Hijacked email address

[Irkin Invader Zim]

On Dec 14, 1:44*pm, Emmett BADASS Gulley <emmettgulle...@gmail.com>
wrote:
> On Dec 14, 12:58*am, VanguardLH <V...@nguard.LH> wrote:
>
>
>
>
>
> > Li'l Abner wrote:
> > > VanguardLH <V...@nguard.LH> wrote innews:jc7b88$fq$1@news.albasani.net:
>
> > >> Li'l Abner wrote:
>
> > >>> Quite some time ago I had a friend whose Yahoo account had begun
> > >>> sending out spam email to a sizeable number of recipents, mine
> > >>> included. She changed her password and the spam ceased. Now two or
> > >>> three months ago she was unable to log in to her account. Her new
> > >>> password had obviously been changed. She finally gave up and created
> > >>> a new account.
>
> > >>> And now this morning, I just received another spam email from her old
> > >>> account which was addressed to 9 recipients. Three of them were all
> > >>> accounts of my own.
>
> > >> So your friend abandoned her Yahoo account, left it hijacked, and
> > >> you're surprised spam is sent from there? *God forbid she *close* the
> > >> account so no one can login thereafter. *If she couldn't login
> > >> anymore, and the "Remember password" mechanism didn't work, then
> > >> contact Yahoo to have them close the account.
>
> > >> So how is her use of easy to guess dictionary attackable passwords
> > >> going to prevent the same problem for her new account? *That she doles
> > >> it out everywhere, even to untrusted senders, instead of using aliases
> > >> (either using Yahoo's alias feature or some other service, like
> > >> Spamgourmet.com spammotel.com, or sneakemail.com) means all those
> > >> spammers know what it is and might decide to target it for hacking.
>
> > >>> I haven't posted any headers here because I've already analyzed where
> > >>> the mail is originating from, See
> > >>> (http://whois.domaintools.com/btel.net.id) That domain is in
> > >>> Indonesia, I think.
>
> > >>> My question: How can she get rid of that old account altogether?
>
> > >> Close it. *That requires logging in. *As noted above, contact Yahoo if
> > >> their Remember Password doesn't work. *Usually the data they ask for
> > >> cannot be changed in the account, like your birthdate, but some use
> > >> data that a hacker can change so the Remember Password mechanism won't
> > >> work. At that point, contact Yahoo to get them to close the account
> > >> but be ready to provide some details to show you used to own the
> > >> account.
>
> > >> If your friend can't get her old and now abandoned Yahoo account
> > >> closed then she has to go informing everyone that she has a new e-mail
> > >> address (and to block e-mails from her old e-mail address, especially
> > >> if she uploaded or managed her contacts in the address book up in her
> > >> account on the mail server).
>
> > >>http://help.yahoo.com/kb/index?local...y=PROD_ACCT&id
> > >> =SLN2044
>
> > >>https://io.help.yahoo.com/contact/in...OD_ACCT&page=c
> > >> ontact Product = Yahoo! Account
> > >> Category = Register or delete account
> > >> Subcategory = Unable to delete an individual account
> > >> Add a description:
> > >> * Example: Hacker changed my password. *Cannot login to close account.
> > >> Click the "Email Now" link.
>
> > > Thanks. I forwarded all that information to her and she has informed me
> > > that she was able to delete the account. It will be final in 90 days.
>
> > With Hotmail, after closing an account, you can reactivate it within 90
> > days by logging in again. *Thereafter they delete say they will delete
> > the account but I've seen supposedly closed accounts survive longer.
>
> > Yahoo is different, as I recall. *Once you close an account, it is
> > *immediately* deleted. *You cannot reactivate it by re-logging in. *When
> > you close your Yahoo account, you won't be able to ever log into again.
> > I once cancelled a Yahoo account and less than a week later decided that
> > I'd like it back but no go as the login failed and the account didn't
> > exist anymore. *I couldn't create a new account with the old name since
> > they keep that on record for something like 3 years after which I
> > managed to revive an account under that old name.
>
> > In Gmail, closing an account is immediate, too, but they keep the
> > username on record forever. *They claim that the deleted usernames go
