E-mail account hijacking question

Post by **haas mark** » 2004-03-14 02:24pm

Ok, so we've been getting these return e-mails through AOL, and don't know what to do with them, don't know if they can be traced and stopped, etc., etc.. help?

Examples:

From :
<UKHNKDC02@randstad.nl>

To :
[Our e-mail addy]

Subject :
Report to Sender

Sent :
Saturday, March 13, 2004 1:14 PM

Incident Information:-

Database: d:/data/domino/mail.box
Originator: [Our e-mail addy]
Recipients: chester.branch@uk.randstad.com
Subject: fake
Date/Time: 13/03/2004 20:14:31

The file attachment nomoney.zip you sent to the recipients listed above was
infected with the W32/Netsky.b@MM!zip virus and was deleted.

From :
Postmaster <postmaster@dannycarey.org>

Reply-To :
<postmaster@dannycarey.org>

To :
<Our e-mail addy>

Subject :
WARNING: YOU MAY HAVE A VIRUS

Sent :
Saturday, March 13, 2004 1:13 PM

The Declude Virus software on dannycarey.org has reported that you
sent an E-mail to goods@dannycarey.org, containing the W32/Netsky.B@mm virus in
the
mails.exe attachment. The subject of the E-mail was "hi".
The E-mail containing the virus has been quarantined to prevent further damage.

Headers Follow:
Received: from dannycarey.org [80.0.122.79] by mail.cydian.com
(SMTPD32-7.07) id AB5D21E900EC; Sat, 13 Mar 2004 15:13:17 -0500
From: [Our e-mail addy]
To: goods@dannycarey.org
Subject: hi
Date: Sat, 13 Mar 2004 20:13:00 +0000
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="06646327"
Message-Id: <200403131513431.SM02900@dannycarey.org>

I thought I had more examples saved, but don't. What do I do with this kind of stuff?

And we don't have a virus, and I've been running SBS&D checks every few days.

El Moose Monstero · Post by **El Moose Monstero** » 2004-03-14 02:37pm

NetskyB piggy backs using an email address from someones address book if that helps, so someone could be getting one from what seems like your address, and so it gets sent back to, where in reality, it's from a totally different email account.

Post by **haas mark** » 2004-03-14 03:06pm

The_Lumberjack wrote:NetskyB piggy backs using an email address from someones address book if that helps, so someone could be getting one from what seems like your address, and so it gets sent back to, where in reality, it's from a totally different email account.

So it's ok to ignore these or what?

El Moose Monstero · Post by **El Moose Monstero** » 2004-03-14 03:44pm

Yeh, should be, I've been getting loads of them in my junkmail box recently, Netsky.B is all over the place at the minute, I've just been deleting them and no harm done.