On Tue 13 Oct 2015 at 22:21:08 -0400, Stephen Powell wrote: > On Tue, 13 Oct 2015 18:57:58 -0400 (EDT), Brian <a...@cityscape.co.uk> wrote: > > > > The comment was a general one and directed at all our readers. However, > > earlier you said "Someone discovered my password somehow". You have > > just demolished that guess as having no basis as a likely cause. > > Likely, no, but still possible. For example, when I update my web > pages, I use my ISP's FTP server. Suppose someone else on my ISP's subnet > has a network sniffer in promiscuous mode. The FTP server uses ordinary > unencrypted FTP. The userid and password are sent in clear text. I wish > they had an FTPS server, but the last time I checked, they didn't. I use > e-mail solely through a web-based e-mail client. When I login, I don't > know if the password is sent in clear text over the network or not. > > That being said, if my password was obtained in this manner, I don't have > much of a defense against it. If I change my password, they can get the > new one the same way as they got the old one. > > Another possibility is a malicious web site that I may have unknowingly > visited that managed to find a password in memory, a cookie, etc. So > despite all the precautions that I have taken, it is still possible for > a password to be "discovered". > > Having said that, it looks like someone else's credentials may have been > used, based on some other posts to this thread. But I am not an expert > in these matters. That's why I asked for help.
Your mails all have X-Authed-Username: emxpbnV4bWFuQHdvd3dheS5jb20= The one to aol.com has X-Authed-Username: dGhlY291Z2hpbmdjYW5hcnlAd293d2F5LmNvbQ== so did not come from your account. Someone has access (legitimately or not) to the second account and is sending mails with a forged envelope From. Your only recourse is to present the evidence to the ISP and let them deal with it.