> > back into the name pool but I've been trying for 4 years to reestablish
> > an old account at Gmail using my old name. *It's not assigned to anyone;
> > else. *SMTP testing to login and specify my old e-mail address in the
> > RCPT-TO command would not return an error if the account existed (since
> > that's the handshaking needed to an SMTP server to deliver e-mail to the
> > specified username at the target domain), so it doesn't exist but I
> > cannot create a new account with that old still-recorded deleted
> > username.
>
> > So, for the Yahoo account, if she's closed the account, there's no
> > waiting 90 days for actual account deletion. *It's gone NOW.
>
> > > As an aside, I have had a Yahoo account for several years but I have only
> > > used it enough to keep it active. My password is a fairly common 6 letter
> > > word. I will change that immediately! I hope I'm smart enough to record
> > > what I changed it to somewhere where I can find it if the need comes up.
>
> > I have 1 old Yahoo account and 6 old Hotmail accounts that I still want
> > to keep (so others can't use my name as their username). *These are free
> > accounts. *If you don't login then the idle account eventually gets
> > auto-deleted. *I changed the region to Asia for my Yahoo account, an old
> > trick, so I can enable POP. *Hotmail added POP access a couple years
> > ago. *So I have my Gmail account poll via POP those old Yahoo and
> > Hotmail accounts to keep them alive.
>
> > I use Gmail because its inbound spam filtering is excellent. *So you
> > have the spam filter at Yahoo and Hotmail with e-mails getting yanked to
> > the Gmail account which also applies its spam filter. *Chaining Gmail
> > into the e-mail chain is some folks employ a server-side spam filtering
> > scheme rather than adding more software on their computers. *My rules
> > look for e-mails not addressed to me based on which account they come
> > through. *Since all those Yahoo and Hotmail e-mails, of which there are
> > extremely few in an entire year, aren't to my Gmail address, my Gmail
> > "not sent to me" rule for my Gmail account will Junk all those other-
> > account e-mails.
>
> > Gmail will let you poll via POP up to 5 other accounts. *If you have
> > more than than, create another Gmail account and have it poll another 5
> > accounts - but alter the first Gmail account so its last (5th) other-
> > account that it polls is your 2nd Gmail account. *So you can chain
> > together a bunch of Gmail accounts together with each polling up to 4
> > other POP accounts (with the last one in the chain capable of polling up
> > to 5 other accounts).
>
> > Since they are idle accounts, I configured the Hotmail accounts for
> > "exclusive" access. *That means no one except senders listed in my
> > contacts list or Safe Senders list will get their e-mails into my Inbox..
> > All other e-mails are immediately discarded upon delivery. *Yahoo
> > doesn't have a similar feature so I used 2 rules: one looks for an long
> > oddball string in the Subject header followed by another that looks for
> > the absense of that long oddball string. *Both rules delete an e-mail
> > that matches. *So if an e-mail doesn't have the string then it's deleted
> > and if does have the string then it's also deleted. *Whenever I choose
> > to use those keep-alive accounts, I'll just reconfigure to not be
> > exclusive mode or delete the paired exclusion rules.
>
> I hate to tell you but if you don't use your real name with Gmail,
> then you will never be able to close and then reactivate a deleted
> account w/the login name.


Why would that happen, you idiot?



>
> I have seen countless friends of mine


You have no friends



> use login credentials with gmail
> that are easily found.



Stalk much?


>They "tell" you never to use your real name but
> that is just plain bull****. alias are so common these days that it's
> not worth using them anymore.
>

So why do you continue to use them to avoid killfiles and authorities?


> BTW, with the fact that the Facebook Login method is picking up steam,
> i expect by the middle of 2012 that most of the major web mail
> services(HM, Gmail and Yahoo) will have converted to using your real
> info to login.


Wow, you really are a goddamn moron.
>
> HTH.