View Full Version : Email hijacker or something

01-26-2016, 02:43 PM
SPAM is being sent from my email server by a third party. The recipients are not from my contacts/address book, but I get lots of returned ones that didn't go through so I know it's happening (addresses are unfamiliar to me and subject line is clearly spam and I definitely didn't send them). Eventually, my email server shuts down my account because of SPAM sent. I found some infected files that were described as something like "hueristics.phishing.spoofed domaine" by using Clam Xav and deleted them so I thought my problem was solved. I reactivated my account and SPAM is still being sent, but now I run a Clam Xav scan and no infected files are to be found. 1) can a third party hijack my email and send SPAM even though I deleted and cleaned the malicious files already? 2) If Clam Xav isn't able to detect the malicious files, what is a good alternative? and 3) does my computer need to be turned on in order for the malware to send SPAM or is it doing it without my computer on?

I depend on email a lot and it is very frustrating because I can't stop this problem so everytime I reactivate my account it shuts down and locks me out again for continuous SPAM being sent. Any answers would be appreciated.

01-26-2016, 03:56 PM
What you need to do is change your account password to one that's strong. Someone or something (email robot) has taken over your account and is using it to distribute spam. Using ClamXav or any other AV software is not going to help with that problem, and is not needed anyway since all it will find is Windows viruses or malware. We recommend using a password manager that will create and store strong passwords. 1Password (https://agilebits.com/onepassword) from AgileBits is the best.

01-26-2016, 04:09 PM
@chscag Thank you for your help! I was under the impression that some kind of virus or malware on my computer was causing this and if I eliminated the infected file it would fix it. I'll try changing my password on the email account.

01-26-2016, 04:17 PM
By any chance are you using hotmail or Gmail which often experience this problem?

01-26-2016, 04:57 PM
By any chance are you using hotmail or Gmail which often experience this problem?

It's really not fair to point the finger at both of those providers since they are (along with Yahoo) the largest organizations that offer free email accounts. Naturally, they're going to be the first ones to undergo spam attacks.

01-26-2016, 07:36 PM
If they lack secuity so be it. If th OP is having this problem with Mac Mail it is a bigger problem.

01-26-2016, 08:11 PM
It's not generally a question of "lacking security," except in the sense that long-time users are often not forced to upgrade their simple, easy-to-guess and even-easier-to-brute-force passwords.

01-27-2016, 02:57 AM
By any chance are you using hotmail or Gmail which often experience this problem?

Actually, I'm using a not-too-common provider: Hawaii's roadrunner (Time Warner Cable). I've had it for about 8 years, and this problem only surfaced within the last couple months so I wasn't aware that they could be getting hacked. I believed it was a problem in my computer that was enabling the spammer.

Rod Sprague
01-27-2016, 07:27 AM
I think it's fair to say the "hueristics.phishing.spoofed domaine" content found by ClamXav had nothing to do with the problem at hand. As chscag said just change your password to something strong. I use Doorman a bit, free from the app store, after I copy the password to paste into whatever app requires it I create a MS Word doc with the account name and paste it there as well. Then I can always go to that document copy and paste again if needed later.

01-27-2016, 01:13 PM
You would be better off using something like 1Password, linked to a Dropbox or iCloud account so the database doesn't get lost (ask me how I learned about this :( ).
Copying and pasting to a file works fine...until your drive goes wonky.

01-27-2016, 02:16 PM
Over the years, Clam Xav would find a few "infected files" now and then, but I did think they were fairly harmless...BUT it felt good that something was watching for that stuff. I switched to Mac in 2009 mainly because viruses were a non-issue, still, my "windows" years have left me a bit paranoid and it seems like cyber criminals are getting smarter so I do want to do whatever's prudent to protect my Mac without spending unnecessarily. The benefit of this thread is it motivates me to learn more about Adware/Malware (what works and what is a waste of time) and things that come with OSX upgrades...and, yes, stronger passwords. Thanks.