Someone’s sending email that looks like it’s from me to my contacts, what can I do?

If your contacts are getting email from you that you didn't send, then it's very likely that your email account has been compromised.

//
Hi,somebody is sending emails to my contacts using my email address to which I haven’t sent. How can this be? Have I been hacked into? I do have full internet security avg 9, could you please let me know what action to take if any as I find this quite worrying! I have changed my password so far, but that is all.

You should be worried.

I’m not sure that I’d say you’ve been “hacked into”, but my guess is that your email account has indeed been compromised.

I’ll look at what likely happened, why this isn’t like other “Someone’s sending from my email address!” kind of issues, and what steps you need to take next.

The big clue here is that email is being sent from you to contacts in your address book.


Most email programs now carefully protect against unauthorized address book access.
In the “old days”, that typically meant that your computer had acquired a virus, and that virus was in turn accessing your PC’s email program and systematically sending email to everyone in your contact list or address book.

While that’s still a possibility – and you should absolutely make sure that your anti-malware tools are running and up to date – it’s not nearly as common as it once was. Most email programs now carefully protect against unauthorized address book access.

What more likely occurred is that your email account has been compromised – meaning that you probably have an on-line email account, free or otherwise, that someone has gained access too. By virtue of doing so they now have access not only to your email, but to your address book as well. It’s all too common these days to hear of folks whose accounts have been compromised only to have all their friends get inundated with spam, threats, malicious emails or messages that try to impersonate you and scam your contacts out of money.

How this happened is difficult to say. It could be anything from a weak password that’s easy to guess, to your account credentials being sniffed in an open WiFi hotspot, to your simply having shared the account information with someone you should not have.

For all we know, it could also be a roommate walking up to your computer when you’re not using it and sending messages right then and there.

(And for the record, last year there was a partial account compromise at one of the larger free email services – account credentials were stolen without the users having done anything wrong. Same result.)

I’ve talked before about email that appears to come from you, but in fact does not. This is different. Specifically:

  • Spam email is sent to random people you don’t know, “spoofing” the From: address to make it look like it comes from you when it does not. There is almost nothing that can be done about this.
  • Email from stolen accounts is sent to people in your address book, and is not spoofed at all – it really is coming from your account. It’s just not you sending it.

Changing your password is not enough.

Not even close.

As I’ve discussed before, changing your password is important, but it’s not nearly enough. You also need to change any and all security related information associated with the stolen account. Why? Because the thief has access to all that too, and he can use that information to steal your account again. And again. And again.

The article Is changing my password enough? details the additional steps you must take if your account has been compromised.

There are 105 comments:

  1. Mark Jacobs Reply

    And if it is a virus, switching your email client might help.Like from outlooke express to thuneerbird. For example if a virus hijacks your Outlook express account and sends out spam and/or viruses to your contacts list. If this is the case simple switching to another email account won’t work, you need to uninstall it or the virus will continue to exploit it in the background. Also, I’m not really sure if you can actually deinstall outlook express since as long as the address book is still there the viruses can still exploit it. You might have to export the address list to t-bird and delete all of your outlook express addresses manually.

    PS don’t use your real mother’s maiden name or first pet etc. use a word as difficult to guess as your password and keep a copy safely hidden.

  2. Digital Artist Reply

    I get spam almost daily from “myself”. At least the “from” tag is that part of my email address that precedes the @. Not a problem, in fact it seems self-defeating to fake the source as the same as the destination.

  3. Mike Noonan Reply

    I too was “hacked” in my Yahoo account. Another user e-mail address was added and my password was changed. It happened at 8:45 PM (I received confirmation msgs from Yahoo) and fortunately I caught it early the next morning.

    Using Yahoo’s secret responses to security questions I was able to regain my account and change the password.

    However, my home computer address book was Not hacked but it was my Yahoo address book that was used (I haven’t used it for years and forgot about it). I emptied my Yahoo address book.

    I POP3 my mail to my computer (I don’t believe in leaving any of my data in the cloud). So far my spam count has not risen but …

    Hope this helps. rgds, Mike

  4. Carol Duchesne Reply

    My yahoo e-mail was hacked several months ago. When I contacted yahoo, they were no help at all. An e-mail was sent out to everyone in my address book about some fantastic sale. I’m sure the link in the e-mail contained a virus. Luckily, a copy went to my computer literate brother, who immediately recognized that I would never send out such a sloppy e-mail with poor grammar and misspelled words. I was able to contact everyone and alert them not to open the e-mail within minutes of the time it went out. My address book had disappeared, so I typed a hard copy into a word processing program, and when I send e-mails, I simply copy and post the addresses into the e-mail. It happened once again recently, but the only address in my address book was one for Bit Defender which is an anti-virus program. I have other e-mail accounts I use for important correspondence. They do not contain any address books.

