Ask Leo! by Leo A. Notenboom

Someone's sending from my email address! How do I stop them?!

Search First! Then browse: Categories | Full Archive | By Date | Newsletter

Home » EMail » Spam

Summary: Email spoofing is rampant. Spammers often send email that looks like it came from you. And there's little you can do about it.

Someone's sending from my email address! How do I stop them?!

You're minding your own business and one day you get email from someone you've never heard of and they're asking you to stop sending them email. Or worse, they're angry. Or worse yet, they accuse you of sending them a virus! But you don't know them, you've never heard of them, and you know you've never sent them email.

Welcome to the world of viruses where you can get the blame for someone else's infection. And there's worse news to come.

Before I get to that, there is always a small possibility that your email account has been compromised. The solution there is simple: change your password immediately. That should prevent someone who's using your account for malicious purposes from continuing, assuming you've chosen a good password.

But these days that's not the most common cause for the situation I've described, viruses are. And what's worse, there's almost nothing you can do.

The MyDoom/Novarg virus currently running rampant is a great example. The virus infects someone's machine and then looks in the email address book on that machine and emails a copy of itself to everyone it finds. What it also does is forge the "From:" address for the email that it sends. What does it use to forge the address? Why, the addresses in the address book, of course. So the infected machine will send email to everyone in the address book, looking as if it was sent by other people in that address book even though it was not.

"Welcome to the world of viruses where you can get the blame for someone else's infection."

Let's use a concrete example: Peter's machine gets infected with the MyDoom virus. In his address book are entries for friends Paul and Mary. Paul and Mary have never met, have never exchanged email, and do not know each other - they each just know Peter. The virus on Peter's machine will send email with the virus to Paul looking like it came from Mary. Paul may wonder who the heck this Mary person is and why she's sending him a virus, but she was never involved.

If you're in Mary's place, you can see that it would be frustrating to be accused of something that you had nothing to do with and have no control over.

For the record, your email address may end up in the address books of people you don't know as well. Various email programs will automatically hold on to additional email addresses that were included on email you received or possibly from email that was forwarded. Viruses have also been known to use other sources of email addresses or even forward them around as the virus spreads. What that means is that the simple "friend of a friend" example I used with Peter, Paul and Mary, while simple and certainly possible, is not the only way your email could show up as a forged "from" line.

What's important here is simply this: one way or another email viruses lie about who sent them.

If someone accuses you of sending a virus-laden email, and you are positive you did not, then you have very little recourse other than trying to educate them about how viruses work. Point them at this article if you like. But be clear: you're not necessarily infected nor is the person who received the mail claiming to be from you. It's some third party who is. (And identifying that third party is difficult - this is why virus writers use this technique.)

And of course be sure that you're not going to get infected yourself: don't open attachments from people you don't know and make sure you have an up-to-date virus checker and virus definitions file. I have recommendations for virus scanning software here.

Related:

Article C1887 - January 27, 2004

Helpful? Get new articles weekly by email in my FREE newsletter!

Your Name:
Your Email:


Why Subscribe?

Recent Comments
148 Comments

When I checked my e-mail inbox today, I found that there were about 20 "Delivery Status Notification (failure)" messages. When I opened them, they all contained the same message, and it seems they got sent to everyone in my contact list (200+ addresses).
I checked my "sent" messages list, and there was no trace that I (or someone who might have hacked my account) had even sent the messages in the first place. The only reason I noticed that this had happened is because some of the addresses in my contact list don't exist anymore and the emails got bounced back to me.
I changed my password, but it seems more likely this is a virus problem. I have an up-to-date virus scanner, and it hasn't picked any up. Any ideas?

Posted by: Appu at September 14, 2009 1:31 AM

hi..someone used my email & password to send an 'obscene' email to themselves..they are now taking me to court over this..i DID NOT SEND IT..i contacted my ISP they cannot help me as it was sent thru windows live account..how do i prove this in court..they deleted it from my 'sent' box but not from my 'deleted item's this is how i found it! i am furious! i need to prove it was sent from what ever computer they used & not mine at home as they dont reside with me even..can you please help..i need to prove them wrong..police cannot help it is a civil matter not criminal i asked them...any suggestions?

