Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

Why am I getting email from someone with the wrong email address?

Recently, while I was away on a business trip, my wife received this email:

From: Leo A. Notenboom [mailto:********@yahoo.com.sg]
Sent: Thursday, September 13, 2012 10:10 AM
To: ****@*********.***
Subject:

http://********.av.tr/cheeseblind/davidmiller24/?/b34a/

I’ve used asterisks to obfuscate a few things, but the essence is this:

  • The From: line displayed my name
  • However, the From: line also showed a completely random, unrelated email address that is most definitely not mine.
  • The email was sent to my wife’s email address.
  • The email message had no Subject line.
  • The email message consisted of only a link.

Because we communicate a fair amount by email when I travel, she thought it was from me and clicked the link.

Whoops.

I’ve been getting lots of reports of this particular scenario lately.

I’ll describe what I did next and what this appears to be… and perhaps reassure you a little about what it is not.

Become a Patron of Ask Leo! and go ad-free!

What I did next

My wife, bless her heart, realized what had happened immediately. She indicated it was some kind of “get rich quick” thing. She immediately did the right thing: she closed the browser, instant-messaged me about what had happened, and stopped using the computer.

As soon as I had a chance, I connected remotely, using TeamViewer, and began a series of scans.

  • I downloaded and installed Malwarebytes Anti-malware.
  • I updated the Malwarebytes database, even though I installed immediately after downloading. (There was indeed already an updated database.)
  • I ran a “quick” scan, which turned up nothing.
  • I ran a lengthier “full” scan, which turned up nothing.
  • I ran Microsoft Security Essentials, which was the anti-virus and anti-spyware tool already installed and protecting her system, and ran a lengthy full scan with it as well; that scan also turned up nothing.

When all the scans failed to find anything wrong, I decided that we’d probably dodged a bullet, and told my wife to resume using her machine, but to keep an eye out for any odd behavior.

Yes, absolutely, there could still be malware that resulted from this. But with scans showing nothing, I felt it safe enough to play the odds. If I’m wrong … well, you’ll hear about that too.1 Smile

This is not the result of a virus, and not a hack

No Spam!In this scenario, many people would immediately assume that someone’s computer is infected and that malware is to blame. In my case, they would think that either my computer or my wife’s would be infected, and that the email was sent as a result of that infection.

Not so.

Almost all of the email-spoofing scenarios we see these days have nothing at all to do with malware, other than perhaps being a way to get it.

If you get spam from someone you know, it’s more likely that their email account has been hacked.

But that’s not the case here, either.

The clue?

Regardless of the fact that my name was displayed, the email did not come from my email address, and thus it did not come from my email account.

There are no account hacks involved in the creation of this spam.

So, what is it?

It’s nothing more than spam

Hackers have one goal when they send you spam: to get you to open and act on the message. In this case, that means they wanted the recipient to click the link.

And that’s exactly what happened.

The technique they use is to make the spam look like it came from someone trusted. In this case, it looked like it came from me (at least by the name displayed), and thus my wife trusted it.

That’s all this is: spam. Misleading spam, crafted to evoke trust when none was warranted.

Spam. Plain and simple.

Connecting people who know each other

The thing that has everyone confused – myself included – about this current wave of spam is that they’re able to connect people who somehow know each other, without having access to things like email address books.

But only by name.

In other words, they were able to connect my name as being someone that my wife would know, and send that to her email address.

The only thing better would be if they had spoofed my email address as well, and not just my name. That tells me that they don’t have my email address, at least not as part of this particular approach to spam.

So how’d they do it?

I don’t know; at least, not for sure.

I have heard of a possible data leak – now supposedly fixed – relating to Facebook. And that makes a little sense, since my wife and I are friends on Facebook.

But that’s only a theory.

Bottom line: classifying the problem

Naturally, as spammers get more creative, things get more complex.

  • If something that looks like it might be spam displays a From: name that you know, but an email address that you do not, it’s just spam. Mark it as such and move on.
  • If something that looks like spam displays a From: name that you know and an email address that you recognize as belonging to that name, then it still may be plain old spam, but it’s more likely that this person’s email account has been hacked. You might want to let them know, ideally using something other than their hacked email account.