  5. Joao Reply

    Leo,

    I think the email account does not need to be compromised for this to happen… but correct me if I am wrong:

    1st, many people still keep sending emails to loads of people in CC rather than using BCC. That makes those emails easy picking and ripe for the harvest by bots… and they will be added, alongside yours, to spam lists, etc.

    2nd, spammers these days have ways (a simple script can do this I think you mention it and it’s called spoofing) to have any email inserted in the sent from… and sent to anyone they want, including all those found in not only spammers’ lists but also those harvested from your CC fields. The familiar, recognizable email address on the sent from will make your friends trust the email… and get their machines compromised.

    I have received emails from myself ~: with spam…

    My email accounts have not been hacked into. It’s a gamble… if your email has been around long enough, chances are, it will fall in the hands of spammers, even if you take all precautions, because many of your friends may not and will still expose your email on that CC field…

    Maybe the best option (and I do not use it because still could not find something I like) is one of those automatic replies, that requires a one time confirmation — proof that a human, not a bot, is on the other side of the line…

    Know of any free PHO or CGI script that does this Leo?

    What can also be done is create a “key” that tells your friends the email really is from you, for example, inserting in the subject line, before anything else, a signature of sorts… ex., {JaySafe2read}

    Thanks for your time and all the wonderful work you do here.

    Joao

    The focus of this article is specifically when people can see that it’s recipients in their address book that are being spammed. That’s happening a lot. Yes, it’s trivial for spammers to spoof a From: address, but those emails are typically random and not a blast to your entire address book at once. That’s this article, by the way: Someone’s sending from my email address! How do I stop them?!

    I understand the appeal of challenge/response systems as they’re known, but I hate them. They make the sender of an email pay the price in time and inconvenience. Most of the time if I get such a challenge, I ignore it, as I’m sure many people do. You won’t get spam, but you also won’t get a lot of emails you want. Imagine having a newsletter of 100,000 subscribers and getting challenge response floods every time you send a newsletter. And that’s this article: What’s this confirmation request I got when I emailed someone?

    And for completeness, here’s my article on using BCC to reduce spam: How does using BCC help reduce spam?

    Leo
    06-Jan-2010

  6. Sandy Reply

    I have the same problem. Twice now I had e-mails sent to contacts from my address book. The first time I took the computer to the shop, installed malwarebytes antimalware and thought I waa safe. On Monday, 15.02.2010 it happened again. The computer shop says I need to contact Yahoo. I did contact them and all I received was an acknowledgement.
    How can I delete my Yahoo e-mail address?
    What else can I do?

    Thank you

    Sandy

  7. Vixster Reply

    My father, not very computer literate has just experienced this problem too. I have checked his sent box and the spam mails have not come from his account and he too has received a copy so it would appear that someone has managed to access his yahoo account, collected all his contact details and is now spamming the list and making it look like the mails are from him. I don’t think it is an issue of using CC rather than BCC because it has been sent to the entire address book. He hasn’t contacted Yahoo yet but surely it must be a problem at their end or are we saying that a spammer has managed to read his computer when he was logged on and then harvest the info? Is there anything he can do or will his contact list now get passed round the world of spammers? I’ll advise him to run a virus check, change his password and set up an additional email address to use in future and see how that works but any other advice would be welcome.

  8. josh Reply

    theres an email getting around at the moment (may 2010) with subject “huhu” and a link to this address [email address removed] clicking on that address from within your hotmail client results in the same email you received (and clicked on the link contained therein) being sent to everybody in your address book. i would love to know how this works? is my password compromised? is it a security hole in hotmail only?

  9. gordon Reply

    This got sent to about 59 people in my add book or from a forwarded e mail
    look?Beautiful China’s online store
    I recommend to you a very good shopping site >.
    The quality of product is had better, the service is perfect,
    and price is had better, the speed of the deliver is very fast.
    There are own warehouse and store,
    there is customer in the whole world, receive customer very high praise.
    MSN: [email removed]

  10. Desmo Reply

    Somehow recently my Hotmail account has sent out links with ads to everyone on my Contact List. It sent the messages out in pairs as well and there was no subject in the Subject line. I had even chnaged my PW since the last time it happened. Last time it did it at 2am when my PC was shut down. This time i was online and noticed the messages and once I sent out a legit message the SPAM stopped sending messages to the remaining folks on my list. It has been sending them in pairs in alpha order. I run and scan with MS Security and McAfee and my PC is clean.
    I do run Messenger all the time but only to notify me if I have email.
    I wonder if that is the issue?

