Someone - Somehow got my email password for my Hosting account "my web-host one domain 3 sub-domains"

They used one off my email accounts on my hosting companies server to send 150 emails using my password from a remote location using email software.

For the life of me I cannot figure how they did this I only use one PC to log into my account. I am almost 99% positive it's clean.

I think I logged in once with my sons PC into one of my Joomla websites 4 weeks ago "its loaded with junk "think that could be it"?


Guess my question will be any ideas on how or how to avoid this again....


I use strong passwords...Firefox-with noscript...Thunderbird...all anti-virus and OS is updated regularly...haven't had any junk on this PC in years....

Was thinking of adding software firewall but been fine for years without one. Only using XP pro's "i know its only incoming detection" Use to use zonealarm many years ago but had nightmares with there upgrades....


Anything maybe i am missing ?

thanks in advance-hope this makes sense...

Was thinking of adding software firewall but been fine for years without one. Only using XP pro's

That's a contradictory statement. XP's firewall is a firewall. So if you have been running with XP's firewall enabled, then you have not been running for years without one. If you did disable XP's firewall and you did not install an alternative, you need to get one going NOW. You need to run a software based firewall on all your computers.

Only using XP pro's "i know its only incoming detection"

That's not a problem if you otherwise keep your system updated, patched, scanned and blocked. In order for malicious code to even attempt outgoing access, it would have had to make it past all your incoming security defenses. All the hype about XP's FW being inferior because it only blocked unauthorized incoming access attempts was just that, hype - perpetrated by MS bashers and the biased IT media, and fueled by 3rd party firewall makers like ZoneAlarm.

For the life of me I cannot figure how they did this I only use one PC to log into my account. I am almost 99% positive it's clean.

I think I logged in once with my sons PC into one of my Joomla websites 4 weeks ago "its loaded with junk "think that could be it"?

Well, if your son's system has been compromised, that could certainly be it. Do note that one of the first places malicious code tries to disseminate to is local networked computers - that is, the other computers on your network.

As far as preventing this from recurring, I assume first you have changed all your passwords and you don't keep them written on a sticky note attached to your monitor. Then you might want check out my sticky, Practicing Safe Computing.

Yes I guess I should've said " should I use another software firewall other than xp"

We do share music folder have to look into that ! Sometimes we slip up

I know sons pc just got the fake antivirus problem recently maybe it was that. Thanks again ill look over your link to refresh my mind been out of the game for awhile.

Best way to block network computers that are infected?

Thankd

Best way to block network computers that are infected?

Disconnect them from the network. If you know they are infected, you should be getting them clean before those computers are used again.

And not to infected ones

For future to keep it safe if another one gets infected and tries to access none infected.


Ok we can rule out sons infected PC. I just received another message that my email quota was reached. Someone or something logged into my hosting comp. email account and sent another 150 emails after I changed all the passwords 2 days ago.....

any suggestions?


OK just talked to my hosting account and they said one email was bounced off a server which I recognized...It is a facebook business page that I "liked"....tracking this down but not really sure what to do...I am going to try and contact that bounces support...I also have a business page for the account there getting my password for...

thanks