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

Podcast audio

Play

Footnotes & references

1: In updating this article a few years later, I can happily report that there was none.

Posted: November 18, 2015 in: Spam
This is an update to an article originally posted September 14, 2012
Shortlink: https://askleo.com/5810
« Previous post:
Next post: »

Leo Who?

I'm Leo Notenboom and I've been playing with computers since I took a required programming class in 1976. I spent over 18 years as a software engineer at Microsoft, and "retired" in 2001. I started Ask Leo! in 2003 as a place to help you find answers and become more confident using all this amazing technology at our fingertips. More about Leo.

76 comments on “Why am I getting email from someone with the wrong email address?”

  1. I recently got an email that was FROM me, TO me. The FROM email address included the exact same info that your wife received; specifically the
    [mailto:********@yahoo.com.sg]
    portion. I realized I hadn’t been to Singapore so I guessed the email really wasn’t from me. I haven’t had any other problems with my email account so did I spam myself? Or did the spammers’ software programming really goof up on this?

    Reply
  2. My friend keeps getting email with my name on it but it is different email addresses how do i get them to stop NOW!

    You don’t. It’s just spam like any other. Simply treat it as such, and mark it as spam.

    Leo
    17-Sep-2012

    Reply
  3. THANK YOU! This just happened to a friend of mine. She got an email that was apparently from me, even though I do not and have NEVER had her email address in any of my accounts. Good to know that it’s not a virus!

    Reply
  4. Thank you for this article. This just happened to me.
    I never open emails that have nothing in the subject line and never click on links in emails. But this one looked so real, and from someone I knew. I have been scanning for viruses. Nothing
    Crazy scary! Glad to hear it just SPAM

    Reply
  5. This has happened to several people I know, and the only way I found to stop it….it can be a serious annoyance….was to change my security question and password….When I did this, the annoying emails with no subject in the subject line went away. Changing security questions and passwords is something we should do on a regular basis, anyhow, just for security, but, that’s another matter.

    Reply
  6. I have received two of these that match the way they are listed on my Facebook account.

    The spammer can copy the name and paste it in the FROM
    address field of their email message form.

    It is annoying to have to deal with it and could possibly carry viruses. Facebook should deal with the problem.

    Bill

    Reply
  7. I’ve seen a lot of this over the past year. The last four where all spoofed Facebook friends’. One give a way was “no subject” on half of those emails.

    Reply
  8. My ISP e-mail system will NOT allow me to send an e-mail if the Subject Field is empty.

    However, many of my genuine e-mail contacts send me e-mails with empty Subject Fields; or are lazy and simply do a REPLY on an older e-mail without changing the Subject, when it is unrelated to the contents of the new e-mail.

    Can be very midleading when I may wish to save the new e-mail to an appropriate sub-folder.

    Reply
  9. I figure that these spammers have huge databases of addresses and they just don’t keep the addresses, they keep where they received the addresses and what known connection each one has with the others. Some sophisticated algorithms can be applied and I’d guess they can start making more connections, no differently than Facebook can say “This might be someone you know”…and they’re right! Over a 3 day period here in our 12-person office we seen 3 waves of these. It started with an email “From” a vendor we all know. It then was en email “From” each other in the office (we all got 6 or 7 that day) and the 3rd day it was “From” one of our employee’s outside Yahoo account. It’s quite amazing how they know these accounts are all linked in one way or another.

    Reply
  10. @Alex,
    Outlook lets you change the subject line of an email which is very useful. It’s a little obscure how to do it though. Open the email, then click in the subject line, your curser will insert and you can edit it and save. Really helps for sorting things out later.

    Reply
  11. At work, my boss loves to send out emails with no subject. If I disregarded all no subjects, I’d rarely have any email to read from my boss.

    At home, I use Thunderbird. Thunderbird will put a yellow star beside any email address in your address book. So even though the email may say it’s from “Leo A. Notenboom,” if there’s no yellow star, I’m going to be suspicious immediately.

    Reply
  12. Having had problems with spoof emails from contacts email addresses, a group of us use a confirmation code word in the message. No code word, the email gets deleted.

