Welcome to the MacNN Forums.

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

You are here: MacNN Forums > Software - Troubleshooting and Discussion > macOS > email virus?

email virus?
Thread Tools
RobOnTheCape
Senior User
Join Date: Jan 2004
Location: Martha's Vineyard
Status: Offline
Reply With Quote
May 12, 2011, 10:30 PM
 
Hello all,

a family macbook users recently sent me(and everyone else in her email list) a few emails for that canadian pharmacy scam. What should she do? Meaning has her email been hacked someway, a virus, and if so how can she remove it.

Thanks
     
Big Mac
Clinically Insane
Join Date: Oct 2000
Location: Los Angeles
Status: Offline
Reply With Quote
May 13, 2011, 12:32 AM
 
First I'd look to verify that it's actually her originating IP address and SMTP account sending out the messages. It's possible that a botnet is just spoofing her address. Then I'd look at the User Agent of the spam message to see what software is being used to send out the messages. If OS X has truly been compromised on her computer, that would be a notable thing for security researchers to know about. I doubt her OS X installation has been zombied. Does she run Windows too? If you know for a fact they're coming from her computer, the last remedy is to erase and reinstall, but that certainly wouldn't be the first step to jump to in panic.

"The natural progress of things is for liberty to yield and government to gain ground." TJ
     
ghporter
Administrator
Join Date: Apr 2001
Location: San Antonio TX USA
Status: Offline
Reply With Quote
May 13, 2011, 07:17 AM
 
Almost certainly this is a spoof of your relative's account, not a hack. Some slime bag harvested the address online, then started masquerading as your family member to get their slime looked at by people she knows. It's an old trick, but it still works.

Not long ago, another forum I visit got attacked and the bad guys actually got registration information about a bunch of users, me included. My registration email account was spoofed (NOT hacked) to send spam to people I had sent emails to a long time ago. I spent a whole morning changing lots of passwords and explaining the odd stuff a few people got (most of the addresses the slime bags sent to were old and deactivated) who actually got it-but were too bright to open because it was just so obviously spam. That is what I'd advise your family member to do; change all of her online passwords, then officially let people know that she is not going to send any one spam.

Glenn -----OTR/L, MOT, Tx
     
RobOnTheCape  (op)
Senior User
Join Date: Jan 2004
Location: Martha's Vineyard
Status: Offline
Reply With Quote
May 13, 2011, 08:33 AM
 
Thanks. I've seen this Canadian pharmacy spam quite a few times in my inbox, from people I know well and others I've exchanged emails with once. Changing passwords seems to be the way to start.
     
   
Thread Tools
 
Forum Links
Forum Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Top
Privacy Policy
All times are GMT -4. The time now is 06:33 AM.
All contents of these forums © 1995-2017 MacNN. All rights reserved.
Branding + Design: www.gesamtbild.com
vBulletin v.3.8.8 © 2000-2017, Jelsoft Enterprises Ltd.,