A friend of mine received a mail from my yahoo account which was a spam that I did not send him.

My yahoo email activity shows that it has been accessed from a different country, while I can identify my login activity distinctively. The account isn't hacked because I could change my password. But somehow someone had accessed it. What could it possibly be, could some please explain.

Its not necessary, that someone logged in to your yahoo account to send the mail. There are ways to manipulate the mail header(and "from" address and even the route) to make it appear to have come from a particular address.

While I am not denying that account may have been accessed

It could faked as Deb123 said or there is a virus going around where people appear to be sending spam emails. Either you or your friend(s) are infected and it's getting the email addresses from your address book. There was a virus going around that you caught if you have an XBox a while back.

My yahoo email activity shows that it has been accessed from a different country, while I can identify my login activity distinctively.
What specific evidence is there among the data accessible to you on Yahoo that substantiates that conclusion?

Have anyone examined the Header of the e-mail received by your friend to identify the server from which it originated?

What specific evidence is there among the data accessible to you on Yahoo that substantiates that conclusion?

Have anyone examined the Header of the e-mail received by your friend to identify the server from which it originated?

Upon knowing that my friend got a mail which I had not sent him, I checked my sent mails section, it was not there. Then I checked my Account activity which showed that it had been accessed through a different IP, other than what I use ( Additionally, I did not use any other IP for that time period). This is the only specific proof I have.


Its not necessary, that someone logged in to your yahoo account to send the mail. There are ways to manipulate the mail header(and "from" address and even the route) to make it appear to have come from a particular address.

While I am not denying that account may have been accessed

Thanks Deb123. But could you elaborate it a bit.........Does it have serious implications. How do I beef up my email security?


It could faked as Deb123 said or there is a virus going around where people appear to be sending spam emails. Either you or your friend(s) are infected and it's getting the email addresses from your address book. There was a virus going around that you caught if you have an XBox a while back.

Hi HTMLBasicTutor, No I don't have a XBox. I guess if I am spamming people I might be affected. I ask you the same question. Does it have serious implications. How do i beef up my email security?

Hi HTMLBasicTutor, No I don't have a XBox. I guess if I am spamming people I might be affected. I ask you the same question. Does it have serious implications. How do i beef up my email security?
When was the last time you updated your anti virus definitions and ran a full scan?


Upon knowing that my friend got a mail which I had not sent him, I checked my sent mails section, it was not there. Then I checked my Account activity which showed that it had been accessed through a different IP, other than what I use ( Additionally, I did not use any other IP for that time period). This is the only specific proof I have.


Have you changed your password since this happened? Maybe scan first then change the password so if you are infected with something that rifled your login information it doesn't get the new info.

A thought, are you picking up and sending emails from your email software on your computer or do you only use Webmail?

Upon knowing that my friend got a mail which I had not sent him, I checked my sent mails section, it was not there. Then I checked my Account activity which showed that it had been accessed through a different IP, other than what I use ( Additionally, I did not use any other IP for that time period). This is the only specific proof I have.
Absent said Header, there's no way to determine if it did or did not originate from a Yahoo e-mail server.


Thanks Deb123. But could you elaborate it a bit.........Does it have serious implications. How do I beef up my email security?
There's nothing you can do to prevent anyone from spoofing your address as being the Sender.

As for consequences, the usual is the annoyance caused the recipients; which, if continued, may lead them to block your missives.

When was the last time you updated your anti virus definitions and ran a full scan?


Have you changed your password since this happened? Maybe scan first then change the password so if you are infected with something that rifled your login information it doesn't get the new info.

A thought, are you picking up and sending emails from your email software on your computer or do you only use Webmail?



I do regular updating for anti virus definitions and it was two weeks back that I did a full virus scan.

Yes I did change the password immediately after I was told. It was a relief that the account had not been hacked. But it was strange that some could access my email even while not hacking it.


No no...I don't use Webmail nor an email software. I simply use Yahoo account.

Absent said Header, there's no way to determine if it did or did not originate from a Yahoo e-mail server.


There's nothing you can do to prevent anyone from spoofing your address as being the Sender.

As for consequences, the usual is the annoyance caused the recipients; which, if continued, may lead them to block your missives.



So there is absolutely nothing that I can do to stop it :-( . But does this implies that who so ever spoofed could access my mails. If so I would have to deactivate my yahoo account permanently.

If somebody is spoofing your site address and sending mails. There is nothing much you can do. Except that you can check your friends mail to find out the server it was broadcasted from and let the server authorities(or the hosting provider) know that their server is being used for spamming and other illegal activities. Most hosting providers dont tolerate that, and will try their best to have the offending sites/services down

The other concern point as I see is that, you mentioned, you can see that someone accessed your mail from a different IP. Now that could be dangerous. It could also be something trivial such as Yahoo own security program or anti virus doing scans or maybe one of their support agents accessed your account (I am not sure what kind of accesses are logged), But in case you are suspecting some thing else you can let yahoo know, that you probably had an unauthorized access on your account(with proof) and they can investigate if there was any breech in the servers or not

Regards
Deb

So there is absolutely nothing that I can do to stop it :-( . But does this implies that who so ever spoofed could access my mails.
Spoofing requires requires no access to the account being spoofed; in fact, it doesn't even require that an active e-mail account exist for the address being spoofed. Spammers frequently use Sender addresses that are randomly constructed character strings.

If somebody is spoofing your site address and sending mails. There is nothing much you can do. Except that you can check your friends mail to find out the server it was broadcasted from and let the server authorities(or the hosting provider) know that their server is being used for spamming and other illegal activities. Most hosting providers dont tolerate that, and will try their best to have the offending sites/services down

The other concern point as I see is that, you mentioned, you can see that someone accessed your mail from a different IP. Now that could be dangerous. It could also be something trivial such as Yahoo own security program or anti virus doing scans or maybe one of their support agents accessed your account (I am not sure what kind of accesses are logged), But in case you are suspecting some thing else you can let yahoo know, that you probably had an unauthorized access on your account(with proof) and they can investigate if there was any breech in the servers or not

Regards
Deb


Thanks a lot Deb123, for the information. I'll make a full investigation into the matter, if I see anything suspicious the next time, because I have been monitoring from the time the incident occurred, I don't see anything alien. Thanks again.


Spoofing requires requires no access to the account being spoofed; in fact, it doesn't even require that an active e-mail account exist for the address being spoofed. Spammers frequently use Sender addresses that are randomly constructed character strings.

Thanks a lot deepsand for the information. This discuss has enlightened me on many aspects an i'll try to gain more information on it. Thanks again

In most cases, the definitive data required for determining what happened lies in the Header of the actual e-mail itself. And, preserving such requires that the Recipient Forward it to you as an Attachment. If they do an inline Forward, the original Header is lost.

Honestly I really don't know how to read a email header for e email . Perhaps i could get a clue ?

The ability to view such Header varies greatly according to the e-mail client being used. Some provide little to no useful viewing capability; others give you complete detailed data with a single mouse click.

Depending on your client(s), you may want or need to use a 3rd party analyzer.

For an overview, see Email: Message Header (http://en.wikipedia.org/wiki/Email#Message_header)

The ability to view such Header varies greatly according to the e-mail client being used. Some provide little to no useful viewing capability; others give you complete detailed data with a single mouse click.

Depending on your client(s), you may want or need to use a 3rd party analyzer.



I brooded over the topic for long now finally I realized that it was yahoo and they provide the the full email header description. So now I realize that I can have complete look at the details.