    Reply
  13. I open nothing I don’t know sender. I’ve been burned once recently,accidental click when I was busy and tired and it was someone “peddling” a browser and I had to Google a couple of places to get help to get rid of it.
    When I send you a clipping or a new topic, I put
    my initials(in the subject line) or something that says it’s from me & vary it every time.Finally, if I send something to more than one person, I send it to myself and BCC the rest so you don’t get new addresses to work on or addresses to validate you have my contact list.

    Reply
  14. Leo, Your suspicion about Facebook is correct. I also received a several bogus emails over about 3 weeks time from a cousin in Texas. She doesn’t have my email address. I have a very bare profile on FB that I established only to communicate with her. This information had to be derrived from my FB account using my friends and my email address. The reply to address didn’t make logical sense. I know to delete these.

    Reply
  15. Very good information. I had opened one of these emails tonight supposedly from a friend. It was a link, which is not unusual, except it was a get rich online scam that required multiple times to close. Good to know it was probably not malware.

    Reply
  16. Good article.
    Something I do whenever I get e-mail I’m not sure about is to right-click it and select “view source” (available in many browsers, but not all). This brings up a text-only version that I can check. Also, it brings up the entire header, which is also useful.
    I learned this trick several years ago, and it has saved me from a lot of spam and malware.

    Reply
  17. Lest we forget: Most if not all Yahoo accounts were “stolen” a few weeks ago. That made the national news. I have had a large number of mys customers where the yahoo info was used by and for spammers, and many that the hack included adding a spurious address to which password reset info gets sent, thus preventing access completely to the legit owner. Just TRY telephoning Yahoo about that!

    “Most if not all”? I think not. I’d love to see the news article you’re referring to since it never crossed my path (and I do try to keep on top of these things). Regardless, it would not apply to the situation covered in this article.

    Leo
    22-Sep-2012
    Reply
  18. I would have to add that it is ridiculously easy to spoof an email address if you have a bit of coding skill. Any online forum, blog or social networking site that displays your email address should be avoided like the plague. They will either send you bucket loads of spam or spoof your address to send it to everybody else. Probably both actually.

    Reply
  19. My experience is slightly different. I keep getting ‘mail undelivered’ messages from Mailer Daemon amongst others. The message purports to come from my e-mail address but has unrecognisable prefixes before the ‘@’ and the correct address after. I never recognise any of the intended recipients. What is going on?

    Reply
  20. I get these all of the time. Most of the time the subject says “Hey Jim” and the return email is my daughter or my niece. She would never call me Jim to my face or email box. The link id definitely Facebook. I only have 30 or so friends and the return name is always how it is shown on Facebook.

    Reply
  21. A friend just informed me this was happening to her, and it was from me. My name is different on Facebook from what she was apparently receiving from me. It may not always be a Facebook situation.
    I’m sure grateful for your article, Leo. It means I don’t have to go and change ALL my passwords on ALL my garbage email accounts. ;)
    I guess some spammers have nothin’ better to do with their time. geez.

    Reply
  22. “The thing that has everyone confused – myself included – about this current wave of spam is that they’re able to connect people who somehow know each other, without having access to things like email address books.” – It was likely the case that an email account belonging to somebody who had both you and your wife in their address book was compromised.

    Reply
      • Sites that sell public information (like Spokeo) very often show people that are “associated” with the subject you’re searching for on their free search results. This information would be available to a spammer to crawl without paying for the service. Those associations coupled with a list of e-mail addresses the spammer already has could produce a list of possible targets pretty easily.

        Leo, you may be interested to know that you’re the only Leonard A Notenboom in the US. They have the names of 2 of your relatives and even a picture; all available for free.

        Reply
        • It’s interesting to see how inaccurate and/or woefully out of date some of that information is. But, yes, there are a lot of public records out there to be mined.

          Reply
  23. I have just had the same thing happen to my brother-in-law and myself.