    I do get lots of incoming SPAM on Hotmail and wonder if i get caught there when opening something although Hotmail doesn’t seem to do a good job screening.

    Please re-read the article you just commented on. Seems clear to me, as I said there: “my guess is that your email account has indeed been compromised.” – You need to change your password and more.

    Leo
    05-Jun-2010

  11. Desmo Reply

    Curious my PW is comprimised when I never enter it. I use Messenger (click to auto login in to Hotmail) and it saves it encrypted. I also changed it since the last time this happened (just in case).
    This time i noticed it stopped once I sent a legit message out so that must have stopped the script from running through all my Contacts (and it send the SPAM in pairs of contact in alph order. I deleted my Contact list just in case.

  12. Helen B Reply

    This has happened twice. I’ve changed my password and added malware. I am hearing from a lot of people that this happened to them from the came canadian pharmacy (who knows if it’s really a pharmacy). Is there any agency that traces this kind of stuff. Everyone in my contact list got it.

  13. Roger F Reply

    This is happening to me too. I thought it was a virus on my particular PC and ran all the anti malware programs I could find. I eventually reformatted my hard drive and lost a few $1000 of software attempting to eliminate the virus–no luck. It still mailed ads for viagra and porn to all my contacts. I changed the name and extension of my windows address book, then noticed it was going after my contacts in my Yahoo email. I went through all my contacts and copied each email address into the ‘notes’ window (changing the ‘@’ character to ‘(AT)’) then replaced the email address with a dummy ‘raf@novirus.com’. Now whenever the attacker tries to send the email, I get a ‘failure to deliver’ notification. In this way I’ve been able to determine that the virus is not on my personal PC. I have left that off and/or unplugged from the network where I work. Instead, I have been using other computers. But I still receive ‘failure to deliver’ notifications now and then. Perhaps these are test to see if my contacts have changed back to real addresses. The only problem with this approach is the name field is not shown in the notification, so I have no way of tracking who is being targeted. I could go back and re-edit my contacts to ‘name’@novirus.com since the domain itself is false (I hope) but that is a lot of work I don’t really have time for. This thing has cost me way too much time and money already.

    I’m left wondering why you have gone through all this. As pointed out in the article, someone has access to your account – so change your password and all other personal information to lock the hacker out.

    Leo
    19-Jun-2010

  14. Becky W. Reply

    My 10+ year old hotmail account received an email from someone I knew better a few years back- no subject, just a url in the text and a couple of attachments. I thought I didnt open it but maybe I did…because I remembered it when I started getting input from folks on my address list that they were getting the same thing.

    I cleared most of my contacts, but it seems the damage has already been done, and I keep seeing some postmaster failures for a couple of address list connections, so it seems to be methodically running periodically- sending to about 5 addresses at a time.

    OK-It sounds like I have to give up my account and start fresh. Do I need to tell everyone in my address book to do the same? That would go over well…no chance I could send them a link to a fixityourselfshop? And if I start a fresh Hotmail account, this virus wont jump to that email account?

  15. mollie clark Reply

    someone from yahoo instant message keeps sending things everytime i get on yahoo to people in a foriegn langauge to people on my list how do i stop it i tryed changing my name my password its not working people are getting mad with me i m not not sending the file how can i stop this

  16. Merlin Reply

    This is about the comment from Josh. I have also come across this “huhu” virus in hotmail, and using google with various search terms it looks like THIS article is the only reference to this bug. How can this “huhu” virus be removed?

  17. Mindy Reply

    Becky W. I know exactly what your talking about, my hotmail account is like… 5 years old and im getting postmaster failures every milisecond! its pissing me off! I want to kill it! I havn’t touched any type of stupid advertisment or anything like that, so it can just die >.

  18. Sam C. Reply

    I sent an email to all my contacts telling them I’ve been hacked, and to not open anything that purports to come from me if it says “No Subject.” Instead, delete it as soon as they see it. Every time I send an email, it has a subject title, and since all my contacts know what I’m about, they will recognize most if not all subjects as coming from me. “No Subject” will not come from me. This will not stop the spam, but it may help protect my contacts from opening something that contains a virus, and in any event, will keep them from wasting their time.

  19. Ken Reply

    {url removed} is using my e-mail address to all my contacts. what can I do???? Please help.
    Thanks
    Ken

    Sounds like spam, as described in the article above.

    Leo
    01-Nov-2010

  20. Bluz Reply

    So Ken, I too have the pill company e-mail referenced in the questions above. But one thing I was unclear about. The e-mails appear to be coming from my account and going to my contact list. However, there’s no record of the e-mails going out as “sent.” Does this mean that the “hacker” has compromised the account, or is there something different at work here?

    You’re likely hacked. Some spammers are savvy enough to remove the messages from the Sent Folder. If it’s going to yout contacts it’s likely related to your account. Assume it’s hacked.

    Leo
    04-Nov-2010

  21. Eli Fatz Reply

    I have been hacked twice, both times while I was using Outlook 2003 and then Outlook 2007. They used my address book to do mailings to all my contacts, all pointing to a Chinese Website selling iPhones and iPods, etc., with the subject heading selling Cheap Computers, iPhones iPods, etc. This happened AFTER I purchased something on eBay from a Chinese seller and I got hacked by their email! I removed Outlook 2003 and never got hacked again until I installed Outlook 2007. Coincidence? Seriously doubt it! So far I see no cures or fixes and Microsoft denies it even being real. It most certainly has to be my fault! The real fix is NOT using Microsoft Out 2007, 2003 and having the address book stored on your computer.

  22. Robert visciglia Reply

    How do I cure being hacked by the pill company? Do I need a new email account?

    Perhaps, but it depends on how you’ve been “hacked”, and who you mean by “the pill company”.

    Leo
    05-Nov-2010

  23. angel fox Reply

    Millions of people are being hacked into through hotmail, including me. they are sending emails from me to my contact list. Why is hotmail acting like its our fault and there is nothing we can do? seriously? You know you can prevent this. Please do it.

  24. Earl Albin Reply

    Someone hacked my Yahoo account. The,”Benificiary,” in this case are illegal prescription companies pretending to be in Canada (likely sugar pills). Anway by what method would the virus get the password?

    It’s typically not a virus at all, but rather a hacker guessing or gaining access to your password somehow.

    Leo
    12-Nov-2010

  25. Tracey Reply

    Hi drugoutletmeds is sending all my contacts emails with attachments i then get postmaster sending failed reports to me (100s per day) but a friend called me today to say they are actually getting through. how do i stop these emails being sent??

    Please read this article which discusses your recovery options for the various ways that Hotmail accounts can be lost or compromised: What are my Lost Hotmail Account and Password Recovery Options?

    Leo
    12-Nov-2010

  26. David Ascher Reply

    This is a wonderful article that basically says there is nothing you can do to protect your email account from being compromised other than not use easy to guess passwords.

    This is not at all true. I have email accounts with several providers and only those hosted by mail.com have ever been hacked – and multiple times in the past few months. My wife also uses multiple email accounts and a different personal computer – Only her account with mail.com has been compromised.

    Imagine, if you will, a “virus” so clever and devious that it is undetectable by any virus scanner currently available. Further imagine that this clever virus is happy to restrict its attack to only one of the 12 different email providers that it finds on your personal computer.

    It seems to me your best bet is to move to a different email provider. gmail.com seems to be the most sophisticated of the providers I’ve dealt with in terms of security – and given google’s reputation, I’d expect them to be more serious about security than any other general email provider.

    AND gmail service is free and offers much more capabilities than almost any other email provider – still for free.

  27. vikki Reply

    I need help stopping people from using my account to send emails from my e mail address.
    All I saw on this page was yes they are doing it.
    I need help to resolve the issue!

    Actually the last line of the article tells you exactly what you need to do.

    Leo
    01-Dec-2010

  28. Tammy Reply

    There are e-mails being sent to my contacts that look like I sent. That is bad enough but what makes it worse is that it says I made money on-line and includes a links for my contacts to click on. This has happened twice with-in 4 days.

  29. bettina Reply

    I can’t open my email because someone has hacked into my account and is sendig emails to my contacts and who nows who else is getting them and what they’re sending . I need to know how I can get my email account back and open my emails !

    This article discusses recovery options for the various ways that Hotmail accounts can be lost or compromised: What are my Lost Hotmail Account and Password Recovery Options?

    Leo
    08-Dec-2010

  30. Scott Reply

    I have had my email ‘hacked’ and emails sent to my contacts. I got pretty annoyed by this and decided to close my account. Even after I closed my account emails were still being sent to my contacts with my email address, that I closed, as the sender.

    One of the reasons that I advise against spending a lot of time trying to “close” an account is that a hacker who’s setup the right information in the account can frequently reopen it almost instantly. Best to simply tell all your contats that you’ve been hacked and move on to a new account.

    Leo
    15-Dec-2010

  31. cher Reply

    Does deleting contacts from your account help or is the whole thing gonna keep happening because its “hacked”?…. my teacher was sent viagra emails with my address. :(…. funny but embarrassing

    typically once it’s hacked the damage is done.

