Something strange is happening with my wife's mail account (on Detroit). She sends a message to a friend. The next day she receives spam email using that same subject line. This has happened several times with email going to different people with different subject lines. The next day she receives spam using the same subject line as yesterday's outgoing mail. My wife has Norton Anti-Virus, up to date and enabled. I ran Adware and SpyBot and found nothing unusual on her computer.

Does anyone have an idea what is happening?

It seems like your wife have some spyware on the computer that steals the subject line and/or other personal information.

Its very common for spam companys to use spyware to get ahold of personal information to send out spam that doesnt get picked up by a spam filter.

You know, I just got something like this as well. I will investigate further.

billofwrites, is the other friend of your wife's email address on detroit as well?

Regards,
Rob

No, these are addresses are external to Detroit.

Erik, I checked for spyware and didn't find any.

Is this happening often? Can you forward me one of the emails? (rob@acunett.com)

Thanks,
Rob

Not often. About four times in the past week. It is just so wierd and sort of alarming when it happens. Unfortunately, my efficient wife has already deleted them. We'll save the next specimen, doctor, for your inspection. Thanks for asking.

Can you ask the person you sent the email to, to check for spyware as well?.

I was looking up at the logs at work today to see if we have had any similar problem with the email server. Didnt find any answeres though :/.

But I found some articles about exchange and other email servers could possible have been silently hijacked by some sort of spy/spamware, that duplicates emails.

Thank you Erik, I will check on possible spyware the people who sent us the emails. I didn't think of that.

billofwrites: try using a different email program and see if that doesn't help.

you can use pegasus for free.

second...go get copies of spybot, ad-aware, hijack this, and cws shredder.

reboot your pc into safe mode by tapping F8 once the post screen goes away.

then run spybot in safe mode. then run ad-aware, and finally run hijack this followed by cws shredder.

hijack this is a tool for very tech savvy people. so be careful. you can do serious harm to your system.

then before you reboot again, right click on your IE icon and select properties.

then choose to delete all internet files and raise the security level of your browser.

finally, if all of that comes back to nothing...then what you may wind up having to do is wipe out your hard disk and start from scratch.

hope that helps you

That is a Texas-sized solution, imbored! An array of shock and awe sure to repel the attack. But I'll have to wait until the weekend to find time to do this. Thanks for the instructions.

That is a Texas-sized solution, imbored!

to say the least, I have seen this before (e.g., NetSky) but not on YOUR computer.

If there are several "unprotected" friends...then all of their computers can be infected since they infected one another.

The result is that you (as a third party or a friend: who is protected) gets hit with every new batch (sent through the "network") using subject lines/email addys/even web sites from their computers. This includes emails you have sent to them.

So there is little you need to do on your box....but use the email headers to see the orgin of the "nasty" and if you know someone who lives out there ask them to scan their computer.

I have had the same situation all summer...and after sometime we figured out who we all knew in common that lived in coatsville....and sure enough they had been spewing this stuff!

red

Because this happens infrequently (and for the reasons he mentions), I believe Service4 probably has the correct assessment of our situation. Thanks.

service4 brings up a good point.

the problem is that there is so much junk out there that can infest win pcs that you can never tell with 100% accurancy if something that is whacko is happening only on your pc or on a friend's pc or some stranger's living in norway (no slight meant to our norwegian friends).

but you should run ad-aware and spybot regularly on your pc to make sure that malware isn't residing on your pc.

it'll hinder your performance and judging by what i was reading yesterday, it will also create problems with installing winxp sp2.

I was wondering if this was fanatasy or is there a real program out there that can steal someones inbox?There is a dinner riding on this.

You're on the right track Erik. It's more likely that the machine of one of the people she sent the email to is infected with a spambot. It can scan new messages, or all their messages and send new messages that are more likely to get past spam blockers. If the "cloned" messages have an attachment, it's probably a copy of the spambot installer.

Phil