Jump to content

Change Mode

my email contacts compromised?


Recommended Posts

A friend called and said she got email from me that I didn't send. it has my name on it but when she clicked on the from line where it had bakers it showed a different email address. When I clicked to view full header this is some of what it showed:

Return-Path: <[email protected]>
Received-SPF: pass (domain of gazi.edu.tr designates as permitted sender)

X-Originating-IP: []
Authentication-Results: mta1104.sbc.mail.bf1.yahoo.com from=gazi.edu.tr; domainkeys=neutral (no sig); from=gazi.edu.tr; dkim=neutral (no sig)
Received: from (EHLO fgateway15.isp.att.net) (
by mta1104.sbc.mail.bf1.yahoo.com with SMTP; Sun, 30 Nov 2014 14:44:03 +0000
Received: from mx.gazi.edu.tr ([]) by att.net (frfwmxc15) with SMTP
id <20141130144359f0100j8hmje>; Sun, 30 Nov 2014 14:44:01 +0000
X-Originating-IP: []
Received: (surgate 16620 invoked by uid 1001); 30 Nov 2014 14:43:57 -0000
Received: from unknown (HELO mx.gazi.edu.tr) ([email protected]@ by 0 with ESMTPA; 30 Nov 2014 14:43:52 -0000


What do I do? obviously it is spam that was sent out but how was my contact list used? What do I need to do to make sure this doesn't happen again?


Link to post
Share on other sites

First thing I would do would be to change your password for you email accounts - but do it on another PC; not on your everyday one.

Next I would open a new topic in our Virus & Malware forum and get one of the guys and Gals' there to run a few scans and make sure there's nothing nasty going on.


Most of these things are linked to crawler programs that just harvest email addresses and then just send out 1000's of random emails; the chance of you actually having an issue is slim.

Link to post
Share on other sites

Be sure to get in and change your password, but also clear your browser cache, dump cookies and history as well.

For IE7, 8, 9, 10, or 11, go to Start>Control Panel>Network and Internet>Internet Options>Browsing History>Delete> and click the button to delete the temporary Internet Files, then click 'yes', 'close', 'OK'.
Consider using a program like ccleaner on a regular basis as well: https://www.piriform.com/ccleaner/download
If you are running XP and IE 8, stop it!
This is a write up of the most likely way that your address book was compromised: http://www.techblog.co.nz/414-YahooXtraWhatactuallyhappened
:) Y
Link to post
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...