Email viral links from a Mac?

Discussion in 'Community Discussion' started by pbfiddler, May 3, 2010.

  1. pbfiddler macrumors newbie

    Joined:
    May 3, 2010
    #1
    My apologies--I know there must be a better place to post than in Community but since Macs don't generally have issues with viruses....
    I'm unfortunately not a Mac user--work supplied computer, and it is Windows 7.
    I've been receiving numerous (as in 40 or 50) emails in the last few days "from" a colleague who is on a Mac that are obviously not from him, with viral links.
    I'm not really sure how this happens on a Mac, or how I can stop receiving/he can stop the emails from being sent. His ISP appears to be AOL.
    He's not particularly computer savvy (he has difficulty opening attachments, etc), and when I called him, his response was that since it is a Mac he doesn't think it's from him. I don't think he's checked into it any further, assuming that it has nothing to do with him. But I'm still being overwhelmed with emails "from" him (or someone spoofing his email at any rate)
    Any thoughts as to what is happening and how to handle it?
    Thanks so much!
    pbfiddler, wishing she were on mac! :)
     
  2. miles01110 macrumors Core

    miles01110

    Joined:
    Jul 24, 2006
    Location:
    The Ivory Tower (I'm not coming down)
    #2
    It's an AOL problem. Tell him to abandon AOL like the rest of the world.
     
  3. yellow Moderator emeritus

    yellow

    Joined:
    Oct 21, 2003
    Location:
    Portland, OR
    #3
    There's a lot of variable at play here. You need to look at the headers of the emails and check where they are actually come from. They may not be from him or his Mac at all.

    They could be from someone else in your office who is on a Windows box and got compromised and it's using that person's address book to spread spam spoofing To: and From: fields from it.
     
  4. pbfiddler thread starter macrumors newbie

    Joined:
    May 3, 2010
    #4
    Hmm..I work out of my home, am the only paid employee for a small nonprofit.

    I've been permanently deleting them once they come in, so when I receive the next one I'll compare the full headers against an email that is from him.

    Given that it's only my computer, I'm unsure...plus I was getting these emails from him before I did a clean reinstall on my system, and continue to receive them since the reinstall as well (compatibility issues with 32 bit software and a 64 bit computer)

    How might AOL figure into this?

    Thanks,
    Renee
     
  5. mkrishnan Moderator emeritus

    mkrishnan

    Joined:
    Jan 9, 2004
    Location:
    Grand Rapids, MI, USA
    #5
    Basically, they're probably e-mails being sent from a "bot-net" and disguised to look like they're coming from your friend's AOL account. How much AOL has to do with the problem, I'm not really sure (I have an AOL e-mail account, which I never use, and I've never had any problems with it nor been accused of sending spam from it).

    I'm not really sure what can be done. Contacting AOL's support might help, but it's pretty unlikely. Your friend may want to consider closing the account down and/or starting a new account with a different e-mail address, but this probably won't stop the e-mails from being sent to you using the spam address. At least, though, this way, you can spam filter the e-mails from his/her old account.
     
  6. miles01110 macrumors Core

    miles01110

    Joined:
    Jul 24, 2006
    Location:
    The Ivory Tower (I'm not coming down)
    #6
    AOL is just like pretty much any other Mail server- you can view it on the web or use a local Mail client to access your messages. Just because you are getting e-mail messages from his account doesn't mean that they are being sent from his Mac- this is very unlikely. Depending on the headers his account might have been compromised, though.
     
  7. mkrishnan Moderator emeritus

    mkrishnan

    Joined:
    Jan 9, 2004
    Location:
    Grand Rapids, MI, USA
    #7
    So semi-OT, but I'm curious about this part... I remember in the "old days" why people hated AOL. But in this kind of spamming, which most likely is coming from somewhere else on the internet using spoofed accounts, is there still a way in which AOL in particular is contributing to the problem? (I have noticed that a lot of spam also seems to come from ... possibly spoofed? Yahoo accounts.)
     
  8. yellow Moderator emeritus

    yellow

    Joined:
    Oct 21, 2003
    Location:
    Portland, OR
    #8
    It is really more about identifying the host(s) that sent/forwarded the email than the perceived source via the From: field. I'm guessing it's very unlikely to actually have come from AOL and more likely to have come from someone's zombified Windows box.
     
  9. miles01110 macrumors Core

    miles01110

    Joined:
    Jul 24, 2006
    Location:
    The Ivory Tower (I'm not coming down)
    #9
    I don't know the details, but the answer is certainly lax security measures. I too notice lots of spammish-type messages from Yahoo accounts, as well as AOL, hotmail, and pretty much every other free e-mail service. Interestingly I don't get as much pure "spoofed" spam messages from GMail addresses, but several times I've gotten messages on my Gmail account(s) that I shouldn't have gotten: my Gmail address is something like myaddress@gmail, but I get messages addressed to my.address@gmail (for example).
     
  10. r1ch4rd macrumors 6502a

    r1ch4rd

    Joined:
    Aug 5, 2005
    Location:
    Manchester UK
    #10
  11. jaw04005 macrumors 601

    jaw04005

    Joined:
    Aug 19, 2003
    Location:
    AR
    #11
    I get email like this claiming to be from my friends with hotmail all the time. They don't necessarily have to have their machine compromised. It's likely a spammer at one point hacked their account and stole their contact list.
     
  12. miles01110 macrumors Core

    miles01110

    Joined:
    Jul 24, 2006
    Location:
    The Ivory Tower (I'm not coming down)
    #12
    Well that's good to know, and extremely annoying. No offense to the Whitehurst Rec Kickball league, but my dues are not overdue thank you very much :p

    That's not the situation. The e-mails appear to be coming from the friend's exact e-mail address, not claiming to be a friend in the body of the message.
     
  13. notjustjay macrumors 603

    notjustjay

    Joined:
    Sep 19, 2003
    Location:
    Canada, eh?
    #13
    Does that email address get used for things like MSN Messenger accounts? A lot of the time that seems to be where virus emails come from.
     
  14. jaw04005 macrumors 601

    jaw04005

    Joined:
    Aug 19, 2003
    Location:
    AR
    #14
    Did I mention anything about the body of the message?
     
  15. miles01110 macrumors Core

    miles01110

    Joined:
    Jul 24, 2006
    Location:
    The Ivory Tower (I'm not coming down)
    #15
    No, but you won't be able to reproduce the situation at hand simply by stealing a contact list, as I stated before. Think about it, or maybe go back and read the original post.
     
  16. yellow Moderator emeritus

    yellow

    Joined:
    Oct 21, 2003
    Location:
    Portland, OR
    #16
    Why not? This used to happen all the time with Outlook. A person's Winbox gets compromised, the contact list gets grabbed, and the remailer starts sending out spams to people on the contact list from people on the contact list.

    EDIT: Oh, I see.. I went back and re-read. It's HIGHLY unlikely that a computer was physically compromised simply to steal a contact list. Much more likely that it was an automated malware functionality.
     

Share This Page