    Leo
    19-Dec-2010

  32. John Neeting Reply

    One easy way to tell ALL your contacts how to tell if an e-mail is really from you is this …..
    When e-mail accounts are compromised, that’s just what IS compromised. What you actually write can’t be predicted so just send an e-mail to all your contacts telling them that legitimate e-mails from YOU can be identified by a word or phrase at the end of the actual e-mail.. eg:’yowzer-yowzer’
    Spammers may have everyone’s e-mail and may even attempt to send spy bots for looting but they cannot predict what key word or phrase you have to enter in all messages to tell the recipient that the e-mail is valid. If you get an e-mail from a friend that does not have this agreed word at the end of the message, you can investigate further or scrap it.

  33. patrice Reply

    Someone is sending spam Ads on my email page. Is there any way I can find out who is sending this, can I backlog and find out their email somehow?

    I think they may have downloaded this Java network as a virus, so now Ads can be posted freely on my email.

  34. DRIEL Reply

    Is it possible this happened to me through hotmail as I have added it to my Verizon Android phone? I am not certain but am curious as to whether that is how I was compromised? Any ideas would be welcomed. I have deleted the email accounts from my phone and changed all my email passwords as well as deleted my contact lists. Should this be enough? Thanks in advance.

    This newer article details not only the steps you should take, but takes a few guesses as to how it might have happened: Why am I getting (or sending) emails that contain only a link or spam from my contacts?

    Leo
    24-Mar-2011

  35. Linda Reply

    spam was being sent to all of my contacts so I deleted ALL contacts…yet when I start a NEW email and type the first letter of the TO:address a huge list of address’s that I don’t recognise pop up to pick from! Any way to help me?

  36. Rick Harrison Reply

    This is an informative and well written letter explaining this common problem. However, you should at least mention that adding an SPF record will help this problem considerably. Even though most of your readers may not be technical enough to do this themselves, it is something that I believe many email hosts can/do provide.

  37. jane hailey Reply

    have been hacked My mother who is 86 thinks I’m sending dirty stuff !!!

  38. sharon Reply

    I don’t want to join a club!!!!! I want to know how do I stop my hotmail account from sending things like to my friends ” Have only powerful erection” This is coming from my hotmail account and people are wondering about me. I have told people that it is not from me, however, I have another account and WE are still getting these emails, that look like they are from me. Ever a Minister has contacted me and asked if I would stop sending these types of emails. I can’t I am not sending this MESS.
    I need help I don’t need to comment to join a club of people who have been hacked, I need answers!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

    This article discusses recovery options for the various ways that Hotmail accounts can be lost or compromised: What are my Lost Hotmail Account and Password Recovery Options?

    Leo
    18-Jul-2011

  39. Miss Molly Reply

    As everyone else here, I too am having problems with my yahoo account. I’m sending single links to myself, contacts, and apparently to many other email addresses that I don’t recognize, judging my sent folder. Considering I’m using dial up internet, and I had trouble loading every page of posts here, so forgive me if I repeat the same type of info that someone else already has. (I did read a few pages, please don’t delete me Leo! ).

    When going in to change my password, secret question and security seal, I noticed that there is a place in yahoo accounts that allows you to see your login history. I looked at mine, and OMG! Here’s a little bit of what I saw:
    Jul 19, 2011 2:00 PM Yahoo! Mobile Logged In Poland
    Jul 19, 2011 4:47 PM Y! Messenger Authentication Logged In US
    #Today# 3:17 AM Yahoo! Mobile Logged In Bulgaria
    #Today# 11:23 AM Browser Mail Access AL, US
    The later info being really me, and yes I had problems signing in today, it suggested I change my password. I do not use yahoo messenger. And I don’t use my cell phone to check my email. I do, however, send pictures to my email via cell phone..not sure if that matters or not. The login history also shows that the people who are logging in with their cell phone lives in other countries, although when I traced the spam’s IP, it came back to California. Figures…

    My account may not be saved, but maybe this info will help others narrow down possible reasons of how these people are taking our accounts!

  40. Mark J Reply

    @Miss Molly

    If you can login to your Yahoo account, I suggest you immediately change your password and security question(s). Also verify that the alternate email address belongs to you, if not, change that too.

  41. jessica Reply

    if i shut down my yahoo! account, will that solve the problem??

  42. Mark J Reply

    @Jessica
    If your Yahoo email account is sending out the spam, closing it would stop the spam in most cases. But if the hackers copied your address book and are spoofing your email address, then the spam could continue, but this is not a common occurrence.

  43. Matt Doyle Reply

    This is the message that has hitched onto my address book: “whats up this is the best thing that ever happened to me” followed by a spam link.

    I have completed multiple malware type scans, and they all say there is no problem. I removed my email address from my address book and it continued to send the messages to everyone else, but not me. I have emptied my address book, but obviously this is not convenient. Any suggestions?

