Helping people with computers... one answer at a time.
If your contacts are getting email from you that you didn't send, then it's very likely that your email account has been compromised.
Hi,somebody is sending emails to my contacts using my email address to which I haven't sent. How can this be? Have I been hacked into? I do have full internet security avg 9,could you please let me know what action to take if any as I find this quite worrying! I have changed my password so far, but that is all.
•
You should be worried.
I'm not sure that I'd say you've been "hacked into", but my guess is that your email account has indeed been compromised.
I'll look at what likely happened, why this isn't like other "Someone's sending from my email address!" kind of issues, and what steps you need to take next.
•
The big clue here is that email is being sent from you to contacts in your address book.
In the "old days", that typically meant that your computer had acquired a virus, and that virus was in turn accessing your PC's email program and systematically sending email to everyone in your contact list or address book.
While that's still a possibility - and you should absolutely make sure that your anti-malware tools are running and up to date - it's not nearly as common as it once was. Most email programs now carefully protect against unauthorized address book access.
What more likely occurred is that your email account has been compromised - meaning that you probably have an on-line email account, free or otherwise, that someone has gained access too. By virtue of doing so they now have access not only to your email, but to your address book as well. It's all too common these days to hear of folks whose accounts have been compromised only to have all their friends get inundated with spam, threats, malicious emails or messages that try to impersonate you and scam your contacts out of money.
How this happened is difficult to say. It could be anything from a weak password that's easy to guess, to your account credentials being sniffed in an open WiFi hotspot, to your simply having shared the account information with someone you should not have.
For all we know, it could also be a roommate walking up to your computer when you're not using it and sending messages right then and there.
(And for the record, last year there was a partial account compromise at one of the larger free email services - account credentials were stolen without the users having done anything wrong. Same result.)
I've talked before about email that appears to come from you, but in fact does not. This is different. Specifically:
-
Spam email is sent to random people you don't know, "spoofing" the From: address to make it look like it comes from you when it does not. There is almost nothing that can be done about this.
-
Email from stolen accounts is sent to people in your address book, and is not spoofed at all - it really is coming from your account. It's just not you sending it.
Changing your password is not enough.
Not even close.
As I've discussed before, changing your password is important, but it's not nearly enough. You also need to change any and all security related information associated with the stolen account. Why? Because the thief has access to all that too, and he can use that information to steal your account again. And again. And again.
The article Is changing my password enough? details the additional steps you must take if your account has been compromised.
Article C3992 - December 30, 2009
Leo A. Notenboom has been playing with computers since he
was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed.
After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers
to common computer and technical questions. More about Leo.
My hotmail account was blocked by them because someone has been sending a lot of junk messages from it. Hotmail needs my mobile phone number, which I have sent many times today, but becasue I am not in the US, I have not received a code. What can I do???
06-Dec-2011
Posted by: Piedad De la Maza at December 6, 2011 1:00 PM
Leo, I read your comments about address book hacking and your text is like many of the other sites I've gone to. Long on talk, but short on solutions!! It appears that there are no real 'experts' on this subject, just a great deal of 'talk'. I use Thunderbird that accepts email from AT&T/Yahoo. Rouge emails are sent from Russia, Israel, Czech Republic and Turkey. I finally opened the link. It's to a Canadian pharmacy: Canadian Health & Care. I would like to see something more in-depth then what I read on your site.
Posted by: Bill Dier at December 22, 2011 1:36 PMi have noticed that e-mails have gone to my contacts because i get mailer -default messeage back i have not sent them and no sign of me sending any
Posted by: david at January 14, 2012 10:03 PMLeo, I only read the first 5 comments on the web page before typing this comment in, but I hope this can help some of Your Readers.
Posted by: MoreOff at January 22, 2012 2:26 PMI use Thunderbird to get (and send) my AT&T/Yahoo! email using POP3 and SMTP.
But I also use Mailwasher Free first to see what is being sent to my web mail In-Box before I will let Thunderbird get it on my computer.
Mailwasher Free will highlight email from anyone as 'SPAM' in RED, if it hasn't been told that the address is a 'Friend' (GREEN).
Putting the mouse pointer on the Senders address lets me see the full email address so I can decide if the message is from someone I know or I don't know.
If the message is from someone I want to get mail from I can click the SPAM button on the left of the line to change it to 'Friend'.
Mailwasher Free has a function/option that IT can Remember the address is SPAM if it sees it again, but I don't use that option.
I will Log On to my web mail account and check the box on that messages line and then click the Spam button so AT&T/Yahoo! can know I consider it to be a Spam message, hoping that They (AT&T/Yahoo!) will send any more messages from That Address into Their Spam folder instead of to my In-box.
Since I use Thunderbirds Address Book for my Contact List, all the Contacts I put in my AT&T/Yahoo! online Address Book are addresses like:
abuse@att.net
abuse@yahoo.com
abuse@yahoo.cn
Addresses that I know a Spammer would Love to send mail to. ;-)
Also in Mailwasher Free, by clicking on the RED lined message the first 20 lines of the message can be read.
I hope this was helpful to someone.
Everything I read sounds like my situation EXCEPT that this behavior continued even after I deleted all the contacts from my account (after exporting them). It appears to be picking up e-mail addresses from my sent box or inbox. I have changed my password again and also changed security answers as suggested - we'll see what happens.
31-Jan-2012