    I am guessing that the spammers are using multiple huge databases of email addresses and they are emailing spam between these databases and with large enough data sets they eventually get a hit. This would also explain why some people report that they are “spamming themselves” (their email addresses appear in each of the databases). This would explain why they are not spoofing your email address completely as this would mean that they would have to set up each sending email address individually in order to spoof the address completely i.e. your friends email address appears exactly (this would be millions of email address setups). Their aim is to get the spam out to live email accounts and to get the recipient to click on the link because they trust the sender. Eventually they get lucky if they are sending millions of emails, which doesn’t cost them anything, and if just a couple of people click on a link and are suckered into parting with cash or give away information that can be used (identity theft) then sending millions of emails was worth it. They haven’t spotted a connection between the 2 accounts they just eventually get lucky because of the size of the data set.

    I guess you could say that the spammers are using a crude brute force data warehousing approach??!! :-)

    Thanks for the article Leo, having read your article it makes me feel better about the situation, although I am now going to change my email address password as I haven’t done it in ages.

    Best regards,

    Dave

    Reply
    • think frinds in common who you realy dont know but they are shown on the spamming machine as a friend request. that is where the spamerrs are getting your data.
      but of course dave is not here.

      Reply
  24. Leo, these have morphed and proliferated. In the last several months, I have seen several of these spam email blitzes, both purporting to be from me and from others. They are not all from Facebook — I do not have, and never have had, an account at Facebook, Twitter, or any similar network.

    Some years ago, the hack was obvious because the emails were sent in batches of 20 or so addressed to targets from the sender’s address book and sent from the sender’s account so the emails showed up in his or her Sent box. A few months ago, I started seeing emails that (1) were to addresses in the purported sender’s address book, (2) showed the sender’s name in the SUBJECT line, as “From: Sam Sender”, (3) like your example, are Not send from the sender’s email account, and (4) therefore do not show up in the Sender’s Sent box. Typically, it consists of a link and perhaps a few words.

    I have had it happen to me again, after changing my password and security question and answer, leading me to guess that some hacker accessed my address book, copied and stored a large number of my addresses, sent emails to 60 or so, and then either waited a few weeks or months to send another wave of emails or sold or posted it for others to do the same. I have not discovered any information about exactly how this is done, but it is widespread.

    Reply
    • I will second that, I will also say that they seem to be getting more and more clever at trying to fool you, and it can be very unnerving.
      So far gmail has been catching them for me, and putting them in the spam file.
      I usually run the cursor over the sender address to reveal the actual sender but of late this has not worked either?

      Reply
  25. I received an email Account addressed to Aaron complete with his details and transactions (computer parts) $586.
    Was this a likely scam or genuine mistake .
    My Avira scan showed no interest.

    Reply
  26. Leo,
    My method to keep others out of my webmail Address Book is to use Mozilla Thunderbird to get messges from the webmail Inbox to get it on to my computer.
    After it is on my computer Thunderbird deletes the message(s) off of the webmail inbox.

    The Address Book I use is in Thunderbird not on the webmail servers.

    I also Preview what is in the webmail inbox with Mailwasher Free before clicking Get Mail on Thunderbird to keep any questionable messages from getting on to my computer.
    Any message I’m suspicious of, I mark it as unwanted in Mailwasher Free before Getting Mail with Thunderbird.

    My webmail Address Book just has addresses like:
    abuse@yahoo.com
    so that anyone who sends messages to the names in my Address Book, those messages go to the “Right People” at the webmail abuse center.

    Those are the tricks that I use, I hope they may help someone reading the Comments.

    Reply
  27. I help to keep my friends safe. I have set up my outgoing mail in a unique way, and have let all of my contacts know that if they ever receive an email from “me” that doesn’t have my unique look, they should not click on any links, and to let me know asap. Part of that set up is done manually before I click send.

    Reply
  28. A friend fell victim to this yesterday and I remembered this article. The spam was sent to all or most of her contacts. Understand that this spamming is neither a hack nor a virus. How, though, did the spammer get my friend’s contacts to which the spam was sent? Thanks.

    Reply
  29. Leo, please feel free to edit.

    The one thing I find in common with all these spam emails, of this type, is that the people they are from are or at least were Yahoo clients. (In Canada they are also from Rogers clients who white label Yahoo email services.)

    Sure the actual spam emails are coming from unrecognizable addresses but they all share the fact that the people they are from are Yahoo clients. My belief is that the accounts have been hacked but instead of trying to use the Yahoo resources for mail they grabbed two things and leave, the account owners name and a copy of their contact list. I’m sure they have copied the contact names as I’ve advised two people to wipe their address book clean. I can confirm that this has been done yet the emails continue from the original owner, (with spoofed address) to only their original contacts.

    I don’t have a single example of a known “From” that is not related to Yahoo. As the problem grows I believe the websites that people are being directed too also execute a drive by of sorts. If you clicked on one of these links and happen to be a clean Yahoo users your account is now hacked and your contacts copied. (If not immediately, some time in the future.) If you are a Gmail or Outlook mail client you don’t seem to be impacted, at least your contacts aren’t stolen and your friends aren’t calling asking why you are sending links.

    In my opinion Yahoo security has to get involved, hit on one of these sites through one of these links and actually determine how the account hack occurs. Its likely a variation of the cross scripting issue Yahoo suffered a few years back. Once the door is closed by Yahoo and the problems stops growing, no new names to add to the from list, the hackers / spammers will move on to another piece of misery. All I see people recommending is change your password, which while true, is not going to stop this brand of spam.

    Reply
    • I agree. I have an old yahoo acct that in 2012 I believe the contacts and my name were hacked from. About twice a year the contacts from that specific account receive one of these spam emails. I know this because the some are contact I have removed years ago. The emails originates outside of my devices and are sent to the hacked contact list. They only contain the contacts email and phone number.

      When my friends call I have them send me a copy of the email. I report the abuse to the host domain and also send them the email headers info. That hasn’t seemed to stop them as the contact list is out there in “spam world”. It appears there is no stopping the spam once the contacts have been hacked.

      Reply
      • Yes, there is no stopping the spam once the contact list is out in the wild. Reporting it to the host domain does nothing, so I wouldn’t bother with that. Server companies have no way to respond to numerous requests about spam, and most of them are monitoring for spammers in very sophisticated ways. They have, likely, already turned off the spammers before you could even respond, and the spammers have moved on to another target.

        Reply
    • Post is a few months old but I just got one of these spoofed emails from “me” to another one of my accounts at a different domain. The thing that doesn’t seem to fit with anything I can fit on the Internet, is that the other recipients of this email were all strange corporate addresses that I recognize from brand name but I’ve definitely not emailed from any of my accounts,which by the way does not include any yahoo account. Old Navy, Victorias secret, blockbuster rewards, promotions at perfumania. Not one was an actual contact of mine. The other strange thing is that the address was my full first and last name spelled out and spelled correctly. I do have Facebook, no other social media but I never use my full name on there to register or barely anywhere else besides things that need to be official so they didn’t get any info from Facebook. It did appear in my Gmail spam folder with my full name as the sender. I definitely didn’t click anything of course but I just looked at other senders and then decided to reply to myself just to curse them out for my own amusement telling them they better f**n delete their account before I break their f**n face, you know just blowing off some steam. I got an undeliverable message in my inbox and it not only said no such user but said it was undeliverable because there was no such domain name found. What’s the point of all of this? Do you still think it’s some sort of hacking since they used my full name, but then what the hell did they hack I want to know if they didn’t obtain any of my contacts emails, I guess except for my other account. Kind of confused here.

      Reply
  30. Hi Leo,
    I just found out a bunch of my contacts have gotten a mass email from “me” but not from an account I own.
    (My full name here)@stagg3333.freeserve.co.uk
    Is the address.
    The email is a get rich with real estate spam message.
    My questions are; did they hack one of my emails to get my contacts? Should I be concerned?
    What do I do now?
    Thank you,
    Shab

    Reply
  31. So a friend got an email that was “from” me but the sending address (account) is actually another one of my friend’s.

    To: john D
    From: My Name (myfriendsemail@whatever.com)

    The send list was mainly my contacts as well.

    Is the problem my account or my friend’s whose account the emailmwas sent from?

    Thanks!

