Emails From Me - Just an FYI
Seliah (Childe of Fyre)
Posts: 336
If anyone has gotten any sort of spam-related email that seems to be coming from my Hotmail address (usually addressed as "Seliah"), please, just delete them. Understand that I did NOT send them, and no, my machine is not infected with anything. This has been something I've been battling for just about six months - it started long AFTER the point at which I was WITHOUT a working computer at all.
The email address is being spoofed, and unfortunately, I can't seem to really stop it. Those mails are not being sent from me. I just wanted to toss a heads-up out there, just in case anyone is getting these. (Apparently, I am mailing myself spam noticed, donchano...) Yes, I'm getting the blasted things, too.
Anyway - I just wanted to put a notice out there. If you see it, just delete it... if I'm going to email anyone, I always give advanced notice ahead of time, and I tend to prefer the forum messengers for such purposes first, regardless.
Thanks.
Daz 3D is part of 
Connect
DAZ Productions, Inc.
7533 S Center View Ct #4664
West Jordan, UT 84084
Licensing Agreement | Terms of Service | Privacy Policy | EULA
© 2025 Daz Productions Inc. All Rights Reserved.
Comments
That is the main reason I dropped Hotmail in favour of Gmail....
I assume you've changed your password, and the password of the back-up account if you set one up? if you log in via the web service you should be able to review recent activity, including recent logins and where they came from. My account was compromised a while back, but changing the passwords and keeping a beady eye on the login attempts for a while seemed to deal with that.
The problem with spoofing is that there is often nothing you can do once you're being spoofed except to wait it out. Being spoofed isn't being hacked, or being compromised; the spoofer does not (usually) have your password or otherwise have actual access to your account. They're just forging the "Sender" field of the email to say it came from you; much like writing the wrong return address on a bit of snail mail. This is, apparently, so they have a slightly higher chance of getting through to people because they appear to be from a "legitimate" email source. They find your email address through some public means or through fishing (this being the one thing that the victim has done that makes them vulnerable to it; if that.) Then they just start their bots a spamming with that email address falsely set as the sender. Email servers which receive these emails can check to see if it is indeed valid (SPF being the most common technique), but it's still only about 50/50 as to whether or not they do so. Considering it's not a new problem and this is the only practical solution, it's a bit absurd that it's not more widely adopted. About half a year ago when my brother was being spoofed, we found there were several major email providers, including Gmail, that weren't doing this. In the meantime, you're stuck hoping that the wave of bounced messages (because the sites that don't verify the sender still recognize the vast tide of spam and reject it) subsides soon. In my brother's case it took about a month for whoever it was to shuffle his email address out in favor of some new victim.
One doesn't need to access an email account to send email claiming to be from it. My mail client will let me claim to be the President of the USA, even though there's an international border between me and DC, and there's nothing in the internet email forwarding protocols to say otherwise. I could switch to claiming to be DAZ Support, or a clerk in the Federal Reserve, or the Pope, or anyone else - and the internet would blindly send the messages off.
This is why some people keep saying "don't trust email"...
Richard,
The first thing I did as soon as I realized these were going out, was to do all of that. However, there is a big difference between spoofing an email address, and compromising the account.
Spoofing is the same as me sending a letter to you, and writing your From: name and address in the corner, and writing someone else's name and address in the To: fields. The post office will still deliver it so long as it has a stamp, but you never sent it. You just have to deal with the angry phone calls yelling at you about how you sent them "another chain letter." But you never sent it, it never even came from your house, it was never in your hands at all, and no part of the letter, envelope, ink, or contents ever came from you. Your house was not broken into to get an address label, someone else just sent a chain letter off to about 50 people and wrote your name and address in the sender's corner.
That's what's going on with this. I did take preventive action, JUST IN CASE the account was ever compromised, but it has never been compromised. Someone is just spoofing my email address, and sending spam mails out. It's been going on for about six months, and there's really nothing I can do but wait it out, as others have pointed out in the thread.
I only posted this, because a few folks I know have gotten these emails, and I've had the "angry phonecalls over the chain letter" response to field, and I just wanted people to have a heads-up of warning so they knew what was going on and could just delete them entirely, is all. I just didn't want anyone thinking I was attacking their inboxes - they're being sent to me as well, supposedly from my own address. LOL That's usually the first pretty good sign that it's a case of spoofing, rather than an account being compromised. If you're receiving them in your own inbox, chances are pretty good that it's a spoofed/farmed email address being placed on the mails to get through the spam filters and such, rather than an account being compromised.
Just like someone writing a person's name on a letter and sticking it in a mail box, there's really not much I can do about it except wait it out, and warn people about it so that they know to just delete it/throw it away. (And hopefully don't give me the "angry chain letter phone call" as a result.)
One of the main reasons I never got a Hotmail email address to begin with. Of course I have 3 websites with their own emails, so I never needed it, back in the day. Now-a-days, I too have Gmail email addresses.
Sorry to hear about your issue. That is why I stick to O2 email services. Free, no spam (at least for me - or it jumps straight to spam folder). Easy to programme with a lot of folders. 20 GB of free space. A total of 100 MB of available stuff per message. Lastly, ten free antispam aliases you can delete when junk starts to come (good for registering on sites you suspect of sending junkmail like SmithMicro :coolgrin:) and an unknown amount of normal addresses you can create on the run. Gmail is too nosy for me, O2 is not - surely not to that degree.
Sorry, I was aware of the difference between spoofing and plain hijacking - I was just making sure you had eliminated hijacking as a possible cause.
One of the main reasons I never got a Hotmail email address to begin with. Of course I have 3 websites with their own emails, so I never needed it, back in the day. Now-a-days, I too have Gmail email addresses.]could have warned me...put you in the naughty corner...oh wait you didn't know,,,silly me. :P I have a Yahoo account that seems to always get the usual spam. I never use the forward email function I always copy and paste and so does my wife so I have no idea how they got my Yahoo addy from. Possibly due to someone cracking other website/s I used Yahoo for.
No worries, Richard. I apologize if I came off sounding condescending or anything of that nature. That was not my intent.