TechSpot

How did this happen? Remote access?

By ptitterington
Feb 28, 2012
Post New Reply
  1. Just wondered if I have missed something.

    2 weeks ago my daughter asked me to look at her PC. Her antivirus had run out and to stop the annoying requests from Norton she removed it.

    We could not get the computer to boot at all and in the end I just stuck in a new HD and reinstalled windows. Luckily she had most stuff backed up to an external drive.

    She called the other night to say that folk in her address book had got wierd emails off her, not the usual virus ones that spam via your address book but as if she had actually sent emails. One of her friends said she had emailed to say she had purchased a dog??! another said she was invited to a party??

    It was like someone had access to her outlook and was just playing around.
    Could not have been from using the computer as she lives alone!


    Can this happen.

    Windows 7 PC

    Thanks
     
  2. jobeard

    jobeard TS Ambassador Posts: 9,330   +622

    have her change the email account password - - the email service has been hijacked.

    One someone can get the password to the account, the whole world will see
    the origin as the current own.

    This happens easily;
    • password was too simple (use UPPer and lowER case, a number + a symbol (^#_)
    • emailing a list be correspondants using the CC: line when she should have used the BCC
    monitor the email for a few days and if it continues, your ONLY choice is to close
    the account and to create another
     
  3. ptitterington

    ptitterington TS Maniac Topic Starter Posts: 255

    I am still not sure it is as simple as that, her friends sent me the emails and from my limited knowledge, on the headers appeared to have come from her computer, had her pc name and ip.
    To me it looked as though they had been sent through outlook as they were from her hotmail and gmail accounts both with different passwords.

    Thats why I could not figure out how it was done?
     
  4. jobeard

    jobeard TS Ambassador Posts: 9,330   +622

    It is entirely possible to fake each and every email header, so nothing is conclusive.

    That said, change the passwords anyway and
    run MS Essentials (or whatever antivirus you have) if you have not done so yet.
    You're looking for a rootkit.

    What version of Windows is on that machine?

    Some firewalls can allow port(s) for specific applications and yet block
    any other from using those same ports.

    Email ports are 110+143+587 for inbound, 25 for outbound.
    gmail inbound is 995
     

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...