01-07-2011 05:56 PM
Yesterday at 2 PM my Gmail account that is attached to my phone (curve 8330O) sent out around 50 spam emails to random addresses (none that were in my address book and all began with the letter A). Within minutes I got around 30 'bounce back' delivery failure notifications.
Later that evening when I logged onto my Gmail account via my laptop, my email account had been suspended due to suspicious activity and once I had it turned on again, I changed my password. A bit later my email alert on my BlackBerry sounded and it was a message from BB that my mail messages weren't being delivered to my device because I needed to validate my password, so I did that.
At first the help I received seemed to think that I may have inadvertently clicked a link on my phone while reading an email and given someone access to my password. I had only accessed a few regular websites on my BlackBerry (news, weather), but I did update my Twitter for BlackBerry app via App World yesterday morning.
I thought things were fine since I had changed my password and that seemed like a logical explanation, but it happened again today. At the exact same time as yesterday, 2 PM, my phone sent out around 50 spam emails to random A-letter email addresses not in my contacts. As soon as the bounce back delivery failure notifications started coming through on my BlackBerry, I logged onto my Gmail account through my laptop and got the message that Gmail had detected that my account had been accessed from NY and I needed to change my password again ASAP, so I did. I have not validated this password change on my phone yet, though, because that seems to be how they are getting my password, maybe?
I know this is definitely phone related and not PC related malware as someone somewhere else suggested to me yesterday because today Gmail provided me with info of the person in NY accessing my account:
Under Access Type it said Mobile and then for location, IP, and date it showed:
United States (NY) (ubiquityservers.com:184.108.40.206) Jan 7
Does anyone have any ideas on what I need to do to fix this? I'm getting so many mixed messages from everyone. People have told me that BB's can't get viruses, others have told me theirs got a virus and they now have spyware detection on their phones, a friend that used to work for AT&T said that he doubted taking my phone to the Verizon store would do any good because it's all related to my email, and another friend told me that she'll do a factory restore when her phone acts up. This is my first BlackBerry and I've had it for over a year with no problems at all. I'm just so frustrated because I don't recall clicking on anything in any emails I got yesterday nor did I receive any suspicious emails.
01-07-2011 06:05 PM
1. It wasn't your BlackBerry sending the spam emails. It was someone else device or account spoofing your email address. I don't know if they were using a mobile device or a PC, heck they could have been using an iPad or Laptop at a coffeeshop in Timbuktu. The BlackBerry is not the issue.
2. Change your Gmail password for security. HOWEVER, that might not even matter, as they very very likely are not accessing your Gmail account, they are only using your active email address as the "send from" account. There are email spoofing services that do that. If you wanted, you could even go send an email right now from "email@example.com" if you wanted, (although I wouldn't recommend it) just because on those email spoofing sites, you can use whatever "from:" address you want.
3. Your BlackBerry does not have a virus or malware. That's settled. There has never been a virus that has infected a BlackBerry. Maybe one day, not yet, and your's was not the first, believe me.
The same thing happened me a year ago on an old AOL account I had. It's just email spoofing, very common.
PIN: C0001B7B4 Display/Scan Bar Code
PIN: C0005A9AA Display/Scan Bar Code
01-23-2011 10:01 AM
ok, i am having the same problem. However, i have not had my gmail account suspended YET!
I just suddenly got a bunch of bounce bac emails saying that my message was not deliered to a bunch of random addresses that all had "coco" in them. I know none of those addresses. So I went to my gmail account and cheked the details of my account usage and seen that my account had been accessed from an IP in the USA and also from a mobile device. So I did a whois on the IP and it turned out to be a RIM IP. This is what makes me think its coming from my BB. Here is a copy/paste of the whois info...
# Query terms are ambiguous. The query is assumed to be:
# "n 220.127.116.11"
# Use "?" to get help.
# The following results may also be obtained via:
NetRange: 18.104.22.168 - 22.214.171.124
NetType: Direct Assignment
OrgName: Research In Motion Limited
Address: 295 Phillip Street
|IP Information - 126.96.36.199|
03-01-2011 03:06 AM
I have similar problem - yesterday at around 4.45pm a spam marketing email was sent from my blackberry to everyone in my address book.
The device is synced to 2 gmail accounts and had the facebook app installed. Otherwise it has only been used for web browsing and playing the pre-packaged games. I keep bluetooth disabled.
