Why is my email sending out random emails to my contact list without my prompting it to do so?

Hello Mails

March 25, 2011

Question by Jami D: Why is my email sending out random emails to my contact list without my prompting it to do so?
People on my contact list are receiving emails from me that I have not sent.

Best answer:

Answer by Momperson
Virus. Run your Norton Disk Scan or whatever virus protection you have. Good Luck!

Add your own answer in the comments!

3 thoughts on “Why is my email sending out random emails to my contact list without my prompting it to do so?”

  1. Your Obviously being hacked. The person that is hacking you, probably knows your original password so when he changes it to access your account, and if hes doing these emails to your friends he changes it back.

    My friend, I suggest you change your Email Security Questions, Make YMAIL updates private. And Im sure, your account wont be hacked.

  2. This happened to me recently. They are using a security hole in the client side of the browser which allows a hacker to rewrite a cookie accessing your email contacts via PHP embedded in the email and is currently undetectable by Yahoo Mail. The IP address from the originating email for my case came from this IP address (this can be found in the full email header) which I tracked it down to Thailand. The link sent out to all my contacts accesses a website in Poland (a fake Canadian Pharmacy page) which will grab more emails based on the PHP Script similar to that below. I have currently deleted all my cookies and cleared all my saved passwords in Firefox and have also installed Spybot Search and Destroy since my virus scanner (Eset Smart Security) and MS MRT didn’t find anything (not sure what a viable solution is yet). After you do all the above, change your password and clear your cookies out frequently. Here is a copy and paste of what I found.

    How hackers steal yahoo passwords

    This article is ment to provide more info on how to protect your yahoo account and every account in general and should not be used for stealing someone’s info, password etc. It’s purely informative. My yahoo Id was recently accessed by an unknown person which used it to send promotional emails to my list of friends who, of course, accessed them leaving the hacker another open door, and another and so on, the chain never ends. Hopefully yahoo wakes up. I did a search on this new thing that they use, it had to be something on the “client side”, a bug that could be sent inside an email, a new thing, undetected by yahoo, yet – it’s easyer to attack than to deffend they say. It didn’t take me too much to find this code which writes the recipient’s cookie (stored in C:/ under the Cookies folder) inside a .log file that is copy-pasted by the hacker overwriting his own cookie that yahoo stored inside his computer and than easilly accessing the victim’s yahoo email. The bug: