It’s happened to me, it can happen to you. Worse than receiving spam email has to be unknowingly sending it. When bogus and probably virus and malware-laden emails go out in your name, it’s not good for your reputation. Chances are your inbox will receive bounced (undeliverable) messages from dead email addresses that some crook tried to spam in your name.
The good news is that you are not sending out spam. Neither is your computer or your IP address. The bad news can be pretty bad though so let’s look into this a bit further.
If spam emails are going out from your email address, the address has either been spoofed or hijacked. Either way, the spam isn’t going out from your computer, and probably not from the crooks computers either. It’s probably going out from an unknowing victim’s malware infected PC.
Spoofing an email address is essentially forging it. The criminal sends out mail with your email ‘from’ address, even though they have no access to your account.
There is really no solution as such to spoofing. Fortunately, for their own reasons, cybercrooks tend to change spoofed addresses frequently and the annoyance will soon disappear.
Hijacking is worse. In this case, the criminal takes control of your account. They can read your email, and they can target people you know with their spam. Let can also lock you out of your own account.
There are steps you can take if you believe your email account has been hijacked:
As soon as you discover that your address is spamming people, try to change your password, immediately. If you succeed, you have fixed the problem.
If your mail service rejects your password, the problem is serious. The hijacker has already changed the password and now controls your account.
If you’re still connected and can receive mail, try to login on another computer or using your browser’s private mode. When the login fails, try the service’s “Forgot your password” or “Need help” link. The service will email you a new password or reset link. Hopefully, you will get it before the bad guy.
If that fails you will have to contact the mail service provider and discuss the problem.
If you have been using the same password for other sites and services, be sure to change them all right away.
Once you have everything back under control, consider emailing apologies to anyone in your address list who may have received spam apparently coming from you.
To give yourself the best chance of this not happening to you again you can:
Use strong, long passwords that people can’t guess.
Use different passwords for different services, and keep track of them with a password manager.
Set up 2-step verification for your service. You should find instructions on the service’s setup or options screen.
Never email your password to anyone.
Never click on links in emails without checking the actual destination link by hovering over the link – the actual destination will display in the bottom bar of your window. Have a policy of generally not clicking on email links unless you are 100% they are legitimate.
Ensure your Antivirus protection is up to date and enabled.
The Domain Name Game. How to choose one for your business, and what to do if the one you want is taken (or expensive). What’s In a Name? You have a name for your business – you love your name and your customers know it, or maybe this is a new business that you have...
As a .co.uk domain owner, you may have recently received an email from the UK Official Domain Registry - Nominet about a .uk domain. When the .uk extension (or TLD - Top Level Domain) was released it was automatically reserved for 5 years for .co.uk site owners who...
The Difference Between a Facebook Boosted Post and a Facebook Ad I have a series of blog posts planned about questions I am asked nearly every day and have been saving up the content for this new website, but which to publish first? Well, there’s one that...
Photo by Christin Hume on Unsplash I am embarking on a series of articles about the technology, companies and organisations I partner with. Each technology in this series has been tried and tested by me and selected from its sector to work with more closely. This...