Spam mail from Yahoo email account, have I been hacked?
Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Distribution: Redhat 9, then Fedora Core 2, Suse 10.0, 10.2 now 11.3
Posts: 136
Rep:
Spam mail from Yahoo email account, have I been hacked?
Hi Everyone,
Can I first apologise for this post, I don't know where to put it on the forum. I am also not quite sure it is a linux question.
I have email accounts with my ISP, a couple of Googlemail accounts and a couple of Yahoo accounts.
The last Yahoo email account I opened was to do with a couple of websites. When it asks for an alternative address, I gave my Google mail account. The Googlemail account is my only contact on this Yahoo account. I only go to this Yahoo account once every 3 months to keep it activated.
I have noticed over the past couple of months that I am getting spam email from the Yahoo account to my Googlemail account. It has no subject line and just has a website link.
I asked a question at Yahoo answers and was told that my Yahoo account had been hacked and the hacker would be using PHP script and cookies on my C drive.
Now, I am running Suse 11.1, so no C drive, but I know I have cookies (I think). My web browser is Firefox.
Is it correct that my yahoo account has been hacked?
Does it mean my Googlemail account is now also sending out these spam emails?
Is it about PHP script?
How can I stop it?
I am hoping that as these are web based email accounts it doesn't have anything to do with my machine. Because then that probably means I have not set up the machine correctly.
If you ever suspect of being hacked, first thing to do is change ALL of your passwords.
Yes, it is very possible you were hacked.
I see this all the time: I get an email usually from a yahoo.com email and it just contain 1 link with no subject. Many times the person who sent it does not even realize it was sent.
The best thing you can do is check your Sent mail folder and also the headers of the email you received to see if it was sent from your account or if it was just spoofed and looks like you account.
I looked into this a couple of months ago for a client who had a similar experience with Yahoo Mail. Evidently it is not unusual and evidently Yahoo has no intention of preventing this.
All of the information that I found on the subject reflects the advise given by mjmwired.
While the advice to change your password is fine, from your description it could also be a simple joe job where a spammer is just forging the sender information with your email credentials and your account hasn't been hacked.
My experience with Yahoo support is that the first line people are highly incompetent and extremely prone to giving phenomenally bad advice and answers. Like mjmwired said, check the sent folder. If there is nothing there, it is probably a joe job.
Distribution: Redhat 9, then Fedora Core 2, Suse 10.0, 10.2 now 11.3
Posts: 136
Original Poster
Rep:
Quote:
Originally Posted by Hangdog42
While the advice to change your password is fine, from your description it could also be a simple joe job where a spammer is just forging the sender information with your email credentials and your account hasn't been hacked.
My experience with Yahoo support is that the first line people are highly incompetent and extremely prone to giving phenomenally bad advice and answers. Like mjmwired said, check the sent folder. If there is nothing there, it is probably a joe job.
Thank you for this.
I am going to assume it is a joe job then, although I am not a company or anything. I presume it is automated and is just using my Yahoo email address to send everyone in my contact folder a website for drugs. A problem for them as my Googlemail account is the only contact.
I have found out how to see the Googlemail header. I have read on another site that you can only really trust the 'Received' lines. I have found this site for checking the sender's IP address http://whois.arin.net/ui. I'm not sure what the information I have found means.
But as long as they can't get to my machine and are not bothering anyone else, I suppose I can leave it.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