  44. Wilmer Reply

    Hello, thanks for sharing your knowledge on the spam emails.
    I use hotmail service and I received several postmaster mails with the ‘delivery status notification (Failure)’ subject, all because of an email I didnt send, and some of those failure deliveries were contacts which are on my contact list. I went to the ‘sent’ folder and I found the spam email which I didnt send, and tried to see whom else that spam email was sent, but the ‘To’ field is empty, why is that?, and what do you recommend I should do?

    Thanks very much

    The “To:” line was probably empty because the person that hacked your account used BCC to send the spam. I recommend you follow the suggestions in the article you just commented on.

    Leo
    08-Aug-2011

  45. mario Reply

    Hi , somebody entered in my email account and is using it, my friends see me on line while I am not, I cannot enter it, does anyone have an emergency email in which I can tell them to block it?
    thanks
    appriciate Mario

  46. anthoula Reply

    over 20 emails were sent from my account at the same time. ” No Subject” and the threads are all different..
    they are all for a Canadian drug company selling Viagra. My virus protection is up to date…what do I do now close yahoo email? I am assuming that each email has some of the 235 names in my address book.
    What should I do now? I never open emails with No Subject, that is usually a clue.

    The article you just commented on addresses exactly this. You may not need to close it. You should change your password and every piece of information that could be used to perform password recovery on the account.

    Leo
    30-Aug-2011

  47. Connie Reply

    @anthoula
    Virus protection on your computer will be of no assistance in this case as it sounds like your Yahoo account has been hacked into. You should immediately sign into your account (if you still can) and change the password, contact phone, and all of your security questions. This time make your password very long, complicated and secure.

  48. Sharon Reply

    I am getting many emails that are intended for another person in my inbox and as junk mail. In turn my computer is randomly generating spam emails to people who are not in my address book but I have contact with. I have run a scan on computer which picked up virus but how do I get my email account differentiated from the other persons on hotmail. There seems to be no service contact.

    This article discusses recovery options for the various ways that Hotmail accounts can be lost or compromised: What are my Lost Hotmail Account and Password Recovery Options?

    Leo
    14-Sep-2011

  49. Ro1 Reply

    Hi, e-mails were sent to MY contacts seeming to have come from me. However nothing appeared in my Sent Items and there is no other proof that it came from other than my e-mail address in the From: address. I have a strong password, have NOT accessed my mail from a WiFi hotspot, or have given my password to anyone, or left my PC unattended. Please help.

    And yet, the article you just commented on covers this case. It’s most likely your account was hacked.

    Leo
    06-Oct-2011
  50. Leerock18 Reply

    I believe my account was just compromised. Is it possible for someone to send you an infected email, and than once you log into your account that email sends more emails to everyone in your contacts simultaneously? I’ve already changed my password and i am in the middle of a virus scan. Is it already too late for my contacts? is there any way i could have prevented this? The email that was sent to me was not opened or linked to.

    Just recieving an infected mail will not do it – you’ll have to have opened an attachment, or responded to a phishing attempt, or placed malware on your machine some other way or used a WiFi hotspot insecurely or had an easy to guess password or…. there are clearly many ways that accounts can be compromised. Make sure to read the section “Changing your password is not enough.” above.

    Leo
    19-Oct-2011

  51. glad Reply

    I am one of those whose email account has been compromised- many of my contacts have received emails about viagra and nonsense emails – I have a free account with aol – according you, nothing can be done – is this a fact?

  52. Connie Reply

    @glad
    You certainly can, and should, make every attempt to gain control of your email account again through AOL. It’ll probably take some work! If you do recover the account read everything you can about protecting it… and do share your horror story with friends to save them the same grief.

  53. Jim Reply

    So to be clear – the horrendous problem is that once my email account is compromised and they have my contact list – its game over. They can just send emails to my contacts and craft their emails with a ‘from:’ value of my email address. No matter what i do; even if I obliterate my email account, let alone change my password – the horse has already bolted :-(

  54. Alamgir Ahmed Reply

    For God sake help me. I am sending this e-mail 2nd. time (on Saturday, October 15, 2011 4:46 PM). I am approx. 15 years old user of hotmail account. My account has been hacked, resultantly i can’t sign-in due to inncorrect password.

    I am sending my e-mail (as previous / first e-mail to hotmail)

    Dear Sir/ Madam,

    My hot mail id has been hacked 2-3 days before, password has been changed {email removed}. Kindly help me on urgent basis, as I am user more than 15 years. The hacker (culprit of money fraud) has mailed me (in other hotmail account even yahoo account and definitely all id’s in my account). You can contact on my yahoo account ({email removed}). After hacking, I received the following e-mail for your immediate action.

