6 responses to “Bounced Email Malware On The Loose

  1. Mal

    Hey Bill
    I’ve seen these before. Of course, I don’t open them and fortunately most of them go straight into the spam folder on delivery. On a slightly different note, one email worried me very much recently. It was very legitimate looking, and claimed to have got my details from a employment website that I am actually subscribed to. It claimed to have a position vacant, and asked me to send my resume to a reply address. Of course, being the suspicious/paranoid bloke that I am, I delved into the details. Turns out the email originated from Mexico!!. I live in Australia!! Email deleted.

    • Hey Mal,


      For those who fell for this, there’s a good chance it was “hasta la vista baby” to their identity. Glad you brought this up.



  2. hipockets

    Hey, Bill — I use Thunderbird 3.0.10 with the CloudmarkDesktopOne spam filter. It sends suspect emails to the “Spam” folder. Thunderbird’s internal filter is set to send spam that CloudmarkDesktopOne misses, such as “1 % Interest Rate” and “$500 per day”, to “Junk” . There is no option to send them to the Spam folder, which is good because of the following problem.

    I can delete the Trashed and Junked emails by clicking on “Empty Trash” or “Empty Junk”. But there is no “Empty Spam” option. To delete the spam, I highlight all of the spam by clicking on the top-most and bottom-most item in the spam folder and then deleting everything. The deleted items are sent to the Trash folder, which then has to be emptied.

    Clicking on the top-most and bottom-most items in Spam shows them in the preview pane, which, to me, is the same as opening the email.

    Any comments on the preceding paragraph?

    ‘Preciate you! Keep up the good work!


    • Hey Hipockets,

      Seems like an awkward way to have to complete a task. But, I have a suspicion it’s set up this way to accommodate the “community” aspect of the application.

      Given the overall quality of CloudmarkDesktopOne, (I tested the freeware version, last year), I have no doubt the Spam preview mode is safe. I’d like to be more technical in this response but, it’s been some time since I’ve run with this app.

      I wish I was getting a few 1 % Interest Rate, and $500 per day, offers. 🙂



  3. Hey Bill,
    I think your letter sender was talking about ‘Daemon’ of Yahoo. It seems my Yahoo account wasn’t hijacked because I could still access it on some browsers. But at other browsers, there’s always a strict SSL warning advising me not to proceed (to Yahoo). And when I safely access my Yahoo, most of my contacts are gone. Was that hijacking too?

    • Hey Poch,

      Not likely – a mailer daemon is not specific to Yahoo.

      The SSL warning you’re seeing (from your description), is browser dependent. Check your SSL security settings in each of your browsers, and enforce the same level of security in each. Better yet, check all security settings.

      If you’ve lost any contacts, that suggests that your account has been compromised. You should be aware that hijackers don’t always restrict your access to your account. In this way, it’s possible for hackers to continuously harvest new info from a hacked account..

      I suggest that you review all settings in all your accounts, paying particular attention to settings associated with Forwarding, POP/IMAP, and Filters (reset if necessary). Then, change the passwords to all your accounts.