View Full Version : Help. Business email being used by hackers

03-10-2004, 08:01 PM
Boy do I need help on this one.

Got an email today that claims to come from my company www.americasprintshop.com, and it has an attachment. It does not come from my company, and its return address comes back to us at "noreply@americasprintshop.com". We don't have a noreply email account either.
Look guys, I think someone is trying to use our good company name to do some dirt and spread this attachment. I need someone who can backtrack this email and determine where it came from for me, so I can turn em in to the proper authorities. I need a wiz. Another businessperson/webmaster who can appreciate how this is stressing me.
Please respond to apsadmin@americasprintshop.com, and i'll forward the email and its attachment to you. I have not opened the attachment, and have no idea whats in it, but its a little zip file 12.1kb.

Best regards,

03-11-2004, 06:41 AM
Hi apsadmin,

I'm sorry to say that there is nothinbg that you can do about this. I have a similar problem, where our domain has, in effect, been stolen for spam usage.

It happened about 4 weeks ago, but is easing off now.

I've been recieving 4-500 emails a day returned by either spam filters or AV software.

Our ISP has confirmed that there is nothing we can do.


03-11-2004, 03:59 PM
Hi Apsadmin,

What you are describing is a new version of the MyDoom virus ( see this thread (http://www.webproworld.com/viewtopic.php?t=15096) ).

Unfortuatly, as sparky_t said, there is very little you can do about this. I have mass emailed all my clients informing them of the fake emails and not to open any attachment. You could try putting presure on your mailserver company, to see if they can increase security, but this is just a case of some sad people having a laugh... The rest of the world isn't laughing with them... :(

03-11-2004, 08:35 PM
Good information guys. I've followed it up to learn that the anti-viral companys have a fix for it, if anyone else is wondering how to purge this like i was. Symantic's website has info, but I'm sure the others do to, in case your using panda, kaspersky, etc.

Good job fellas. You have my gratitude.