Re: email virus "Private Message" why did my norton int sec allow me to open HELP NORTON A

SendOfJive · ‎02-07-2009

Shayvin wrote:
It wasn't compromised. An email virus was sent to me via a friend with an attachment that I opened. As I mentioned, many friends had a variety of different providers such as yahoo, rogers, bell ect. When you open the email and click the link I got the virus. However, the same thing happened to my friends and when they tried to open the link, their antivirus disallowed. They had mcaphee ect. ..anyone with Norton got infected because Norton allowed them to open the link.

Hi Shayvin,

This is why I am not following you well. You mention becoming infected from clicking a link and from opening an attachment. These are two very different attack vectors, and it matters which one you actually mean. You also mentioned being told to log into Hotmail, which may have some significance. I cannot even attempt to figure out what happened with your contacts until I understand what happened to you first.

Shayvin · ‎07-18-2012

Ok, I have to remember my project manager days working with my tech guru's ;0)

1. I received an email in my inbox in hotmail from a friend

2. The subject matter of his email said: Private Message

3. So I opened his email

4. Within the email it said: To retrieve this email relog onto hotmail

5. Stupidly,I clicked the link which brought me to hotmail logon screem and I reloged onto Hotmail

6. Instantly, a spam site came up with porn of some nature

7. I went 'oh sh*t and Closed the Site right away

8. Shortly there after, I received several Post Master Failure emails in my inbox.

9. I then received several Emails from friends replying to the Private Message saying: I opened this email and tried to access the link but my pc would not allow.

10. I was shocked because I Did Not Send Them emails

11. I looked into my Send Box and saw that someone, not me sent the same email to ALL my contacts

12. I deleted all the sent emails, inbox emails and did a full sweep with NIS twice and a Power Erase twice.

13. The next day friends emailed me that they got the message from me again but there were no sent emails from MY my sent box

14. I again did a Full Scan

15. This was last week and I have not heard anything from anyone.

My feedback from friends who recieved this email said that their antivirus blocked them from opening the email.

So I have 2 Questions:

1. Why did NIS not block me from opening the link within that email like my friends?

2. Is it gone - or is there a virus still lurking within.

I hope I have helped you get a better picture, Thank you

SendOfJive · ‎02-07-2009

OK, now we're getting somewhere! FIrst, you were probably not infected with a virus. Instead, this all happened in your Hotmail account online, and not on your computer. Clicking the link to the Hotmail log-in page was where you went wrong. Almost undoubtedly, this sent you to a log-in page that was a very real-looking fake, and that is how the bad guys got your credentials to your Hotmail account. With access to your account, they were then able to steal your contact list and could spam your friends using not only your account, but other accounts as well (spoofing your address in the "From" field) - this is why some messages were in your sent folder and others were not. You do need to secure your Hotmail account and make sure that any information obtained by the bad guys cannot be used to create more mayhem. Please follow the advice given here:

http://ask-leo.com/email_hacked_7_things_you_need_to_do_now.html

We are dealing here with a phishing attack, and not a virus. Phishing sites, such as the presumably fake Hotmail log-in page, commonly appear and then quickly disappear within a day or two, and so the time window for protection is the short period between the time that the site is discovered and the time that it vanishes. While I cannot be certain why you were not prevented from going to the page, it is likely because the site was fresh and had not yet been identified as a phishing site.

While the "porn" site you landed on might have also hosted malware, if your virus scans are coming up clean, you are probably not infected and do not need to worry too much about that - but you do need to secure your Hotmail account as previously mentioned. Your contacts may continue to receive messages that appear to come from you, even though they actually do not, because the spammers do have their addresses and are able to spoof yours as the sender. In most cases though, the spammers will abandon your address rather quickly, so things may improve over the course of a week or two - in fact, if your contacts are no longer reporting spam from you, this may already be the case.

Shayvin wrote:
My feedback from friends who recieved this email said that their antivirus blocked them from opening the email.

If that is true, it is because, unlike you, your friends downloaded the messages to the email client on their machines where their antivirus could detect a malicious attachment if one was present. Webmail services like Hotmail cannot be scanned by your AV, because the data is all stored on servers somewhere, and not on your computer where Norton would have access to it.

Shayvin · ‎07-18-2012

Thank you so much Guru!

Hotmail Admin closed my account in order to deal with the spam and then I was on it another 3 days later. I have not heard that they are continuing to get spam from "me" so your comment about moving on hopefully happened already. I also received the same explanation , almost word for work from a vp of tech from a big company, regarding some antivirus software getting the details of phishhing before hand and blocking it where as Norton most likely had not..but most likely has now.

My apologies for not explaining this issue properly the first time and a huge THANK YOU for your time. I know you volunteer and I am as many are most grateful. Maybe Norton should hire you?? . If I see anything else "Phishy" I will post back. However, I believe the scoundrels have moved on. Cheers and All the Best. Shay

huwyngr · ‎04-13-2008

Glad you got the issue resolved and I certainly hope that closing your Hotmail account stops the spam flow.

Hugh

SendOfJive · ‎02-07-2009

Hi Shayvin,

You're welcome...and no more clicking links in emails!

HélèneLessard · ‎08-09-2012

I got the same thing.

but someone hack me as the same time. I was able to get back my account.

To best thimg to do when you got this message is:

+Change you password

+Changes you preference email option: security question with your answer. updatimg your database, phone number.

+Delete all your cookies and your history of your navigator

After doing this, it all stop and I advice my contacts about that thing

Norton Internet Security / Norton AntiVirus

Re: email virus "Private Message" why did my norton int sec allow me to open HELP NORTON A

Re: email virus "Private Message" why did my norton int sec allow me to open HELP NORTON A

Re: email virus "Private Message" why did my norton int sec allow me to open HELP NORTON A

Re: email virus "Private Message" why did my norton int sec allow me to open HELP NORTON A

Re: email virus "Private Message" why did my norton int sec allow me to open HELP NORTON A

Re: email virus "Private Message" why did my norton int sec allow me to open HELP NORTON A

Re: email virus "Private Message" why did my norton int sec allow me to open

Products

Services

Support