Helping people with computers... one answer at a time.

When a friend's email account is hacked, it is likely that the spammers have stolen and kept the contact list. This will increase the amount of spam you get.

It seems that whenever I get an email from one particular friend, that my spam increases and also gets into my inbox. Is it possible that an increase in spam is coming from one person's email or a person who isn't good with security? Because she had problems in the past where her contact list was sent out with things like Viagra, I asked her not to email me. I even tried to get her a disposable email, but she didn't want to do that. She told me that her daughter had fixed her security problem. Now I'm getting probably legitimate forwards from her, but it seems like even after these forwards, I'm getting more spam and now more spam in my inbox as well.

In this excerpt from Answercast #40, I look at the problem of spam, compromised contact lists, and email spoofing.

Spam from a friend

The short answer is yes.

It's very possible that you're getting more spam and yes, it's very possible that you're getting more spam because your friend's email account had been hacked at some point.

Here's what is the most likely scenario.

  • At some point, your friend's email account was hacked.

  • The hacker had full access to their account;

  • That's when they started sending out emails from this person. Emails that looked like they were from them (because they were actually using this person's email account) to send you spam emails for things like Viagra.

The spammers kept the contact list

Now, while they had access to that account, they could have – and they may have – exported that person's contact list:

  • So, they made a copy (probably on their local machine) of all of the email addresses that were in that person's contact list when the account was hacked.

So later, that person (or in this particular case that person's daughter) came along and regained access and protected that email account once again.

So the hacker no longer had access to that email account. But they saved a copy of the address book. The address book is a known list of valid email addresses; email addresses at which there are real people.

That's something very valuable to a hacker, to a spammer. So, they take that list and what do they do?

  • They spam it some more.

Email spoofing

In fact, because they know the email address of your friend, even though they no longer have access to your friend's account, they can still make their spam look like it came from your friend.

"From spoofing" is what it's called. What that means is they set the "from" address on an email to be whatever they want.

Since they know that you have a relationship with this friend, because your email address was in their address book, they believe that you are more likely to open up email if it comes from your friend.

  • So, they make it look like it does.

  • And they send you more.

The damage is done

There's really no good solution for this. The damage has been done.

Asking your friend to stop emailing you won't help!

  • The problem is: all you're doing is telling the spammer to stop emailing you – and guess what, they don't care!

  • In fact, the fact that you've replied to them at all might mean that they say, "Hey, we've got ourselves a live one. Let's send her even more spam."

Use your spam identification tools

So the thing to do is to simply pick and choose when you get email from this friend:

  • If it is spam email, mark it as spam.

  • If it is not, make sure that it's not marked as spam.

In other words, if it's a real email from the real person and not one of the spammers trying to imitate this person, then make sure it's not marked as spam. In fact, if it's in your Spam folder, and it looks like it was a real email from the real person, you might want to take the trouble of marking as "not spam" there as well.

But those are really the only options at this point.

Like I said, the damage has been done. Your email address was added to the spammer's list of email addresses (that it knows are valid) and as a result, you end up with more spam.

Article C5653 - August 2, 2012 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to to ask your question.