Is your email address sending spam email?
If your email recipients complain of having received spam messages from your email address, it is most likely caused because your email account has been compromised or spoofed. Similarly, if your inbox is being filled with bounce back messages from emails you do not remember sending, your account has been compromised or your address is being spoofed. Most spam messages, which have been sent or look to have been sent from your address, will generally bounce back to your actual email account due to not finding any recipient, thus filling your inbox.
Unfortunately, there is currently no perfect solution to prevent the propagation of spam and no way of preventing spammers from spoofing your email address when sending their spam, however you can follow our tips below to increase your security.
Email address being spoofed
The most common type of hacker email activity is called email Spoofing.
Email spoofing is when an email's identifying fields, such as the From, Return-Path and Reply-To addresses are modified to appear to be from someone other than the actual sender. This technique can be used for legitimate reasons, however is popular among spammers. By spoofing legitimate addresses, a spammer increases their chances of a victim opening a spam email and clicking on their malicious links. If a spammer sends out emails and spoofs your email address, any spam emails which are rejected by a recipient server may bounce back to your email address.
How did they get hold of my email address?
- They may have purchased your email address from a list of email addresses used by other spammers;
- A trojan or virus may be currently operating on your computer. Such a device generally operates without your knowledge accessing email address books or collecting key stroke data.
The best method to prevent your email address from being spoofed is to keep your email addresses private and off of message boards and websites where it can be easily picked up and placed into a spam list. Setting up an SPF record will also help prevent malicious users from spoofing your address.
Unfortunately, if your email address has already been spoofed, there is no simple immediate method to prevent the bounce backs from arriving into your inbox. Typically you need to wait for the recipient servers to realise they are being sent spam and to stop bouncing the emails to your legitimate email address.
Email account compromised
If your email account has been compromised, it means a spammer has obtained your email account username and password and is sending spam using your credentials. You should change your email password immediately to cut off their access and take steps to ensure your computers are secure.
- Read our article on password security
- Change your email address password
- Scan your computers for malware and viruses
Once your passwords are updated and computers secure, all spam emails will cease being sent. If you've taken these steps due to receiving spam bounce back emails, these bounce backs will not stop arriving immediately. This is because the bounce backs are returning from emails which were sent prior to you updating your passwords.
The spam emails will cease bouncing back to your address within 24 hours. In the mean time, you may setup a temporary filter within your email software to automatically trash these bounce back emails to prevent them from bothering you.
Ideally you should also have an anti-virus program installed on your computer and upgrade it every time updates are available.