Summary: If your contacts are getting email from you that you didn't send, then it's very likely that your email account has been compromised.
Hi,somebody is sending emails to my contacts using my email address to which I haven't sent. How can this be? Have I been hacked into? I do have full internet security avg 9,could you please let me know what action to take if any as I find this quite worrying! I have changed my password so far, but that is all.
•
You should be worried.
I'm not sure that I'd say you've been "hacked into", but my guess is that your email account has indeed been compromised.
I'll look at what likely happened, why this isn't like other "Someone's sending from my email address!" kind of issues, and what steps you need to take next.
•
The big clue here is that email is being sent from you to contacts in your address book.
In the "old days", that typically meant that your computer had acquired a virus, and that virus was in turn accessing your PC's email program and systematically sending email to everyone in your contact list or address book.
While that's still a possibility - and you should absolutely make sure that your anti-malware tools are running and up to date - it's not nearly as common as it once was. Most email programs now carefully protect against unauthorized address book access.
What more likely occurred is that your email account has been compromised - meaning that you probably have an on-line email account, free or otherwise, that someone has gained access too. By virtue of doing so they now have access not only to your email, but to your address book as well. It's all too common these days to hear of folks whose accounts have been compromised only to have all their friends get inundated with spam, threats, malicious emails or messages that try to impersonate you and scam your contacts out of money.
How this happened is difficult to say. It could be anything from a weak password that's easy to guess, to your account credentials being sniffed in an open WiFi hotspot, to your simply having shared the account information with someone you should not have.
For all we know, it could also be a roommate walking up to your computer when you're not using it and sending messages right then and there.
(And for the record, last year there was a partial account compromise at one of the larger free email services - account credentials were stolen without the users having done anything wrong. Same result.)
I've talked before about email that appears to come from you, but in fact does not. This is different. Specifically:
-
Spam email is sent to random people you don't know, "spoofing" the From: address to make it look like it comes from you when it does not. There is almost nothing that can be done about this.
-
Email from stolen accounts is sent to people in your address book, and is not spoofed at all - it really is coming from your account. It's just not you sending it.
Changing your password is not enough.
Not even close.
As I've discussed before, changing your password is important, but it's not nearly enough. You also need to change any and all security related information associated with the stolen account. Why? Because the thief has access to all that too, and he can use that information to steal your account again. And again. And again.
The article Is changing my password enough? details the additional steps you must take if your account has been compromised.
Article C3992 - December 30, 2009
I get spam almost daily from "myself". At least the "from" tag is that part of my email address that precedes the @. Not a problem, in fact it seems self-defeating to fake the source as the same as the destination.
Posted by: Digital Artist at January 5, 2010 11:35 AMI too was "hacked" in my Yahoo account. Another user e-mail address was added and my password was changed. It happened at 8:45 PM (I received confirmation msgs from Yahoo) and fortunately I caught it early the next morning.
Using Yahoo's secret responses to security questions I was able to regain my account and change the password.
However, my home computer address book was Not hacked but it was my Yahoo address book that was used (I haven't used it for years and forgot about it). I emptied my Yahoo address book.
I POP3 my mail to my computer (I don't believe in leaving any of my data in the cloud). So far my spam count has not risen but ...
Hope this helps. rgds, Mike
Posted by: Mike Noonan at January 5, 2010 3:53 PMMy yahoo e-mail was hacked several months ago. When I contacted yahoo, they were no help at all. An e-mail was sent out to everyone in my address book about some fantastic sale. I'm sure the link in the e-mail contained a virus. Luckily, a copy went to my computer literate brother, who immediately recognized that I would never send out such a sloppy e-mail with poor grammar and misspelled words. I was able to contact everyone and alert them not to open the e-mail within minutes of the time it went out. My address book had disappeared, so I typed a hard copy into a word processing program, and when I send e-mails, I simply copy and post the addresses into the e-mail. It happened once again recently, but the only address in my address book was one for Bit Defender which is an anti-virus program. I have other e-mail accounts I use for important correspondence. They do not contain any address books.
Posted by: Carol Duchesne at January 5, 2010 5:55 PMLeo,
I think the email account does not need to be compromised for this to happen... but correct me if I am wrong:
1st, many people still keep sending emails to loads of people in CC rather than using BCC. That makes those emails easy picking and ripe for the harvest by bots... and they will be added, alongside yours, to spam lists, etc.
2nd, spammers these days have ways (a simple script can do this I think you mention it and it's called spoofing) to have any email inserted in the sent from... and sent to anyone they want, including all those found in not only spammers' lists but also those harvested from your CC fields. The familiar, recognizable email address on the sent from will make your friends trust the email... and get their machines compromised.
I have received emails from myself ~:\ with spam...
My email accounts have not been hacked into. It's a gamble... if your email has been around long enough, chances are, it will fall in the hands of spammers, even if you take all precautions, because many of your friends may not and will still expose your email on that CC field...
Maybe the best option (and I do not use it because still could not find something I like) is one of those automatic replies, that requires a one time confirmation --- proof that a human, not a bot, is on the other side of the line...
Know of any free PHO or CGI script that does this Leo?
What can also be done is create a "key" that tells your friends the email really is from you, for example, inserting in the subject line, before anything else, a signature of sorts... ex., {JaySafe2read}
Thanks for your time and all the wonderful work you do here.
Joao
I understand the appeal of challenge/response systems as they're known, but I hate them. They make the sender of an email pay the price in time and inconvenience. Most of the time if I get such a challenge, I ignore it, as I'm sure many people do. You won't get spam, but you also won't get a lot of emails you want. Imagine having a newsletter of 100,000 subscribers and getting challenge response floods every time you send a newsletter. And that's this article: What's this confirmation request I got when I emailed someone?
And for completeness, here's my article on using BCC to reduce spam: How does using BCC help reduce spam?
06-Jan-2010
Posted by: Joao at January 5, 2010 7:28 PM
I have the same problem. Twice now I had e-mails sent to contacts from my address book. The first time I took the computer to the shop, installed malwarebytes antimalware and thought I waa safe. On Monday, 15.02.2010 it happened again. The computer shop says I need to contact Yahoo. I did contact them and all I received was an acknowledgement.
How can I delete my Yahoo e-mail address?
What else can I do?
Thank you
Sandy
Posted by: Sandy at February 16, 2010 7:32 AM