    {rest of post removed}

  55. Connie Reply

    @Alamgir
    You need to learn about internet safety. It looks like you posted your emails and other sensitive information in a public forum. You are lucky that it has been removed from your post. You also don’t seem to understand that Ask Leo! is not Hotmail.

    Here are some good sources on this site to learn more about internet safety:
    How do I keep my computer safe on the internet?

  56. salma Reply

    hey jim. same thing with me. after i deleted my account my mom said she still got weird emails from me. is there absolutely nothing we can do now?

  57. Elle Reply

    I am having this issue with emails being sent from an email address that “Looks” like it is from me but is an account that was closed over 10 years ago and AOL confirms that It was closed? The first part does look like the current email I use but the @ is aol.com which I do NOT use?? Does this mean they somehow gained this information from a friends OLD list? or ? Frustrated!

    After that length of time I’d expect it’s simply random spam. Someone’s sending from my email address! How do I stop them?!

    Leo
    02-Dec-2011

  58. Piedad De la Maza Reply

    My hotmail account was blocked by them because someone has been sending a lot of junk messages from it. Hotmail needs my mobile phone number, which I have sent many times today, but becasue I am not in the US, I have not received a code. What can I do???

    This article discusses recovery options for the various ways that Hotmail accounts can be lost or compromised and I believe it applies here: What are my Lost Hotmail Account and Password Recovery Options?

    Leo
    06-Dec-2011

  59. Bill Dier Reply

    Leo, I read your comments about address book hacking and your text is like many of the other sites I’ve gone to. Long on talk, but short on solutions!! It appears that there are no real ‘experts’ on this subject, just a great deal of ‘talk’. I use Thunderbird that accepts email from AT&T/Yahoo. Rouge emails are sent from Russia, Israel, Czech Republic and Turkey. I finally opened the link. It’s to a Canadian pharmacy: Canadian Health & Care. I would like to see something more in-depth then what I read on your site.

  60. david Reply

    i have noticed that e-mails have gone to my contacts because i get mailer -default messeage back i have not sent them and no sign of me sending any

  61. MoreOff Reply

    Leo, I only read the first 5 comments on the web page before typing this comment in, but I hope this can help some of Your Readers.
    I use Thunderbird to get (and send) my AT&T/Yahoo! email using POP3 and SMTP.
    But I also use Mailwasher Free first to see what is being sent to my web mail In-Box before I will let Thunderbird get it on my computer.
    Mailwasher Free will highlight email from anyone as ‘SPAM’ in RED, if it hasn’t been told that the address is a ‘Friend’ (GREEN).
    Putting the mouse pointer on the Senders address lets me see the full email address so I can decide if the message is from someone I know or I don’t know.
    If the message is from someone I want to get mail from I can click the SPAM button on the left of the line to change it to ‘Friend’.
    Mailwasher Free has a function/option that IT can Remember the address is SPAM if it sees it again, but I don’t use that option.
    I will Log On to my web mail account and check the box on that messages line and then click the Spam button so AT&T/Yahoo! can know I consider it to be a Spam message, hoping that They (AT&T/Yahoo!) will send any more messages from That Address into Their Spam folder instead of to my In-box.
    Since I use Thunderbirds Address Book for my Contact List, all the Contacts I put in my AT&T/Yahoo! online Address Book are addresses like:
    abuse@att.net
    abuse@yahoo.com
    abuse@yahoo.cn
    Addresses that I know a Spammer would Love to send mail to. ;-)
    Also in Mailwasher Free, by clicking on the RED lined message the first 20 lines of the message can be read.
    I hope this was helpful to someone.

  62. steven rothenberg Reply

    Everything I read sounds like my situation EXCEPT that this behavior continued even after I deleted all the contacts from my account (after exporting them). It appears to be picking up e-mail addresses from my sent box or inbox. I have changed my password again and also changed security answers as suggested – we’ll see what happens.

    Once they have collected the email addresses out of your address book it’s too late. They’ve copied them elsewhere and can spam them however they like.

    Leo
    31-Jan-2012
  63. Aleslie Springer Reply

    Hi my e-mail been stop! how do get it back on?
    can some one please help me?.
    thank’s
    Aleslie springer

  64. Ricky Reply

    Hi Leo – one of the many tools spammers and hackers use are the emotional mails that say someones kid is missing, get money in 3 days, good luck mails etc which all have one common thread, yeah thats right, ” send this to 6 people in 10 minutes and see what happens”. Once you forward, a little program written into the mail steals your buddies addresses and spams them!! – so you are basically handing over your address book! – dont forward these mails and tell your mates not to send them to you. Since I did this I get so few mails I’m lonely, but I do not get viruses, worms etc and my friends don’t get mail not sent by me!!