    Reply
  32. Dear Leo, I’m really grateful for all the info you have here, many thanks. I got an from “{email address removed}@zaw.att.ne.jp” to my old university email address, the strange thing is my current email address is “{email address removed}” except after the “@” symbol there is a legitimate email provider. I can’t access my university email anymore and only know about this email because I set up my university email to forward anything to my current email. I have asked all my current contacts (from “{email address removed}@…….”) if they have had an email from {email address removed}@zaw.att.ne.jp & they all say know. Please can you advise if you think my “{email address removed}@…….” email has been hacked. I appreciate you have discussed a very similar scenario, but, it just concerned me because they had the ’59’ bit as well as my name in the ‘fake/similar’ email address they used! Best wishes Alan

    Reply
    • It’s not uncommon to see what you are describing where a spammer uses the full user name with a different domain name. As long as the spammers know your email address they can fake it in any way that suits them. In itself, it’s no indication that your account has been hacked. Although, since the email is going to another account you own, it might be that either you or a contact which has both email accounts in their address book has been hacked. I’d change the password and recovery information on all of my email accounts.
      https://askleo.com/email_hacked_7_things_you_need_to_do_now/

      Reply
  33. No, I don’t see the problem from Facebook. I had it happen to me as well, and I’m certain that the information did not come from Facebook. The lady whom the email name was altered has no idea I’m on Facebook. So, somehow people can see that she has emailed me and it’s kind of freaky. I almost clicked on the link, but I noticed that the domain was from Poland ({removed}.pl) Errrrr, not happy about this.

    Reply
  34. Recipients of my emails say that when received it is headed ‘NatWest’ which is nothing to do with me. What can I do to remedy this.?

    Reply
  35. why am I getting my daughter email when I loin in with my email? my email is {removed}@att.net
    her address is {removed}@yahoo

    Reply
    • Don’t ever post email addresses in public forums. Sounds like she may have a redirect set in her Yahoo account.

      Reply
  36. The article and comments were very informative.

    My name has been used in the from line, but the messages always have been sent from strange e-mails.

    Among the recipients that received the same message were a couple of my personal e-mail addresses and my current work e-mail address. (Yahoo was the original host for my work e-mail, so I could sign in to my personal Yahoo account and access either my work e-mails or my personal ones)

    Thanks to this article and the comments, I now understand that Yahoo’s hack let a lot of e-mail addresses out in the wild and there is nothing that can be done to prevent them from being used.

    I was surprised that nobody mentioned two-factor authentication
    http://www.pcworld.com/article/3150953/security/5-things-you-should-do-following-the-yahoo-breach.html

    Reply
  37. Yesterday my co-worker came over and asked me about an e-mail she had just gotten that was supposedly sent from me. Like it had my name, but was not from my e-mail address. It was from {My Full Name} @{removed}.com. Is it common for the “spoof”/”spam” emails to come from sites like that?
    This e-mail was just like the one Mr. Leo talked about his wife getting. My name at the top, no subject, and just a link to some It went out to people I had communicated with through my old Yahoo acct. …only a few were in my contact list. None of the people it got sent to know each other or are even my friends on one of the networking sites. I’m guessing it got hacked, what do you think? Do you think they read any e-mails to collect other personal info like logins for other sites or acct. info?
    I changed the password and activated the two-factor authentication system like you guys recommended. Is there anything else I can do?

    Reply
  38. My cousin got an email from “me” that wasn’t my email address but when she tried to reply, age said that it linked her to my text messages. Any idea why this could happen?

    Reply
  39. A colleague has just had email supposedly from me asking if she was in the office. Had my name in the from and in the message itself – it ended “regards {my name}. It was from a gmail address. She replied to it as it’s the sort of email I would send, and then got one back saying I needed a payment making to me. Then she got suspicious.
    I don’t have a yahoo address nor are we friends on facebook so it sounds as this is a new wave of this type of problem

    Reply
    • It sounds like her contacts list may have been hacked. That’s a common way scammers and spammers get email address along with the names.

      Reply
  40. I, too, am wondering if my contact list somehow got hacked. I’ve started getting spam emails from bogus emails representing themselves as people on my contact list. But, here’s the bizarre part. I’m getting them at my work email address only. It’s not associated with Facebook. And all the people that I’m getting spam from are in both my phone contacts and on my Facebook account. It’s usually a couple of lines and a link to something which I never click… except the first one that came from my sister (supposedly), and I was looking at email on my phone and failed to notice it was sent to my work account rather than my personal account. It said something vague like “I think you’ll like this”. As soon as I clicked the link, I knew it was fake. I have anti-virus and anti-malware running on my system, so I immediately did a scan, but nothing was found. I think my system is ok, but I continue to get these weird spams about once a week, and it’s always from different people on my list.

