General Question

GeorgeGee's avatar

I got a spam email from a friend's GMail account. Does this mean a virus?

Asked by GeorgeGee (4898 points ) November 8th, 2010

Her computer was turned off at the time and she was on an airplane. Does this mean her GMail account was hacked? Or can a virus on her computer be mimicking the email address and time stamp? Which is more likely?

Observing members: 0 Composing members: 0

6 Answers

marinelife's avatar

It sounds like a virus got into her email and got her address book.

robmandu's avatar

The from: address – and every other bit of an email’s message header – is easily spoofable.

To use yet another technical term, email works on the Honor System: it simply trusts whatever it gets.

So while it’s possible your friend’s PC is under virus siege, it’s very likely that someone rogue sent an email from a completely different source and simply inserted your friend’s email address into the from: field.

Andreas's avatar

@GeorgeGee Every now and then I get a returned email I never sent. So as @robmandu said, in these cases my email address was simply “borrowed”. It saves them getting a whole ton of spam, don’t you think? That wouldn’t do, would it!

anartist's avatar

it means a spambot has her email address and is using it. Whether that spambot can pick up your address when youopen it is something I don’t know, Obviously someone has @robmandu ‘s.

YARNLADY's avatar

Yes, and it’s even worse when they get into an account you no longer use, and don’t even know the password to go in and close it down.

phoebusg's avatar

As @robmandu said, email works on the honor system. So, anyone with an e-mail server or access to one over telnet can send an email appearing to be from any email address.

In gmail click on the triangle next to the reply button then show original. This will show the path of the email, where it originated, what servers carried it through. Compare this to an email with one from your friend to easily spot the differences. You’ll get used to viewing headers with practice :)

Now as to how… either using a weak browser injected with a script, any good old javascript could grab contacts after he logs in to his email and uploads them to a list on a server. Or he used his gmail ID to download contacts somewhere and they were sold by the service to a third party. Among other possibilities.

Answer this question

Login

or

Join

to answer.

This question is in the General Section. Responses must be helpful and on-topic.

Your answer will be saved while you login or join.

Have a question? Ask Fluther!

What do you know more about?
or
Knowledge Networking @ Fluther