Email account hacked

Category: Email

BodybyV
Asked:
2012-06-08 12:57 am EST

Hits: 1,069
one of our email accounts seems to have been hacked. every 60 seconds it sends out 10-20 emails from the contactus@bodybyvenus.com account. It appears to be using one of the pages on the site X-PHP-Script: www.bodybyvenus.com/catalog/tell_a_friend.php for 76.72.169.28

But I looked at the code it is unchanged -

HELP!!!!!


* Are you getting any error messages?
No, other than receiving the bounce message in the inbox every few seconds.

* When did the issue begin occurring and how can we replicate it?
a few days about - no cannot replicate - can't find our why its doing it

* What software are you using to build your site?

CRELoaded

----- Original Message ----- From: "Mail Delivery System"
To:
Sent: Thursday, June 07, 2012 9:36 PM
Subject: Mail delivery failed: returning message to sender


This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:

operations@bdbiman.com
SMTP error from remote mail server after RCPT TO::
host email.bdbiman.com [203.202.240.170]: 550 5.1.1 User unknown

------ This is a copy of the message, including all the headers. ------

Return-path:
Received: from bodyby9 by vps3966.inmotionhosting.com with local (Exim 4.69)
(envelope-from )
id 1ScqwH-0007EI-8B
for operations@bdbiman.com; Thu, 07 Jun 2012 21:36:45 -0700
To: "operations@bdbiman.com"
Subject: Your friend ##### HURRY #### Run Your Car On Water, Triple Your Mileage And Laugh At Rising Gas Prices... ######### has recommended this great product from www.bodybyvenus.com
X-PHP-Script: www.bodybyvenus.com/catalog/tell_a_friend.php for 76.72.169.28
From: "##### HURRY #### Run Your Car On Water, Triple Your Mileage And Laugh At Rising Gas Prices... #########"
MIME-Version: 1.0
X-Mailer: bodybyvenus.com
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Message-Id:
Date: Thu, 07 Jun 2012 21:36:45 -0700


Hi operations@bdbiman.com!Your friend, ##### HURRY #### Run Your Ca=
r On Water, Triple Your Mileage And Laugh At Rising Gas Prices... #########=
, thought that you would be interested in Caribbean Pirate Costume (CRO-130=
7) from www.bodybyvenus.com.#######################################=
#########################Hi!Aren`t you tired of payingmore =
and more for the same amount of gas?=3D=3D http://myls.me/r/?cn=3Dh=
hoWell, I have some GREAT news for you.Right now there is a=
method to use waterto save up to 67.34% of your fuel.That`s 1,=
000s of dollars in gas savings!=3D=3D http://myls.me/r/?cn=3Dhh=
oThe best part is that you can tripleyour mileage WHILE imp=
roving performanceand reducing smog.=3D=3D http://myls.me/r=
/?cn=3DhhoThank you!

You must login before you can ask a follow up question.

You must login before you can submit an answer.

Best answer chosen by User

0

Scott
Staff
15,308 Points
2012-06-08 9:56 am EST
Hello BodyByV,

There are a couple of things you can do. If your ecommerce program has the ability, you will want to add a captcha to any forms on your site. This prevents bots from using them to send spam. This may not be an available feature on your ecommerce, however.

Another thing you can do is to change the password for the email address in question, in case they are getting in directly.

Also, you can ban that IP address from contacting your site using the cpanel IP deny manager.

And finally, in case your email is being spoofed (means someone sends email from another location but using your email as a return address) you can add SPF records and Domain Keys to your account.

The logs do indicate that the email was sent from your server using the contact_us@ email address, so using these suggestions should resolve the issue.

I hope this answers your question. If you have any more questions or information specific to the issue please leave a comment below so we can further assist you.

Best regards,
Scott M

You must login before you can post a comment about this answer.

Like this Question?

Related Articles

It looks like there are no related articles.
Would you like to ask a question about this page? If so, click the button below!
Ask a Question

Need more Help?

Search

Ask the Community!

Get help with your questions from our community of like-minded hosting users and InMotion Hosting Staff.

Current Customers

Chat: Click to Chat Now E-mail: support@InMotionHosting.com
Call: 888-321-HOST (4678) Ticket: Submit a Support Ticket

Not a Customer?

Get web hosting from a company that is here to help. Sign up today!