The reason I believe the mail was sent from the blackberry is that it appears in the sent items on the device. Neither gmail account shows any evidence of the mail until the replies started coming in.
I'm open to suggestions as to what actually happened but it looks to me like a virus or some dodgy interaction between apps. I definitely didn't send the email myself. The spoofed address explanation doesn't explain why the mail appears in the sent items.
I can't afford to have the same problem occur again so I've reset the device and am not going to install any third party apps this time. I have also stopped my contacts from syncing so my address book on the blackberry is empty - this is a pain but I'd rather live with that for the timebeing.
Any suggestions on what happened or how to prevent a repeat are much appreciated!
06-20-2011 11:50 AM - edited 06-20-2011 02:48 PM
So I found this thread by searching Blackberry.com for a problem that our GM is having with his BB. Last week, our system was inundated with a bunch of spam originating from a BB ip address, using SMTP authentication, to send a pile of spam.
The GM was in northern Canada, out of service range, and could not use his phone, though he had it with him. We changed the password to the e-mail account, and that solved the spam problem.
When he got back, we decided to do some testing. We updated the mail password on the phone, and within 10 minutes, the RIM servers were again sending spam using his account. We changed the password on the local mail account again, and the spamming stopped.
I have not yet contacted RIM, which is on my list, however futile that call may be. However, I wanted to add to this conversation, and clarify that it is not the BB device itself that is hacked, it's RIMs servers, at least in this case.
EDIT: Got in touch with RIM via Verizon. Very helpful reps, they actually listened to my evidence. I may be changing my atitude toward RIM now. I'll update with more info.
07-09-2011 06:25 AM
OK, I am a certified Computer Electronics Specialist and I know a little about whether or not the phone is sending out spam or not by viewing the message header in the spam email that my account sent via my Blackberry Torch.
1) My Blackberry Torch definitely sent the spam email using my AOL account.
2) RIM presently has not acknowledged the problem anywhere on the internet.
3) My email account WAS NOT HACKED, but the BLACKBERRY TORCH was hacked via wireless and sent spam to everyone in my AOL address book.
4) If RIM doesn't step up to the plate soon, there will be no more Blackberry.
If anyone out there knows what needs to be done in regards to protecting the Blackberry's wireless connection features, please let me know. Please don't waste my or other's time by saying "It's the email account" -you have no clue.
07-09-2011 06:56 AM
If anyone out there knows what needs to be done in regards to protecting the Blackberry's wireless connection features, please let me know.
Change your password on the mail account.
Please don't waste my or other's time by saying "It's the email account" -you have no clue.
Please don't be insulting. If you don't want users here responding to your post, remember this is a public forum. Expect responses whether or not they fit your restrictions.
Unless you can show specific malware on your handheld device, it's not the device. And if it were, you'd be the first document case of such.
PIN: C0001B7B4 Display/Scan Bar Code
PIN: C0005A9AA Display/Scan Bar Code
01-21-2012 01:04 PM
I keep seeing from the experienced posters that the Blackberry phones do not get hacked and it is usually something else. What i have been unable to figure out is this. If my computers are all off but my Blackberry is on, and a spam email is sent out only to people in my outlook/blackberry address book, how could it not be my phone?
01-21-2012 02:22 PM
It's not just you. My Blackberry Torch has been successfully used to SPIM my Facebook account (so I removed Facebook), hack my Gmail account, AOL account, and Hotmail account (each sending out spam via my phone - which is easily determined by the header of the emails and the time of day that ), and caused some grief that can only be stopped by not signing in to the email accounts in question.
Please don't take my previous remarks as antagonism - they're not. Unfortunately, I still see no workaround as to the cause of the hack and how to prevent it. I'm able to easily determine this by the time and date that I sign into each account. In a way, it is my own fault because I wasn't signing out of each account after use, basically leaving the Torch signed in. You literally MUST sign out of each account after use, and get rid of Facebook until the issue is at the very least acknowledged.
For each account you use, you are statically signed in and subject to manipulation wirelessly by a 3rd party unless you physically sign out of each account after use.
Make no mistake about it, Bob - it's the phone (or security of its operating system), and many are still not up to the point of admission. Hang in there, and keep an eye out for the pros to find, subsequently admit, then repair the issue. Until then, any app that requires sign-in should be signed out. Wish I could be of more assistance!