Google Answers Logo
View Question
 
Q: Tracing source of harassing e-mail. ( Answered,   0 Comments )
Question  
Subject: Tracing source of harassing e-mail.
Category: Computers > Security
Asked by: mema-ga
List Price: $15.00
Posted: 15 Sep 2003 04:36 PDT
Expires: 15 Oct 2003 04:36 PDT
Question ID: 255992
Someone is sending harassing  e-mail to me and contacts from my
address book suing bogus accounts using my identity. How can I track
down who is doing this?
Answer  
Subject: Re: Tracing source of harassing e-mail.
Answered By: missy-ga on 15 Sep 2003 05:53 PDT
 
Hello mema,

Are you quite certain it's a "someone" and not a "something"?  You
*could* be infected with the Klez worm:

"The virus e-mails itself from infected machines using a bogus "From"
address randomly plucked from all e-mail addresses stored on an
infected computer's hard drive or network."

Klez: Don't Believe 'From' Line - Michelle Delio
Wired News - 
http://www.wired.com/news/technology/0,1282,52174-2,00.html

See also:

Klez Worm, Not Sender, Hates You 
http://www.wired.com/news/technology/0,1282,52055,00.html

Though the worm was at its peak last Spring, it hasn't been thoroughly
eradicated and still pops up quite commonly.  Those infected often
complain of exactly what you're experiencing.

To see if you have Klez (and to get rid of it), go here:

SpyBot S&D
http://security.kolla.de

Download and run SpyBot Search and Destroy, Patrick Kolla's nifty
utility to get rid of Trojans, Hijackers and Spyware from any Windows
machine.  If you are infected with Klez, SpyBot S&D will find it and
get rid of it (and, happily, any other assorted nasties you have
lurking about).

If you *don't* have Klez, then you do indeed have a more serious
problem to deal with, and you'll need a quick lesson in reading
headers.

First, turn on Full Headers in your e-mail client.  If you don't know
how to do this, just tell me what you're using for e-mail (Outlook
Express, Eudora, etc.) and I'll be happy to give you the instructions
specific to your e-mail client.

Next, register for a free spam reporting/header reading account at
Julian Haight's SpamCop:

SpamCop 
http://spamcop.net/anonsignup.shtml

You can use this service to report spam and have abuse reports filed
on your behalf, or just to trace headers to send your own abuse
notifications.  Basic spam reporting/header tracing is free.

All signed up?  Full headers on?  Good.  Copy and paste the full
headers from one of the offending e-mails into the box, click submit,
and you'll be shown a line by line breakdown of where the e-mail has
come from, concluding with an abuse address.

You won't be given the sender's identity, but you will be given his
ISP's abuse department, to which you can forward a copy of the
offending e-mail (with full headers) and request that they discipline
their user.  (They won't give you his identity without a court order -
the privacy clauses in most Terms of Service prohibit the sharing of
such information - but they will usually cut off his account.)

For a quick visual explanation of how to read e-mail headers, have a
look at the great visual explanation given by MaximumPC magazine in
January of this year:

http://www.darkfriends.net/princessmoo/extras/maxPC.jpg 

You can also learn about headers in a more detailed fashion here:

Reading Email Headers  
http://www.stopspam.org/email/headers/headers.html  

I hope you find this helpful!  If anything is unclear or you need help
either getting your full headers to display or would like help reading
the headers yourself, please don't hesitate to ask for clarification. 
I'll be glad to assist you.

--Missy

Search terms:  [ klez ], [ read headers ] and personal knowledge.
Comments  
There are no comments at this time.

Important Disclaimer: Answers and comments provided on Google Answers are general information, and are not intended to substitute for informed professional medical, psychiatric, psychological, tax, legal, investment, accounting, or other professional advice. Google does not endorse, and expressly disclaims liability for any product, manufacturer, distributor, service or service provider mentioned or any opinion expressed in answers or comments. Please read carefully the Google Answers Terms of Service.

If you feel that you have found inappropriate content, please let us know by emailing us at answers-support@google.com with the question ID listed above. Thank you.
Search Google Answers for
Google Answers  


Google Home - Answers FAQ - Terms of Service - Privacy Policy