A colleague has asked me a question as her friends are receiving spam mail, apparently from her of the usual make $600000000000 a minute by sitting on your arse eating biscuits ilk that direct via a .ly/tiny url affair to: (don’t click on it disclaimer)
Which I’m guessing from the URL is a fake version of a CNBC page.
Not that worried about the contents of the mail but she’s concerned that her PC is now laden with all sorts of baddies and/or she’s getting gyp from her mates for sending out spam.
Searching the URL, the tiny version and the mail text is drawing a blank for any definitive “it’s this” type answers but my initial suspicion is that it’s someone else who has her email address in their contacts, if anyone, who has the virus.
Hotmail is the provider if that bears any relevance.
Suggested the usual measures anyway but a little out of touch on this side of things nowadays.
Hotmail has been the target of many hacks lately. Have her log in to the hotmail website and go through all the security stuff. Make sure she checked the password reset info because the hacker might have put in an email, phone or trusted PC that would allow them to reset the password, or be notified of new passwords. Change the password, and choose a secure one.
What Jason said, with that added precaution that she should do it from a computer that is verified ‘clean’ - Her normal everyday computer may have a virus or keylogger on it that will compromise things (unlikely, but possible).
So for example, if she never checks her mail from another family member’s laptop, and that laptop is virus-free, then do it from there until her main computer can be verified secure.
It’s not clear from the problem description that it is even her computer that is the source of the spam. Another possibility is that one of the recipients has had her address book taken, and now a computer (possibly part of a botnet) is spewing spam made to look like it comes from friends to bypass spam filters and white/blacklists.
I’ve seen this a bunch of times before. If what you describe was the case, then she wouldn’t see the spam in her sent mail - Which is where it is unless they’ve deleted it too (I’ve found it in the trash from when they weren’t thorough or had the account control regained before they could cover their tracks).
Their MO is to use the webmail interface or use the Hotmail SMTP servers to do the spamming so it is totally authentic.
It’s unlikely her PC itself is compromised but it’s always better to assume that it is.
Cheers for the tips folks, mostly inline with what I suggested but never thought to suggest double checking her details in hotmail before changing password.
