Watch out for e-mail hijack scams

I received an interesting e-mail the other day. It was an advertisement for a Web site (i.e. spam) that supposedly offered Swiss watches for sale. Now I get a lot of this type of spam every day, but there was one thing that set this one apart – it was from me!

Other stories on this topic
Indian news site dispensing malware 11/12/2007
MySpace problems began days before Alicia Keys hack 11/11/2007
Hacker pleads guilty to creating botnets 11/11/2007
Powered by Inform

I displayed the full headers and discovered that the “reply to” field was actually another Yahoo account. I reported the spam to Yahoo, which promptly checked my account and discovered that a spammer was “hijacking” my e-mail address and copying it into the “From” header of the e-mail. Luckily Yahoo Customer Service assured me my account had not been accessed.

Read the latest WhitePaper - NAC: A Multi-Symptom Remedy

Yet even though my account was still secure, I was in a sense a victim of identity theft. While no personal or financial information has been accessed, the fact remains that someone out there is sending spam that appears to originate from me. Even though the incident has been reported, I am still getting occasional e-mails from ckyoke@yahoo.com advertising Top Quality Replica Watches.

And if I’m still receiving this spam, odds are other people are getting it also – and this is my concern. Who else out there is receiving an e-mail supposedly from me that directs them to a Web site that may contain malware, adware or spyware? How many of my friends, relatives, business acquaintances or previous contacts are being tricked by this?

Does the CIO I communicated with a year ago now have spyware on his computer because of an e-mail he thought was from me? Have some of my previous employees had potentially destructive code downloaded onto their PCs because they accessed a Web site they thought was mine? Are any of my business contacts about to have their credit card information stolen because they think they’re buying a watch that I am supposedly recommending?

My e-mail address is basically public information. It’s shown at the bottom of this column, printed on my personal correspondence, displayed on my business cards, easily obtained from any e-mail I ever sent, and accessible via a variety of Internet directory services.   

1 | 2 |  Next >
Recent News:
· McColo takedown: Vigilantism or Neighborhood Watch?
· Spam drop could boost Trojan attacks
· Hosting firm shutdown forces botnets to relocate
· ISP cut off from Internet after security concerns
· Spam plummets after hosting service shuttered
Site Map | Recent News | Related Sites

Copyright © 2006 EmailSafety.net - All Rights Reserved.