avd706
insert annoying animated gif here
Premium
join:2003-02-06
Union, NJ | reply to madylarian
Re: Hotmail hacked?
Do you use facebook or skype or other social networking service that looks at your contact list to match up other potential users? |
|
madylarian
The curmudgeonly
Premium
join:2002-01-03
Parkville, MD
| said by avd706  :Do you use facebook or skype or other social networking service that looks at your contact list to match up other potential users? I do have MySpace and Facebook pages but there is no connection as I neither used the Hotmail address for them nor even allowed access to any contact lists or addressbooks.
mady
--
Honi soit qui mal y pense |
|
NormanS
Premium,MVM
join:2001-02-14
San Jose, CA
 ·Pacific Bell - SBC
| reply to MGD
said by MGD :Microsoft SMTPSVC(6.0.3790.3959);I am presuming that line above does not mean that it was a true SMTP, like from an smtp client. My outbound hotmail sent via an SMTP client will not show in my "webmail" sent items. On the basis of the version number? Or the agent name?
Just curious why you might think that 'Microsoft SMTPSVC(x.x.xxxx.xxxx)' would not be a "true SMTP", like from an SMTP client?
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum |
|
NormanS
Premium,MVM
join:2001-02-14
San Jose, CA
·Pacific Bell - SBC
| reply to TearAbite
.JPG "39393 bytes")
Showing email sent from Hotmail to another account. | .JPG/thumb.jpg "24211 bytes")
Showing the Windows Live Mail view of sent Hotmail. | .JPG/thumb.jpg "23564 bytes")
Showing the Web view of sent Hotmail. |
said by TearAbite :After one of my wife's old hotmail accounts was sending out money requests to all of her contacts via Western Union for her "trip to nigera", i did some searching and found that it is indeed happening to a LOT of other people, beginning around January or so of this year. Which is, coincidentally, about the time that Windows Live Hotmail began to reintroduce free POP3 access (which used to be allowed before Microsoft bought Hotmail).
And email sent via 'smtp.live.com' will not show up in the "Sent Items" folder of either the Web mail view, or the HTTPMail client.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum |
|
MGD
Premium,MVM
join:2002-07-31
Fort Lauderdale, FL
| reply to NormanS
said by NormanS :said by MGD :Microsoft SMTPSVC(6.0.3790.3959);I am presuming that line above does not mean that it was a true SMTP, like from an smtp client. My outbound hotmail sent via an SMTP client will not show in my "webmail" sent items. On the basis of the version number? Or the agent name? Just curious why you might think that 'Microsoft SMTPSVC(x.x.xxxx.xxxx)' would not be a "true SMTP", like from an SMTP client? Good catch, Now that you bring it up, I am curious why I made that statement too !. It is incorrect,
'Microsoft SMTPSVC(x.x.xxxx.xxxx)' will show up in the headers regardless of whether the email originates from within a local SMTP client or is sent via the webmail interface.
As you mentioned in another post mail sent via an SMTP client will not show in the sent items of the webmail interface.
Apparently in some cases the hackers are copying the victim's address book and then spamming via a n smtp application. I am not sure if some victims are reporting that the spam does show in their webmail sent items or not. What most do report is that their accounts are altered, either set in auto respond away mode (with a copy of the spam) or a signature is added to include the spam which then appears in all subsequent outbound mail.
I am presuming based on the sheer volume of this epidemic, that this process may be somehow scripted by the scammers.
There is not a lot of feedback coming from the support people that identifies what the modus operandi is. I am sure they have to know by now. I do not believe that all the accounts are password cracked, nor do I believe that they are all phished. There is some other angle at work here.
MGD |
|
bootboiler
@sbcglobal.net
| reply to madylarian
Below is a header from one last night, on my honey's computer, it sent a copy to her, this is the header from that. email addresses are modified. pw was easy, 9 char, two words that go together, like blackbear.
