Loading ...
Sorry, an error occurred while loading the content.

spam from Y-Mail came from android phone

Expand Messages
  • mapsurfer
    Ok there is some app on my Samsung Note 2 that generated spam to my Yahoo contacts, a 1-liner with an infected link. The only place where the account is
    Message 1 of 3 , Jul 18, 2013
    • 0 Attachment
      Ok there is some app on my Samsung Note 2 that generated spam to my Yahoo contacts, a 1-liner with an infected link. The only place where the account is exposed is in the Samsung @Mail app (white evelope with red @ symbol) the only app to have my SMTP passwords for incoming/outgoing. Also I notice sCloudStarter running with is highly suspect, but honestly could have been any rogue app on the device getting that data. Does anyone have any idea how find/fix the problem? It would be nice to have a mail client app that is not compromised by other apps. I have since, rooted the device and am whacking a bunch of apps, but I am not liking the Samsung bloatware so I am starting there.
      Any comments or suggestions appreciated.
    • lena_kiev
      ... Please post excerpt from full header of that spam via your account. An example from header of email sent via smtp.mail.yahoo.com: X-Rocket-Received: from
      Message 2 of 3 , Jul 18, 2013
      • 0 Attachment
        > From: <mapsurfer@...>
        > X-Yahoo-Post-IP: 98.251.189.240
        >
        > Ok there is some app on my Samsung Note 2 that generated spam to my
        > Yahoo contacts, a 1-liner with an infected link. The only place
        > where the account is exposed is in the Samsung @Mail app (white
        > evelope with red @ symbol) the only app to have my SMTP passwords
        > for incoming/outgoing.

        Please post excerpt from full header of that spam via your account.
        An example from header of email sent via smtp.mail.yahoo.com:

        X-Rocket-Received: from bedside.lena.kiev.ua (lena_kiev @ 94.244.56.76 with )
        by smtp116.mail.ir2.yahoo.com with SMTP; 09 Jul 2013 13:18:08 +0000 UTC

        Here I inserted blanks around @, please do the same.
        An example from header of email sent via the new webmail (fullfeatured):

        Received: from [94.244.56.76] by web121703.mail.ne1.yahoo.com via HTTP; Sun, 16 Jun 2013 07:04:28 PDT
        X-Mailer: YahooMailWebService/0.8.146.552

        Basic:

        Received: from [94.244.56.76] by web121701.mail.ne1.yahoo.com via HTTP; Sun, 16 Jun 2013 07:01:54 PDT
        X-Mailer: YahooMailClassic/170 YahooMailWebService/0.8.146.552

        Also, please post excerpt from full header of a honest email
        sent from that Samsung. I'm interested whether the spam was sent via
        SMTP or webmail, and from which IP-address - of the same ISP you use
        or unrelated.

        Also: is that separate mailbox for that Samsung, other than "mapsurfer"?
        Did you ever enter that password in Windows or Mac?
      • Mayaranger
        The only time my Y-Mail was hijacked was after using the Y-Mail Android App to access the account. My mail spontaneously sent out a link to my contacts. I
        Message 3 of 3 , Jul 19, 2013
        • 0 Attachment
          The only time my Y-Mail was hijacked was after using the Y-Mail Android App to access the account. My mail spontaneously sent out a link to my contacts. I changed my password and that solved the problem. I will never access my Y-Mail on a smartphone or tablet again. I had always suspected the app and this discussion supports my suspicion.
        Your message has been successfully submitted and would be delivered to recipients shortly.