ad streams. After 2 days and several random clicks on various ads, that vm was unusable. Since then, I have constantly urged people to get away from Yahoo. It just seems as though Yahoo doesn't really care if people get infected from their services. It's a shame really. I used to like them.
Interesting to hear you say that since yahoo and AT&T have teamed up recently for internet email. All the clients with troubles had yahoo mail hosted by AT&T.
Reply With Quote
  #14  
Old 05-31-2012, 02:10 AM
coffee's Avatar
coffee coffee is offline
 
Join Date: Oct 2011
Location: USA, Indiana
Posts: 1,710
coffee has a spectacular aura aboutcoffee has a spectacular aura about
Send a message via Skype™ to coffee
Default

Perhaps my age is starting to show but I have never liked the idea of accessing your email thru your webrowser. To me you are trusting some company you dont know to safeguard your email. But now this seems to be the defacto standard and the virus authors must be jumping for joy.

I also dont care for storing stuff on "The Cloud" for the same exact reasons. You dont know who is taking care of your data.

I jumped off the MS ship along time ago and I really only consider MSwindows to be a operating system for playing games. MS seems to point this out as they use linux servers for their hotmail.

coffee
__________________

www.renuecomputers.com
Reply With Quote
  #15  
Old 05-31-2012, 01:10 PM
brock029's Avatar
brock029 brock029 is offline
 
Join Date: Feb 2012
Location: San Antonio, Texas
Posts: 473
brock029 is an unknown quantity at this point
Default

Quote:
Originally Posted by ScarletPathos View Post
Interesting to hear you say that since yahoo and AT&T have teamed up recently for internet email. All the clients with troubles had yahoo mail hosted by AT&T.
I did tech support for AT&T for about 6 months in January of last year. It seemed to be extreamly common. Someone calls and says there internet doesn't work after troubleshooting for a minute you quickly figure out that they have an internet connection, you can see the computer on the lan, but they cant get to certain webpages or whatever else because of viruses/malware/etc... Doesn't exactly mean its because of there email but majority of the people who had these problems were older and used there AT&T emails as their only email account. I even had people who stopped there AT&T subscription and would call, and be very upset because they couldnt login to it anymore.
Reply With Quote
  #16  
Old 06-04-2012, 07:47 AM
computertech775's Avatar
computertech775 computertech775 is offline
 
Join Date: Jul 2009
Location: Reno, NV
Posts: 17
computertech775 is an unknown quantity at this point
Default

In the past month Iíve been contacted by dozens of clients who have had their email account hacked and sending out spam to all of their contacts. This happened shortly after clicking on a link in an abnormal email from someone they know. From what what I've been able to figure out, the website that the link opens (which is usually a work-from-home "opportunity") must be capturing their email login cookie or something similar to what the Firesheep Firefox extension does, except it's the website that's capturing it rather than another computer on a wi-fi network.

I looked at the HTML source code of one of the web pages linked from emails I received from a client's hacked email account, and the web page has an iframe with a link to a .php page. If anyone more familiar with website coding wants me to share some of the links, PM me and I will send them. I don't want to post live links to malicious web sites here in the public forums.

I've had a few clients who "are stranded in a foreign country" and need money. Most of those hacked accounts were due to them responding to a phishing email from "Yahoo".
__________________
Follow my interesting computer support & repair stories, business insight & technology thoughts on Google+ and Twitter @MyTechLife
Reply With Quote
  #17  
Old 06-05-2012, 12:17 AM
iladelf iladelf is offline
 
Join Date: Aug 2007
Posts: 430
iladelf is an unknown quantity at this point
Default

Computertech, I think you've hit the nail on the head. Believe both times my customer got infected, it was due to something what you mentioned in your post above.
Reply With Quote
  #18  
Old 11-26-2012, 02:51 PM
Nomad Computer Repair's Avatar
Nomad Computer Repair Nomad Computer Repair is offline
 
Join Date: Sep 2010
Location: Washingtion State
Posts: 42
Nomad Computer Repair is an unknown quantity at this point
Default

Interesting, I'm seeing a client today who uses Yahoo email and is having the same problem. I know they don't use wifi. I asked if I could contact recipients of the email in an attempt to get header information, but the client doesn't want to provide me with that information until I get there /shrug. Anyway, I will do a virus scan just in case, and reset the passwords, and check email settings once the system is clean. Also, I will do a little education about phishing.
Any other suggestions?
Reply With Quote
  #19  
Old 11-26-2012, 03:42 PM
coffee's Avatar
coffee coffee is offline
 
Join Date: Oct 2011
Location: USA, Indiana
Posts: 1,710
coffee has a spectacular aura aboutcoffee has a spectacular aura about
Send a message via Skype™ to coffee
Default

Quote:
Originally Posted by Nomad Computer Repair View Post
Interesting, I'm seeing a client today who uses Yahoo email and is having the same problem. I know they don't use wifi. I asked if I could contact recipients of the email in an attempt to get header information, but the client doesn't want to provide me with that information until I get there /shrug. Anyway, I will do a virus scan just in case, and reset the passwords, and check email settings once the system is clean. Also, I will do a little education about phishing.
Any other suggestions?
I have family members with yahoo accounts that are sending me the "Work from Home" email. They are addressed in the subject line "Hi joseph". It only contains a link in the body of the email. If this is similar and your looking for headers I could send you one of many I have. I dont think there is any harm in sending headers. After all, Its just routing info.

let me know and Ill PM you and post the headers in a PM.

My thoughts are that their computer is infected and sending these emails. Otherwise the only other way is through yahoo themselves being broken into. WHich, I have heard that they have been a few months back.

Best Regards,

coffee
__________________

www.renuecomputers.com
Reply With Quote
  #20  
Old 11-26-2012, 04:56 PM
altrenda altrenda is online now
 
Join Date: Nov 2011
Location: So California
Posts: 1,761
altrenda is a jewel in the roughaltrenda is a jewel in the roughaltrenda is a jewel in the roughaltrenda is a jewel in the rough
Default

Quote:
Originally Posted by YeOldeStonecat View Post
web mail based clients......plus sending spam to only people they have in their web based address book...spoofing not capable of that (getting inside their account to mine the addresses)
had several ATT/yahoo clients with this problem. a few had their passwords changed.

Also received emails from friends with the same problem.
ATT contracting its email several years back to Yahoo has had lots of problems.
Quote:
Originally Posted by coffee View Post
......MS seems to point this out as they use linux servers for their hotmail.
coffee
I believe they changed to Windows server in 2005 or 2006.
__________________
When you have eliminated the impossible, whatever remains, however improbable, must be the truth.
Sherlock Holmes
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 08:34 AM.


Powered by vBulletin®
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Technibble.com is based out of MELBOURNE, AUSTRALIA.