[Help] outlook problem

testing1234

testing1234

Banned
Joined
Jun 18, 2010
Messages
13,824
Reaction score
0
Hi guys..not sure what causes this but i am sure this is a virus problem but the thing is i have not opened any strange emails nor visit any of those funny website

what i did was i used AVG and norton to scan and some threats were removed. i also changed my password but to no avail

we have outsourced our IT to another IT firm but i have given up on them as you know, the "talents" who helped was just incompetent.

anyone can shed some light on this? appreciate this. thanks

148kpyw.jpg
 
X

xkiller213

Senior Member
Joined
Oct 21, 2012
Messages
647
Reaction score
0
I see that you're still running win xp and office 2003... Did you keep them updated? Microsoft Update

Anyway, this seems to be the wrong place to post this qn.. Haha..
 
Last edited:
Supersen

Supersen

Supremacy Member
Joined
Feb 9, 2004
Messages
5,550
Reaction score
449
one of my colleague also knna now...

contacted my email vendor :s22:

waiting to be resolved, anyone know if it is the symptoms of the email server infected? :s11:

the web mail also got alot of this spams...
 
P

peterchan75

Supremacy Member
Joined
Apr 26, 2003
Messages
6,719
Reaction score
529
Select Tools > Rules & Alerts > New Rules

Create a rule that match the subject title and move these junk mail to Deleted Items. This should at least unclog your inbox.
 
X

xkiller213

Senior Member
Joined
Oct 21, 2012
Messages
647
Reaction score
0
Actually, if your email provider has a web mail interface, change your password and use it for a while, and check if the undelivered messages still appear.. Do not change the password in outlook (let it get authentication failed)...
 
testing1234

testing1234

Banned
Joined
Jun 18, 2010
Messages
13,824
Reaction score
0
Supersen said:
one of my colleague also knna now...

contacted my email vendor :s22:

waiting to be resolved, anyone know if it is the symptoms of the email server infected? :s11:

the web mail also got alot of this spams...
Click to expand...

not too sure bout that...all i know is its slowing me down from my work and very frustrating!! lol
 
X

xkiller213

Senior Member
Joined
Oct 21, 2012
Messages
647
Reaction score
0
testing1234 said:
not too sure bout that...all i know is its slowing me down from my work and very frustrating!! lol
Click to expand...

If the only thing which you're having a problem with is the inbox clutter, then yes, do as what peterchan said, create a filter...

But before that, I would advice you to get your computer checked.. If possible, plug your hdd into a computer which is known not to be infected and do a complete scan of your hdd.. Who knows what viruses might be found...

Also, make sure Microsoft update is installed (Microsoft update is different from Windows update, you need to opt in to MS update and install a plugin before you can use it)...
 
Override2Zion

Override2Zion

Member
Joined
Feb 27, 2002
Messages
116
Reaction score
0
xkiller213 said:
...If possible, plug your hdd into a computer which is known not to be infected and do a complete scan of your hdd.. Who knows what viruses might be found...
Click to expand...

This is a good suggestion, IMHO. If the virus gets an opportunity to run, it does all sorts of tricks to disguise itself. Best case scenario if it is a virus, but if its something more malicious (DDOS) then you'd have to handle it carefully.

Email return address can be spoofed easily. Sending out emails to an invalid address with your spoofed address will cause the undeliverable messages (NDN/NDR) to return to you. This becomes a form of DOS/DDOS when done in mass quantities.

More information for NDR DDOS Attacks via the link below,
http://www.techzoom.net/publications/mail-non-delivery-attack/
 
Last edited:
X

xkiller213

Senior Member
Joined
Oct 21, 2012
Messages
647
Reaction score
0
Override2Zion said:
This is a good suggestion, IMHO. If the virus gets an opportunity to run, it does all sorts of tricks to disguise itself. Best case scenario if it is a virus, but if its something more malicious (DDOS) then you'd have to handle it carefully.

Email return address can be spoofed easily. Send out emails to an invalid address with your spoofed address will cause the undeliverable messages (NDR) to return to you.
Click to expand...

That's why it's important to see who the invalid addresses are... If they came from the user's address book, then it might just be because of an infection in their computer...
 
