Helping people with computers... one answer at a time.
If your contacts are getting email from you that you didn't send, then it's very likely that your email account has been compromised.
Hi,somebody is sending emails to my contacts using my email address to which I haven't sent. How can this be? Have I been hacked into? I do have full internet security avg 9,could you please let me know what action to take if any as I find this quite worrying! I have changed my password so far, but that is all.
•
You should be worried.
I'm not sure that I'd say you've been "hacked into", but my guess is that your email account has indeed been compromised.
I'll look at what likely happened, why this isn't like other "Someone's sending from my email address!" kind of issues, and what steps you need to take next.
•
The big clue here is that email is being sent from you to contacts in your address book.
In the "old days", that typically meant that your computer had acquired a virus, and that virus was in turn accessing your PC's email program and systematically sending email to everyone in your contact list or address book.
While that's still a possibility - and you should absolutely make sure that your anti-malware tools are running and up to date - it's not nearly as common as it once was. Most email programs now carefully protect against unauthorized address book access.
What more likely occurred is that your email account has been compromised - meaning that you probably have an on-line email account, free or otherwise, that someone has gained access too. By virtue of doing so they now have access not only to your email, but to your address book as well. It's all too common these days to hear of folks whose accounts have been compromised only to have all their friends get inundated with spam, threats, malicious emails or messages that try to impersonate you and scam your contacts out of money.
How this happened is difficult to say. It could be anything from a weak password that's easy to guess, to your account credentials being sniffed in an open WiFi hotspot, to your simply having shared the account information with someone you should not have.
For all we know, it could also be a roommate walking up to your computer when you're not using it and sending messages right then and there.
(And for the record, last year there was a partial account compromise at one of the larger free email services - account credentials were stolen without the users having done anything wrong. Same result.)
I've talked before about email that appears to come from you, but in fact does not. This is different. Specifically:
-
Spam email is sent to random people you don't know, "spoofing" the From: address to make it look like it comes from you when it does not. There is almost nothing that can be done about this.
-
Email from stolen accounts is sent to people in your address book, and is not spoofed at all - it really is coming from your account. It's just not you sending it.
Changing your password is not enough.
Not even close.
As I've discussed before, changing your password is important, but it's not nearly enough. You also need to change any and all security related information associated with the stolen account. Why? Because the thief has access to all that too, and he can use that information to steal your account again. And again. And again.
The article Is changing my password enough? details the additional steps you must take if your account has been compromised.
Article C3992 - December 30, 2009 « »
Leo A. Notenboom has been playing with computers since he
was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed.
After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers
to common computer and technical questions. More about Leo.
January 3, 2013 1:40 PM
I am an 11 year old girl
I dont enter competitions or give my password out
But i think a website used my password for another website and changed it slightly to get this one
There is an option to send it to another enail address
So i sent it to my dad
He noticed he was sent a random email
From fox advertisement
Or something along the lines of that
Im scared!
I dont want to have to get a new email
The problem is:
I have soooo many contacts
I go on email mostly on my iPod
Maybe this darn thing has a virus
Ill have to keep checking this site
To see if u get a reply
Coz i cant access mu emails
February 23, 2013 4:32 PM
In my case I don't think the spammer is using my account to send the spam. I don't see any email in my send folder and if I read the headers correctly they are coming from an IP registered in Thailand. Each email goes to 9 of my contacts. Each email has a different link. The text of the email has hidden character strings before and after the link. The subject line contains my name. Some of the email don't have a link, just some of the HTML - looks like the email was malformed and missing the link. Any thoughts on what's happened or advice about what to do?
February 24, 2013 2:04 AM
@Brian
If the spammer isn't using your account and is spamming your contacts spoofing your email as a return address, there is not much you can do, as the spammers already have your contact list.
March 9, 2013 8:36 AM
ive been hacked into my email and its sending viruses to my contacts and me im actualy scared im 10 and i dont know what to do!!
April 11, 2013 11:25 AM
Someone has been sending emails under my name, but it's an email that is NOT even mine! What do I do?