email spam? has my name and contacts - not from my email address

[beener7]

Today some of my contacts received an email with my name in the subject line, my name in the body of the email and my name in the email address area. The actual email address it was sent from is NOT my email address and I have never seen it before.

 

The body said:

 

Have you seen this http://buddhismaudiobook.com/make.phpbefore? Oprah had been using it for over a year!

 

Jim Sanok

 

One of the receipients sent me the internet header properties. My computer was heavily infected about 8 weeks ago but is now clear and nicely protected. Please look at the internet header properties and let me know if I have anything to be worried about. How can this happen?

 

Thank you!

 

Received: from CDBMBCP05.corp.zoetis.com (172.24.10.26) by
CDBMBCP01.corp.zoetis.com (172.24.10.10) with Microsoft SMTP Server (TLS) id
15.0.775.38 via Mailbox Transport; Fri, 29 May 2015 17:39:21 -0500
Received: from kzdzf202.corp.zoetis.com (192.168.138.182) by
CDBMBCP05.corp.zoetis.com (172.24.10.87) with Microsoft SMTP Server (TLS) id
15.0.775.38; Fri, 29 May 2015 17:39:21 -0500
Received: by kzdzf202.corp.zoetis.com (Postfix, from userid 600) id
3lz1B94fBMz3BGQ6; Fri, 29 May 2015 22:42:28 +0000 (UTC)
Received: from AAAIBEV01.800onemail.com (unknown [10.6.81.198]) (using TLSv1
with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate
requested) by kzdzf202.corp.zoetis.com (Postfix) with ESMTPS id
3lz19r6Bcsz3BGQ0 for <***chomp***>; Fri, 29 May 2015 22:42:24
+0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=800onemail.com; s=efw;
h=Content-Type:MIME-Version:To:Subject:From:Date:Message-ID; bh=zWe/ooQT4CEwcBNsLqdelpvNHOgQ215qHRdfw2X2+M4=;
b=GXkVi8ATmmLjYnXOdFx89Vbp5sPpnI2NZ9rH5J2KABLeqWegA/VMVCmpQ5DSPbhvhYypGECwSALqN2nuLnQDK+onE2LKda4BcqfjOdUNtKWpLuFpO4cNctdUf3bVcaBALH2rLc0szkdOpt5apwztm8mf601nd92PkfPfmo5ajbo=;
Received: from [192.168.162.142] (helo=cx282-n02.800onemail.com) by
AAAIBEV01.800onemail.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.72)
(envelope-from <spam.ndr@ndr.800onemail.com>) id 1YySvf-0007GF-4R for
***chomp***; Fri, 29 May 2015 18:39:03 -0400
Received: from AAACCEV01.800onemail.com ([192.168.162.175]) by
cx282-n02.800onemail.com (8.13.8/8.13.8) with ESMTP id t4TMd3dv022105 for
<***chomp***>; Fri, 29 May 2015 18:39:03 -0400
Received: from localhost.localdomain (localhost [127.0.0.1]) by
AAACCEV01.800onemail.com (Postfix) with ESMTP id 09D04BFC00 for
<***chomp***>; Fri, 29 May 2015 18:39:03 -0400 (EDT)
Received: from epdmail.epdmail.engr.wisc.edu (unverified [144.92.225.225]) by
CX262.800onemail.com  (Vircom SMTPRS 5.61.102.18050/10713) with ESMTP id
<B0180362122@CX262.800onemail.com> for <***chomp***>;  Thu, 28
May 2015 10:27:23 -0400
Received-SPF: none (CX262.800onemail.com: domain of ***chomp***
does not designate any permitted senders)
X-Modus-BlackList: 144.92.225.225=OK;***chomp***=OK
X-Modus-RBL: 144.92.225.225=OK
X-Modus-Trusted: 144.92.225.225=NO
X-Modus-Audit: FALSE;0;0;0
Received: from [123.110.186.204] (account ***chomp*** HELO
epdmail.engr.wisc.edu)  by epdmail.engr.wisc.edu (CommuniGate Pro SMTP
6.0.11)  with ESMTPA id 536288; Thu, 28 May 2015 09:22:21 -0500
X-Mailer: YahooMailIosMobile/0.0 YahooMailWebService/0.8.203.740
Message-ID: <7212d80e4744$33f13f27$bc300b1a$@epd.engr.wisc.edu>
Date: Thu, 28 May 2015 03:22:10 +0000
From: Jim Sanok <***chomp***>
Subject: From: Jim Sanok
To: ***bigchomp***>
MIME-Version: 1.0
Content-Type: text/html; charset="us-ascii"
Return-Path: spam.ndr@ndr.800onemail.com
X-MS-Exchange-Organization-Network-Message-Id: 9f35001b-446f-46e3-f2f4-08d268777084
X-MS-Exchange-Organization-AVStamp-Mailbox: SMEXutTf;1169700;0;This mail has
been scanned by Trend Micro ScanMail for Microsoft Exchange;
X-MS-Exchange-Organization-SCL: 0
X-MS-Exchange-Organization-AuthSource: CDBMBCP05.corp.zoetis.com
X-MS-Exchange-Organization-AuthAs: Anonymous

Edited May 29, 2015 by gonzo
Sanitized private email addresses so you don't make any unwanted friends

[daledoc1]

Hi:
 

Today some of my contacts received an email with my name in the subject line, my name in the body of the email and my name in the email address area. The actual email address it was sent from is NOT my email address and I have never seen it before.

Your email account has been hacked.
You don't say whether this is an ISP account, webmail, or other, but you'll need to change your passwords & other security credentials for that account from a clean computer (or consider closing it altogether and creating a new account with new, stronger password protection).
 

<snip>
My computer was heavily infected about 8 weeks ago but is now clear and nicely protected.
<snip>

Actually, if this is the same computer as the one that was reported >>here<<, it looks as if your topic was closed because you stopped replying to your helper before you were given the "all clear"??
 
In any event, your email account's having been hacked doesn't necessarily mean that your computer is infected.
However, as your last round of malware removal was incomplete, I suggest that you might want to please follow the advice in this pinned topic: Available Assistance For Possibly Infected Computers.
It explains the options for free, expert help >>AND<< the suggested, preliminary steps to expedite the process.
A malware analyst will assist you with looking into your issue - the helper will guide you through scanning & cleanup, if needed.
The helper can also assist with recommendations to harden your computer security and computing practices to help prevent this from happening again.

Thanks,

[gonzo]

Answering a question from @daledoc1:

 

I removed email addresses shown throughout the email because several people's email addresses were listed.  His account (the sender) was on an .edu account, while recipients were across the board domain-wise.