Hi all.
My ISP is EarthLink.
On my desktop computer, I use an e-mail program you may have heard of called "Mozilla: Thunderbird".
The other day, about 25 e-mails showed up in my Inbox that were those "bounce-back" type of e-mails; the ones that have a Subject line of "Mail Delivery Failed: Returning message to sender", etc. However....
The thing is, I didn't send any of these e-mails. I even went into the Thunderbird e-mail program's Sent Bin/ Folder and checked there; nope, not there.
With EarthLink (and I'm sure many other companies out there), you can go to their web site, and there's a link there to click (Web Mail); you can also check your e-mail there, compose an e-mail, etc.
While logged into my web mail on EarthLink's site, I checked the Sent Bin/ Folder there; nope, nothing there (no e-mails to the addresses of the one's that bounced-back and ended up in my Inbox with the Subject line of "Mail Delivery Failed...").
Something I noticed, also: The e-mails that were supposedly sent from my account? Well....my e-mail address book is also on EarthLink's web site when I log into the Web Mail there, and......the bounce-back e-mails kind of follow an alphabetical order, as if whoever did this went into the address book and first started with e-mail addresses in the letter "A", and so on....
Well, one of the first things I did was changed my password.
You see, what I figured was, someone had gone to EarthLink's web site, went to Web Mail, entered my login (e-mail address), and correctly guessed my password.....but like I said, there were no e-mails in the Sent Bin/ Folder of the bounced-back e-mails.
I called EarthLink's tech support, described the situation, told them I already changed my password......but they really didn't have anything to offer after that. I've been with EarthLink for many, many years (DSL connection), but, their tech support leaves a lot to be desired......
They asked me to Forward one of the bounced-back/ Delivery Failed e-mails to them (to their Fraud/ Abuse department), but I haven't heard back yet.
Isn't there a way for them to trace a return-path by looking at the e-mail header? Some way to find out where the e-mail was sent from?
Any ideas on how this was done? Spoofed? Like I said: there were no Sent items with the addresses of the bounced-back e-mails in either my Thunderbird program or EarthLink's web mail.
Pez
My ISP is EarthLink.
On my desktop computer, I use an e-mail program you may have heard of called "Mozilla: Thunderbird".
The other day, about 25 e-mails showed up in my Inbox that were those "bounce-back" type of e-mails; the ones that have a Subject line of "Mail Delivery Failed: Returning message to sender", etc. However....
The thing is, I didn't send any of these e-mails. I even went into the Thunderbird e-mail program's Sent Bin/ Folder and checked there; nope, not there.
With EarthLink (and I'm sure many other companies out there), you can go to their web site, and there's a link there to click (Web Mail); you can also check your e-mail there, compose an e-mail, etc.
While logged into my web mail on EarthLink's site, I checked the Sent Bin/ Folder there; nope, nothing there (no e-mails to the addresses of the one's that bounced-back and ended up in my Inbox with the Subject line of "Mail Delivery Failed...").
Something I noticed, also: The e-mails that were supposedly sent from my account? Well....my e-mail address book is also on EarthLink's web site when I log into the Web Mail there, and......the bounce-back e-mails kind of follow an alphabetical order, as if whoever did this went into the address book and first started with e-mail addresses in the letter "A", and so on....
Well, one of the first things I did was changed my password.
You see, what I figured was, someone had gone to EarthLink's web site, went to Web Mail, entered my login (e-mail address), and correctly guessed my password.....but like I said, there were no e-mails in the Sent Bin/ Folder of the bounced-back e-mails.
I called EarthLink's tech support, described the situation, told them I already changed my password......but they really didn't have anything to offer after that. I've been with EarthLink for many, many years (DSL connection), but, their tech support leaves a lot to be desired......
They asked me to Forward one of the bounced-back/ Delivery Failed e-mails to them (to their Fraud/ Abuse department), but I haven't heard back yet.
Isn't there a way for them to trace a return-path by looking at the e-mail header? Some way to find out where the e-mail was sent from?
Any ideas on how this was done? Spoofed? Like I said: there were no Sent items with the addresses of the bounced-back e-mails in either my Thunderbird program or EarthLink's web mail.
Pez
