10-25-2011 10:41 AM
I have a PC with Windows XP Pro, firewall enabled, and have Norton 360 (long time) along with Norton Utilities 15 (recently installed). I have done regular housecleaning and have 360 on constant alert for problems. However, this morning I discovered that someone or something had hijacked my email address list (in Mozilla Thunderbird) and sent out a spam email to a great many (but not all) addresses in my list as if it came from me using my Yahoo account (Thunderbird manages four email accounts of mine)! This includes addresses of my business contacts, which as you can imagine I am not happy about at all! What I want to know is how did this "hacker" get past the Windows Firewall, and more importantly, past the protections I am supposed to have from Norton?
I had gotten this sort of spam from people I know in the past but this is the first time I can recall it was sent out from my PC as if from me! One of the worst aspects of this is that all those email addresses (some very private) were out in the "To:" line for EVERYONE to see!
What can I do to make sure this can't happen again and why didn't Norton stop this action?
Thank you, DWKsimi
10-25-2011 12:47 PM - edited 10-25-2011 12:49 PM
Do you maintain an online address book for your Yahoo! mail account? In almost all situations such as this, it is the webmail account that has been compromised, not the local email client. This is usually due to a weak password, sharing of a password, or a successful phishing attack that was able to acquire the password. Most likely, no malware or outside access to your computer was involved (although there are rare exceptions). This is why no amount of local security software can prevent these types of hacks.
The first thing you need to do is it change the account password and any other means of accessing the account, such as secret questions. Note that the hackers would have had control over all aspects of the account - you should respond accordingly, checking and changing anything that could have been modified. Please see the following articles for more information on this increasingly common issue and the steps you should take going forward: