Emails Sent From Me, to Me?

[FLWBStrainman]

This does not relate to Trainz, but I didn't know where else to go. I have been getting several e-mails recently from my AOL account that indicate that I sent them to myself. In simpler terms, my screen name shows as the sent address. They appear to be spam. My other AOL screen-name is fine. I have run both AVG and SpyBot, and they found no viruses.

What could be causing this?

Thanks.

 

[srr89]

It's possible that someone got a hold of your AOL email address and is the one sending you those emails. I would recommend changing your password on your AOL email address account, probably to something that is hard to crack so it isn't easy to guess.

This may not be the problem, but it's a possibility.

Robby :wave:

 

[DeDR77]

Most likely that these mails don't come from the actual AOL account but from some other machine/user who got hold of your email address. May take a look at the email headers to proof that. Well, it's quite a common issue, this is what we tell our customers in such cases:

Such side effects happen due to some limitations of the protocol which is used to send messages through the internet (SMTP - Simple Message Transfer Protocol). It's actually designed to work like the traditional post: Put a letter into the post box and let the post transfer it. Nobody will ask for authentication to proof, whether the person, who puts the letter into the box, is the same as written as sender on the letter - basically everyone can send a letter with a phony name on it. The same happens here: It's technically possible to use any existing or even phony email address.

To avoid sending faked mails, most providers have special workarounds implemented. Unfortunately often malicious code (worms, viruses) installs independent SMTP servers on infected machines to bypass such methods, some SMTP servers around the world are 'open' and offer mail routing services without any checks. Often the persons who own such machines doesn't even know that their infrastructure is misused, but the hackers identify those quite quickly. The addresses are mostly collected via Virus, Worms, etc. from Windows applications such as Outlook, Addressbook or even Excel lists but also can be collected from public web services, such as forums or normal web presentations.

If you get delivery failures for messages you never sent - this is for you:
As an email message always contains a sender (From field), any delivery failure or status message will be sent to that, even if the original sender was somebody else.

The good thing on email is that the header information also contains a lead to the real sender or at least a server which was abused. Thus it's possible to proof that a message was not sent from your account, technically it's possible to identify the real person or at least the affected PC. In some re-occurring or legally critical cases it would be recommended to take action, but this of course is very time consuming, involves 3rd party resources and often requires action from legal authorities.

Hope it clarifies,
best regards - Dirk

 

[ex-railwayman]

Yeah, most probably it's SPAM advertising for Viagra and other things similar, they don't normally have a virus attached, they just want you to open the message as you could be a possible future customer.....
I used to get them years ago after I started using e-card websites to send free e-cards to my girlfriend. These sites pass your e-mail address to these companies to get sponsorship for their websites as the e-cards you send are free, but, you pay eventually by having your e-mail address sent around the world to these advertising companies and end up having to delete all the SPAM mail you get into your box afterwards, they're a blinking nuisance.....

Cheerz. ex-railwayman.

 

[DeDR77]

... they don't normally have a virus attached, they just want you to open the message as you could be a possible future customer.....

Be careful here It's for sure not a seller that sends the spam, they would get in trouble with authorities if they would do it. What the sender really wants is to proof that the used address is valid and used. If an address appears used, it gets a higher rating and potentially gets sold - that's the real business...

Thus it's strongly recommended to avoid opening suspicious, unexpected mails at all - simply delete them.

Potential risks, if such message gets opened:
- it's flagged with a return receipt. Opening would immediately send the return receipt. Good news: Some mail clients notice such things and ask, some providers even ignore them at all - depends.
- most likely they use HTML based messages. These are usually designed to retrieve images or even code from the remote site which really pays off for the sender to keep track of the usage and returns additional information such as operating system, used browser etc. Very bad senders may even include malicious code to spread their crap. May disable HTML view to plain text to avoid these kind of risks.

Finally, never run your PC using a privileged user account. Choose a simple user account with lowest rights as possible. In regards to Trainz you need to tweak the registry a bit as Trainz requires write rights to it's own registry entries (see the forum for details).

Best regards - Dirk

 

[johnwhelan]

This does not relate to Trainz, but I didn't know where else to go. I have been getting several e-mails recently from my AOL account that indicate that I sent them to myself. In simpler terms, my screen name shows as the sent address. They appear to be spam. My other AOL screen-name is fine. I have run both AVG and SpyBot, and they found no viruses.

What could be causing this?

Thanks.

In simple terms Internet emails have a from field and a display from field. It is technically possible to write anything in the display from field and that is the one that is displayed when you get the email.

It is possible to display a great deal of information from the header but working out what is what takes time so I won't bother.

Cheerio John