LeeAnn wonders why she gets email that appears to be from her friend – but it’s really not
A friend of mine keeps sending me email but she swears she isn’t sending them. Most of the time they’re filled with disgusting advertisements – or links to bad web sites.
Our Answer
Your friend is most likely telling you the truth. She could have downloaded a Trojan that made her computer part of a botnet. So her computer could be sending thousands of emails without her knowledge. The controller of the botnet – the one who programmed or distributed the Trojan – decides what will be sent and when email will be sent. It’s all done remotely and automatically. Infections like these are very common. This kind of thing happens all the time to people don’t have good antivirus installed – or who have it installed but don’t keep it updated. A Trojan can be piggybacked on legitimate software too — or disguised as legitimate software. Sometimes they are installed by “drive-by downloads”, but this is becoming less and less common.
Once the Trojan executes, it turns the computer into a zombie – a remote controlled mass-mailing machine – which scours the computer for email addresses in address books, email messages, documents, Internet cache – anywhere on your computer where there are email addresses the Trojan will find in its scan. It simply executes a script and puts a random email address in the FROM field and then sends an email containing whatever content its controller decides on – and sends it TO every single address the script extracted from that computer.
And before you worry when you see an email that appears to come from yourself – it does not mean you’re infected. It means that someone who has your email address in their address book or anywhere on the computer is infected. If you have a lot of friends who you email often – it could be any of them. There’s no way for to tell.
If you start getting a lot of email from your friends (or yourself) that isn’t really from then, be a good netizen and make sure all your friends have good antivirus installed and that they keep it updated. Remind that there are many free good antivirus programs (Microsoft Security Essentials and Avast, to name just two of them) so protecting their computer won’t cost them a single penny. It may surprise you to know that about 30% of those who use the Internet have no antispyware software installed or have outdated antivirus software installed. It seems incredible that that many people browse the Web totally unprotected, doesn’t it?
Also, they should take advantage of the many free online virus scanners like http://housecall.trendmicro.com . Have them run a scan and make sure they’re not infected. It wouldn’t be a bad idea for you to run a quick scan too. It’s always a good idea to double-check your computer for viruses, Trojans, worms, and rootkits – a couple times a month, just in case something might have slipped by your antivirus. There is no such thing as a 100% perfect antivirus program – but most good antivirus software comes very close.
I thought online meant you didnot have to download?
We’re not sure how your comments relate to the article.
Hey There TC & 8 – I have had a problem recently with my yahoo address, and am 99% confidant that my systems are bot-free. I update and scan daily, and use several other programs to check for hijackers and rootkit attacks, etc. I complained to Yahoo because I am also receiving duplicate emails; they are very busy and my problems are not important, but they did suggest that my email address was lifted by a spider from a job site. Since my associates with the same problem use Career Builder, we think that may be the source. So far this is only the junk hotlinks that are being sent. Yours, Morris