For a long period of time, I was receiving spam emails from one of my friends. Of course, I was positive that she wasn’t really sending them, so I have decided to discuss this with her and see if I could help stop the spam emails from being sent to me (and to her other contacts).
First off, we have to clear things up. You are here because you have discovered that some people are receiving emails from you (your email address) and you know that you have never sent them those emails. Those could be your friends, your contacts, or people you’ve never knew. This is a problem that may have different causes. Some of the causes you have control over and could be fixed, but others you don’t. However, whatever that cause was, you should act immediately to prevent further damage because it is possible that your email account has been compromised and you could also lose your account.
Basically there are two main reasons why people could receive emails from your email address that you have really never sent.
By forging the “From” field of an email.
It is possible to send emails with a “From” field containing an email address that the sender really have no access to. In such a case, your account or password has not been stolen or compromised. You don’t really have control over this. The sender in the major cases is really a virus and automated bots that have harvested email addresses and used them in the From field to send spam emails to others. This doesn’t mean that your computer is infected with a virus, the sender computer could just be anywhere. Email companies have established methods to fight such type of emails and some of them warn the receiver that the source of such an email may have not come from the source that it claims.
Your account has been compromised.
This means that somebody has access to your account, it could be individuals or even automated bots which have stolen your password and are now using your account to send emails to others especially your contacts. In such a case you might even see those emails in the “Sent” mailbox, but not necessarily. Let’s list the possibilities of who could have access or stolen your password someway or another:
- Someone has access to your computer and you happen to associate access to your account automatically (without the need to enter a password).
- Somebody has access to your computer, and have stolen your password using keylogger software. Similarly if you access your account at an Internet café, someone might steal your password the same way.
- Spyware programs, whether on your computer or at an Internet café can also steal your password and other information.
- Of course it could be that someone just guessed your password.
- There are also other reasons like stealing your password with spoofing the identify of your email provider (through a web page linked in an email); you unknowingly gave them your password by thinking that you’re accessing your account or so.
In any of these situations, what you have to do is pretty similar, and changing your password is not enough. The reason for that is those who gained access to your account also have access to your “secret question” and other credentials that are used to recover email accounts. They can also change your “alternate account” and even the mobile phone number (if the email service provides such type of methodology to recover accounts).
So, what you have to do is the following:
- Change your password of your email account, and make it hard to guess. Have a password of at least 8 characters and use special characters to make the password harder to crack.
- Change your “Secret Question” and its answer.
- Check the alternate email address if it has been changed, if so restore it to the correct address (if you still have access to that other account).
- Check the stored mobile phone number to see if it is yours and update it accordingly.
Take the following cautions into consideration:
- Avoid accessing your email account at an Internet café, even if you trust them that they might not intentionally install keylogger programs to steal passwords, they might have spyware programs that are installed on their computers without their knowledge.
- Install on your computer good Anti-spyware and Antivirus programs, I recommend Avira.
- Make sure that no one can access your account at your computer.
- Be ware of phishing emails and don’t follow the links provided in it.
If you do all that and some people are still receiving spam emails from your email address, then the problem is probably that computer bots are sending emails with a forged “From” field. In such a case, there is nothing that you can do further. But at least you may have solved the most important cause that you should handle. And you might actually were having the 2 problems, well in such a case you solved one and saved your account!