You need to talk to a tech-savvy lawyer. There may be ways to get the information (if the information you need exists at all), but I'm guessing you'll need a court order to do so.
Leo
24-Sep-2009

Posted by: DEBBIE at September 23, 2009 8:33 AM

basically not only is someone using my e-mail without persmission, but some days they let me log in to just show they already opened it up and they other days my passwords is not reconized. which would be [passwords removed]

Posted by: shellbonen or was patricia dorey at September 24, 2009 11:50 AM

I really need some advice. My ex-fiancee' has been without my knowledge having all my email to 3 accounts (even the one he had no knowledge of) sent to his personal email and his work email accounts.
Before he sends them to me! If I click "Show Original" his address(s)are right there first! How do I stop him and how (this is really important) did he even do this?
Big Thanks

Posted by: Sandee at October 2, 2009 3:13 PM

There have been several occassions where emails have been sent from my hotmail account to each individual in my address book; AND the emails are in my sent folder. All of these emails are some type of advertisement for a product or 'store'. This doesn't seem to fit the example above since the email is being sent from my address to the people in my address book. Would this signify that there is a virus on my computer (my virus scan shows nothing)? Or is it being done by the advertisers in the emails. If so, is there a way to do anything about it? Thanks.

You are correct, if the emails show up in your Sent Mail folder, this is very different: Your account has been compromised. Either someone has access to your account (change your password right away), or your PC has been compromized by a virus or spyware.
Leo
27-Oct-2009

Posted by: charlotte at October 26, 2009 10:17 AM

i had this guy spam me fron germany and the next day i turned my pc on and i needed to reboot because it had crashed eny tips to prevent it? cheers

Posted by: dave at October 27, 2009 4:03 AM

also he hacked into my u tube account

Posted by: dave at October 27, 2009 4:04 AM

When I arrived at home this am,I had a e-mail from a buddy,It was bad but I never sent it.Furthmore another friend got all kinds of personal information about my kids.The only way they could have gotten this info was to be inside my computer.I am pretty computer savy and run anti-virus and check my ports But on this one I am lost.

Posted by: Robert at October 31, 2009 10:40 AM

hai ..
am not sent any mail to other but that person received mail from my user name.in that from part my name is rite but mail id is not correct but in that mail id was am confused how mit possibe? pls clear it..

Please read the article you just commented on. It talks about exactly this scenario.
Leo
01-Nov-2009

Posted by: sujitha at November 1, 2009 6:02 AM

Some one had hacked into my 3 email address used for Business
Been using this one for years
use this with my girlf.

Can this account be reset, or destroyed as I have business information on the , and contacts on this one, and the other 2 are private.
Please Help as I have 3 Hotmail account and all 3 were hacked.

Not that I'm aware of.
Leo
07-Nov-2009

Posted by: Frank at November 6, 2009 11:31 AM

Post a comment on "Someone's sending from my email address! How do I stop them?!":






(Email Address will not be published.)

Remember Me?

By popular demand...
my tip jar
Cuppa Joe
Buy Leo a Latte!

(you may use HTML tags for style)

RSS feed Subscribe to the RSS Feed specifically for comments on this article.

Before commenting, please...

  • Read the article at the top of this page. If your comment shows you didn't, it'll be deleted and ignored.

  • Comment only on this article. Use the Google search box at the top of the page if you have a question about something else.

  • Don't include personal information in the comment. No email addresses. No phone numbers. No physical addresses.

  • Don't spam. Excessive links to unrelated sites within a comment or across multiple comments will cause all such comments to be removed.

  • Don't ask me to recover lost passwords or hacked accounts. I can't, and those comments will be deleted.

  • I can't respond to every comment. And I can't vouch for the accuracy of others who do.

Please wait. Your comment is being processed ...


Question? Ask Leo!