X-Message-Delivery: Vj0xLjE7dXM9MDtsPTE7YT0wO0Q9MDtTQ0w9NA==
X-Message-Status: n:0
X-SID-PRA: Sue Heydt
X-SID-Result: Pass
X-Message-Info: jXuon5/YRm7j6Wz7om5I0k16g1jYmgsHoDxodSuOyCjR+sih+02LOegNdHHqmB8i6N99mMKaZ+m/IznqGFxsKJVEGEfRxaDh
Received: from bay0-omc2-s37.bay0.hotmail.com ([65.54.246.173]) by bay0-imc1-s17.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2444);
Tue, 23 Jun 2009 19:47:34 -0700
Received: from BAY101-W3 ([64.4.56.103]) by bay0-omc2-s37.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.3959);
Tue, 23 Jun 2009 19:47:24 -0700
Message-ID:
Return-Path: su####er@hotmail.com
Content-Type: multipart/alternative;
boundary="_3dacc8f9-3e70-43e4-a5e5-d53b87b993f4_"
X-Originating-IP: [123.123.130.26]
From: Sue Heydt
Subject: RE:hi
Date: Wed, 24 Jun 2009 02:47:23 +0000
Importance: Normal
MIME-Version: 1.0
Bcc:
X-OriginalArrivalTime: 24 Jun 2009 02:47:24.0161 (UTC) FILETIME=[1A511710:01C9F476]
--_3dacc8f9-3e70-43e4-a5e5-d53b87b993f4_
Content-Type: text/plain; charset="ks_c_5601-1987"
Content-Transfer-Encoding: 8bit
Dear potential partner,
Do you need famous brand of electronic products with original quality and international warranty? Do you want to start your own business career for money making ?
What ever you are a small personal business or largest wholesale entity we also can provide your support to be our stable customers or agent.
We are largest wholesale business on consumming electronic products between America&China, laptops, Digital camera Videos,GPS,cellphone,mp4,game console and many other electronic products.which market is mainly in Europe,America,south Asia,Australia and Southen America.
There is much profit for you if you are our stable customer or agent.
For more information please contact as bellow :
Address£ºN0.15,Haidian District shangdi information road Beijing ,China
Tel(Fax)£º+861081836757
phone: +8615101621070
MSN£ºsangefa-vip@hotmail.com
E-mail: sangefa@188.com
WEB : www.sangefa.com |
|
Bootboiler
join:2009-06-24
Santa Cruz, CA
| reply to madylarian
Below is a header from one last night, on my honey's computer, it sent a copy to her, this is the header from that. email addresses are modified. pw was easy, 9 char, two words that go together, like blackbear.
X-Message-Delivery: Vj0xLjE7dXM9MDtsPTE7YT0wO0Q9MDtTQ0w9NA==
X-Message-Status: n:0
X-SID-PRA: Sue Heydt
X-SID-Result: Pass
X-Message-Info: jXuon5/YRm7j6Wz7om5I0k16g1jYmgsHoDxodSuOyCjR+sih+02LOegNdHHqmB8i6N99mMKaZ+m/IznqGFxsKJVEGEfRxaDh
Received: from bay0-omc2-s37.bay0.hotmail.com ([65.54.246.173]) by bay0-imc1-s17.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2444);
Tue, 23 Jun 2009 19:47:34 -0700
Received: from BAY101-W3 ([64.4.56.103]) by bay0-omc2-s37.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.3959);
Tue, 23 Jun 2009 19:47:24 -0700
Message-ID:
Return-Path: su####er@hotmail.com
Content-Type: multipart/alternative;
boundary="_3dacc8f9-3e70-43e4-a5e5-d53b87b993f4_"
X-Originating-IP: [123.123.130.26]
From: Sue Heydt
Subject: RE:hi
Date: Wed, 24 Jun 2009 02:47:23 +0000
Importance: Normal
MIME-Version: 1.0
Bcc:
X-OriginalArrivalTime: 24 Jun 2009 02:47:24.0161 (UTC) FILETIME=[1A511710:01C9F476]
--_3dacc8f9-3e70-43e4-a5e5-d53b87b993f4_
Content-Type: text/plain; charset="ks_c_5601-1987"
Content-Transfer-Encoding: 8bit
Dear potential partner,
Do you need famous brand of electronic products with original quality and international warranty? Do you want to start your own business career for money making ?
What ever you are a small personal business or largest wholesale entity we also can provide your support to be our stable customers or agent.
We are largest wholesale business on consumming electronic products between America&China, laptops, Digital camera Videos,GPS,cellphone,mp4,game console and many other electronic products.which market is mainly in Europe,America,south Asia,Australia and Southen America.
There is much profit for you if you are our stable customer or agent.
For more information please contact as bellow :
Address£ºN0.15,Haidian District shangdi information road Beijing ,China
Tel(Fax)£º+861081836757
phone: +8615101621070
MSN£ºsangefa-vip@hotmail.com
E-mail: sangefa@188.com
WEB : www.sangefa.com |
|
Oleg
Bellsouth Fastaccess
Premium
join:2003-12-08
Birmingham, AL | reply to madylarian
Never click links or open e-mails from sender you don't know. |
|
Allanxxx
@pacbell.net
| reply to madylarian
I don't think it would be too much effort for the hotmail servers to filter out anything going into or from a particualr site once it's confirmed that the site is going through illegitamate means and spamming (or is it more difficult than I think?).
I wonder as users if there's anything we can do to return the favour and spam that particular website or somehow bring it down.
-Allan |
|
