This has never happened to me before. I received an email from a friend but could tell it was not from him. The "reply to" address is his. I emailed him back asking if he sent it and I actually received a response but it wasn't from him either.
He has a gmail account. He just told me his password had changed and not by him...his account was remotely hacked.
We changed his password and reset his recovery information. Anything else that we should do?