?
Solved

Someone is using my email address to send emails to my contacts!

Posted on 2016-09-07
6
Medium Priority
?
114 Views
Last Modified: 2016-09-09
Someone is sending spam emails to my contacts using my email account. I don't know how he does it. I know that this is happening because a lot of Message Delivery Failure emails are finding their way to my inbox with me as the sender.

What should I do to stop this? Should I disable my email temporarily?
0
Comment
Question by:Anton Tajanlangit
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 35

Accepted Solution

by:
Terry Woods earned 2000 total points
ID: 41789012
Changing your email account password would be the best first step.

Secondly, consider whether a computer or device you've used to access your email might have been compromised. Is your computer up to date with security patches and antivirus software?
1
 
LVL 19

Expert Comment

by:Mal Osborne
ID: 41789019
Sounds like someone is "spoofing" your address, just specifying it as the sender. Nothing you can do to prevent that, however, if you ensure that correct SPF records are set up on your DNS server, it will make you a less attractive target, and this will probably not happen again.

More here:

https://en.wikipedia.org/wiki/Sender_Policy_Framework
2
 
LVL 35

Expert Comment

by:Terry Woods
ID: 41789023
If emails are using both your address as the sender, plus people you're familiar with as recipients (as you seemed to indicate in your question), then it seems unlikely to just be spoofing; it says to me that someone's contacts have been compromised, though not necessarily yours.

@Malmensa is correct though that emails can appear to bounce back to you even when they weren't sent from your account.

It may be the case that someone who shares similar contacts with you has been compromised instead. If you have a number of different bounce message involving different people you know, then consider whether the selection of contacts included might also be included in a friend or colleagues contacts. If so, it might be them that's compromised (and your address being spoofed to send scam/spam email to others). If the contents of the bounced emails look like a scam that friends/colleagues might fall for, then it might be worth warning them. Otherwise, it's just a matter of understanding whose contacts have been compromised and taking appropriate action.
2
Percona Live Europe 2017 | Sep 25 - 27, 2017

The Percona Live Open Source Database Conference Europe 2017 is the premier event for the diverse and active European open source database community, as well as businesses that develop and use open source database software.

 

Author Comment

by:Anton Tajanlangit
ID: 41789543
What I remember now is that I received a scam email the other day asking money from me for a medical emergency. It seemed to come from an aunt of mine, which I know wasn't at all possible because that particular aunt of mine is wealthy and doesn't need to ask money from anyone.

So just for fun, I replied to the message anyway, and to confuse the sender I wrote it in my mother tongue instead of in English, the way I should be talking to my aunt.

The next day Message Delivery Failures started to flood my inbox. I'm worried about those sent away that succeeded—there should have been hundreds, if not thousands!

And by the way, the email addresses that came "back" to me were unfamiliar to me. But how do I know that this scammer didn't have access to my contacts? He did it to me with my aunt's email address!
0
 
LVL 21

Expert Comment

by:CompProbSolv
ID: 41789890
If the account has been compromised, I'd expect to see the bogus outgoing mail messages to appear in the Sent Mail folder.  Depending on whether POP is being used (as opposed to something that syncs such as IMAP or Exchange) it may only appear on the Sent Mail folder on the server (visible through the web interface).

If nothing appears in either Sent Mail folder (local or server), then I would agree that someone is spoofing your address.

In any case, it would be a reasonable thing to change your password as suggested above.
0
 

Author Closing Comment

by:Anton Tajanlangit
ID: 41791602
Problem solved.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A look at what happened in the Verizon cloud breach.
We aren’t perfect, just like everyone else.  Check out the email errors our community caught and learn the top errors every email marketer should avoid.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses
Course of the Month11 days, 11 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question