Help! I've been hi-jacked!

[KateCB]

I recently received a few 'undeliverable' emails; I opened them to see who had become undeliverable from my Opt-in list and found that I had not sent the email (or attachments) and that the reply to address was 'spurious@karate-kid.co.uk'......1300 emails later that day, I was pretty fed up, getting RSI from replying to the Mailer Daemon undeliverable people telling them that I had NOT sent the mails, and of course pressing the delete key.

I spoke with my ISP, who said that there was nothing they could do, as someone was using my email address to send spam emails and instead of them getting the 'bounced' mail, they had used my catchall email address to send them to - hence the thousands of bounced emails...

I am told that as the bounces are from a legitimate source, I cannot block/consign instantly to junk mail....well, I can but if I have an undeliverable that is from me, I would never know about it!

Help? These emails are still coming by the hundred each hour, they are for pills, potions, enlargements (you know the one I mean!)and I have put a notice on my website explaining that we are NOT the people sending them and trying to explain what has happened, but although my ISP knows what has happened, I am very worried about being 'shut down' as a result of my email address being hi-jacked.

Any suggestions/advice.....if I really can't stop it happening any ideas as to when it is likely to stop?

Your Hopefully

Kate

[sudhani]

You can track the IP address of the person who has sent the mail and sue him. Temporarily you can create another id and start using it.

For the current id you can sort all the unsolicited mails to a "junk" folder that are having a mailer-deomon message >>>

catch me on MSN (sudhani@hotmail.com) or Yahoo(sudhani_26) ... I should be able to help ya to fix this quickly.

[apisdesign]

1. Put your mailing list address on hold
2. Duplicate your mailing list into a new list (with a new name, obviously)
3. Secure the list - do not allow public posts to it. This is how you got into the problem you're in
4. Send out an apology email to your list, and let everyone know that the problem is under control
5. Try to track down who was spamming your list and take appropriate action. Chances are you'll never be able to track them down, but you may as well try.

If you don't have a reliable way to create a secure mailing list, use a reputable service like Constant Contact.

Good luck.

[sudhani]

Quote:

Originally Posted by apisdesign

5. Try to track down who was spamming your list and take appropriate action. Chances are you'll never be able to track them down, but you may as well try.

Most of the times you can ... if you look at the mime version of the mail >> you will know from which IP address it was sent >> and you have the man

[apisdesign]

If you're lucky, you'll have the 'man'.

But the real spam artists are also hijackers. The likelihood that the IP address used to send out the spam was either hijacked or masked is very great.

Most new viruses written these days are designed to hijack PCs and allow spammers to send out their filth from the hijacked computer. Sure, you may know which computer sent out the spam, but tracking down the real culprit can be next to impossible.

[dmcgill]

If your Isp is also the host of your site you can stop it at the mail server. At least I can. I got hacked a few months back and they got through port 80. I found the hole, traced it back to the hackers box and stopped the mail.

What I had to do was explain to some of the servers out there, (aol especially) that I had been hacked and that the mail was not me. They lifted the ban on me.

The idea of a temp id is a good one as well.
dmcgill