    Reply
  41. I’ve been having a problem similar to Lynn’s. Whenever I send an email to a particular group of contacts, the next day they all get an email that looks like it’s from me, but from a different email address. It typically says I need to get in contact with them urgently, or can they buy me $100 iTunes cards and I will reimburse them later. The email signature looks similar to my real one. Is my original email being ‘intercepted’ and used to spam everyone on the ‘to:’ list?

    Reply
    • This is just a shot in the dark, but try sending using BCC: It may be that one of the recipients’ accouts has been hacked and is sending out the spam.

      Reply
  42. Hi Leo,
    Something relating to this old issue just happened to me. First off, while Facebook might not have been the source of this spamming trend using familiar names back when you wrote this article, I used to get these types of messages every few months for years, then more frequently in recent months, and a few days ago, it happened again, but this time using the only remaining FB friend I have left after clearing my account, only keeping it to communicate with this particular friend. That is not however the real “issue” for me since I have gotten used to this method of spamming over time and don’t think too much of it anymore. I have recently systematically been reporting as spam these messages, even when they are using names of people I know, convinced that Outlook would register the email address as spam, not the name. But I just realized that the last friend’s name that was used is now completely gone from my Outlook contact list and doesn’t show up as a known contact when I start typing the name or address like it has always been doing. Even if this email address is part of my safe list and I re-entered it in my contact list, I now have to enter the email address each and every time… Lesson learned: do not report as spam a spam email address that is attached to a valid contact name!

    Reply
  43. I am getting spam emails showing names on my conact list and the first line of the text I have sent to them. I have changed my password , but it is still happening. Someone can see my sent emails. How can this be happening and what else can I do.

    Reply
  44. We are having a problem I haven’t seen before. I am getting emails — four so far — which show as “From” one friend of mine. Friend1’s name AND email address show up on the From line. The message is actually a legitimate message from Friend2. Friend1 and Friend2 have no connection with each other, don’t know each other, and live in different places. I have never sent an email to both of them. (I don’t send group emails often at all, and there would never be any reason to communicate the same info to both of them.) All three email addresses (mine, Friend1, and Friend2) are gmail addresses. The only other notable strange thing about the messages I have received is the gmail “snippets” feature does not apparently work, as it does not display anything on the line of my inbox after the subject. Can you solve this mystery for us?

    Reply
  45. Hi Leo

    Excellent article – thanks! We have a problem that is slightly different and hope. you can help. My wife has been receiving emails from people saying they have received emails from her, and like the case above they have the from name correct but not the email address. The big difference is that these have been replies to emails that have been sent to my wife! I have scanned her PC with Malwarebytes, Avast and the Microsoft tools without finding anything, and there is nothing in the sent folder.

    The only thing that I can think of is that the emails are being intercepted somewhere along the way – possibly at our ISP. Have you heard of this happening before, and what can we do next? I have changed her email password to something extremely complex, perhaps that will do the trick.

    Cheers
    Richard

    Reply
  46. I have a questions, hope it’s okay to ask here. On certain sites i cant register with my email address and it always says “you can’t register with this email address” and no i didn’t register with that email before so that’s not the case. It is true that i do have a lot of spam on that email and thought maybe they are seeing my email address as spam. Do you know maybe what could be the case?

    Reply
    • I’ve most often seen this when people register using email addresses from “untrusted” domains. I’ve seen sites not allow @hotmail.com addresses, for example. But there is no general answer to this — it’ll vary from site to site. You might reach out to the site owner to see if they can explain.

      Reply
  47. Thank you for answe Leo. Is it maybe possible i registered and because i didn’t use it for a long time they decided to block my email?

    Reply
    • I would expect the message to be clearer: “this email address is already in use” or something like that. Again, all I can suggest is you reach out to the site owner for more details.

      Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.