86technie

86technie

High Supremacy Member
Joined
Jun 8, 2006
Messages
39,916
Reaction score
5,678
Two areas u can look at:
1) Create a rule as what other said
2) Send a complain to your IT department and ask them
why you keep receiving junk email. Is it the junk email
filter on sever not working or not installed?
 
testing1234

testing1234

Banned
Joined
Jun 18, 2010
Messages
13,824
Reaction score
0
xkiller213 said:
That's why it's important to see who the invalid addresses are... If they came from the user's address book, then it might just be because of an infection in their computer...
Click to expand...

nope...i checked and so far none are from my address book AFAIK. there are just random email addresses to yahoo mail and all...

techidiot said:
Two areas u can look at:
1) Create a rule as what other said
2) Send a complain to your IT department and ask them
why you keep receiving junk email. Is it the junk email
filter on sever not working or not installed?
Click to expand...

i did no. 1)

2) the IT team we outsourced is just :s22::s22::s22:

kept insisting that it is spam mail and told me to ignore and delete.
 
Override2Zion

Override2Zion

Member
Joined
Feb 27, 2002
Messages
116
Reaction score
0
testing1234 said:
nope...i checked and so far none are from my address book AFAIK. there are just random email addresses to yahoo mail and all...
Click to expand...

How many other users are receiving similar spam? Are your corporate email addresses posted anywhere in the public domain?
 
testing1234

testing1234

Banned
Joined
Jun 18, 2010
Messages
13,824
Reaction score
0
Override2Zion said:
How many other users are receiving similar spam? Are your corporate email addresses posted anywhere in the public domain?
Click to expand...

how many users meaning my colleagues? none..just me

yes, but so far its only my superior's address is posted up on our own portal. thats bout it.

over the weekends, i can have 1000+ undelivered mails in my outlook :spin::spin::spin:
 
Override2Zion

Override2Zion

Member
Joined
Feb 27, 2002
Messages
116
Reaction score
0
testing1234 said:
over the weekends, i can have 1000+ undelivered mails in my outlook :spin::spin::spin:
Click to expand...

That weekend was your PC off? If its on, its inconclusive if your PC is infected. However if its off, the attack would be originating from somewhere else. The interval of the NDRs in your inbox seems quite suspicious, several within a minute.

If you're the only one affected in your company, it could be a spammer on the internet choosing your email address to spoof while sending out spam. The targets of the spam are collections of addresses they've found on the internet. Some of these addresses collected may now be invalid and thus resulting in NDRs returning to you.

What is the content included within the NDR message? Are there any website links or attachments included? These can be signs to help narrow down the objective/intent of the spam.
 
Last edited:
testing1234

testing1234

Banned
Joined
Jun 18, 2010
Messages
13,824
Reaction score
0
Override2Zion said:
That weekend was your PC off? If its on, its inconclusive if your PC is infected. However if its off, the attack would be originating from somewhere else. The interval of the NDRs in your inbox seems quite suspicious, several within a minute.

If you're the only one affected in your company, it could be a spammer on the internet choosing your email address to spoof while sending out spam. The targets of the spam are collections of addresses they've found on the internet. Some of these addresses collected may now be invalid and thus resulting in NDRs returning to you.

What is the content included within the NDR message? Are there any website links or attachments included? These can be signs to help narrow down the objective/intent of the spam.
Click to expand...

apologies...but whats NDR?

it was on standby but even when my pc is off for the day, those undelivered mail starts flooding my inbox as soon as i launch my outlook :spin::spin::spin:

btw i forwarded this email to the external IT team

9ibrx0.jpg
 
Last edited:
Override2Zion

Override2Zion

Member
Joined
Feb 27, 2002
Messages
116
Reaction score
0
No worries, sorry for the jargon. NDR stands for Non-Delivery Report.

From your description,
1) You've already changed the password (best to be done using another phone/tablet/mac that is confirmed "clean", not all but most viruses are platform/exploit dependent)
2) Returned mail topic "MY DEAR YOUR COMPENSATION FUNDS PAYMENT ORDER VIA ATM CARD"
3) NDRs continue to flood inbox despite PC being off
4) The timestamp of the NDRs received falls within the duration when your PC is off

If all terminals you use to access corporate mail either at home or office is clean then all the points above suggest that scammers are spoofing your email to send out spams. Your email account is likely to be still safe and uncompromised. For the spamming, there is nothing much you can do though but to besides filtering on your end.

Can also try scanning using MBAM, its free
http://www.malwarebytes.org/products/malwarebytes_free/
 
Last edited:
You must log in or register to reply here.
Important Forum Advisory Note
This forum is moderated by volunteer moderators who will react only to members' feedback on posts. Moderators are not employees or representatives of HWZ Forums. Forum members and moderators are responsible for their own posts. Please refer to our Community Guidelines and Standards and Terms and Conditions for more information.
Top