  65. Deepak Reply

    Hi Leo,

    I m getting this issue in my gmail and hotmail accounts – Someone sent me an email with subject as “Re:8″ i didn’t open it. But after some time in my sent box this same mail was sent to many emails (which r not saved in contacts but recently used). Now this is happening on daily basis, automatically even without logging in. the content of this email is nothing but a 1 liner ad and a link.

    Pls suggest to stop this…

  66. connie Reply

    @Deepak
    That’s very odd to be happening in hotmail and gmail which are online services, or are you downloading them with a POP3 service? All the same it would be good to do a serious virus check on your computer. This article will help:
    How do I recover from a bad virus infection?

  67. Wendy Williams Reply

    e-mails have been sent from my account to people in my contact list. My e-mail account is through my cable isp and my contact list is in my Windows Mail program, not online. The sent e-mail does not show up in my sent files in Windows Mail. Since my contact list is only in Windows Mail, does this mean someone has accessed my computer (perhaps a firewall issue) rather than simply accessessing my e-mail account?

    Possibly. Or you have malware on your machine.

    Leo
    10-Mar-2012
  68. John Reply

    Hi Leo,
    A friend recently had money begging emails sent to her contacts, but ONLY the ones in a group that she always sends on the “send it all your friends” garbage. I think that one of those junk mails had a worm or whatever in it to pass that list to them (about 15 people).

  69. fayyaz Reply

    Hi! my website is hacked and is giving message “Ask Leo” . just want to know if you are involved in this hacking?
    thanx

    Nope. I’d never do such a thing.

    Leo
    05-Apr-2012

  70. Dani Reply

    This morning I checked my inbox on hotmail and I had lots of messages stating ‘delivery status failure’ from postmaster@hotmail.com and ‘mailer-daemon@yahoo.co.uk. Obviously I didn’t send any of these and I checked my sent folder which is empty.
    I’m doing a full scan on my pc using Kaspersky PURE right now to check for trojan/malware.
    I’ve deleted all my contacts in my contact list. I remembered I saved myself in my contact list so I received one of these ‘emails’ and I clicked on the header and it shows an I.P address would that I.P be the culprit?

    Do you think my pc has malware or is my email hacked or is a case of email spoofing.

    I’ve got 3 hours till my full scan of my pc is finished.

    Thanks for reading this.

  71. connie Reply

    @Dani,
    Unless you are downloading your Hotmail email to your computer, with a program such as Outlook, scanning your computer won’t help. Hotmail is an online service and the compromise has, likely, happened online.

    You need to change your password and all recovery information right away in your account, though it is possible that your email address has just been spoofed.

    This recent article from one of Leo’s Answercasts explains in more depth, and gives some relevant links at the bottom to help you out.

    My friend says I have a virus in my hotmail email, what should I do?

  72. Dani Reply

    I changed all my password and recovery info but I have ANOTHER hotmail account that has just sent over a hundred emails to strangers telling them that their world of warcraft account has been compromised. Both of my hotmail accounts have now been spoofed/hacked, should I just deactivate these accounts and go with a different email provider.
    The difference with this new attack is the emails are actually present in my sent folder does this mean this new attack is a hacker in my account. ugh this is annoying, both hotmail accounts have no connection with each other.

  73. char Reply

    my old email [removed]@hotmail.com is being hacked.. how can i get hotmail to delete it.. they changed everything

  74. Lisa Reply

    Someone has used my email address to set up an account on a porn website my profession has been used which is visible on my hotmail details..my husband thinks I’ve done this and I’m trying to prove its not me.an email password reminder was sent to my hotmail address but I did not request this..please help my marriage is at stake and I’m so scared.

    To the best of my knowledge, short of calling in the police there’s little that can be done. People can set up accounts using ANY email address they want. If the site is set up properly they won’t be able to access the account, because theywon’t get the confirmation or lost password emails. Unfortunately if they happen to use your email address by mistake or on purpose there’s nothing I know of that you can do – other than, as I said, perhaps calling in law enforcement of some sort, but my guess is that this is pretty low on their set of priorities if they even have the expertise.

    Leo
    17-Oct-2012
  75. Linda Reply

    Someone has sent a threatening email to one individual on my contacts. It is writen as though I wrote the letter, I did not. There is no way they could know my password. I want to know who this person is, I will prosecute!

  76. Emma Reply

    I am an 11 year old girl
    I dont enter competitions or give my password out
    But i think a website used my password for another website and changed it slightly to get this one
    There is an option to send it to another enail address
    So i sent it to my dad
    He noticed he was sent a random email
    From fox advertisement
    Or something along the lines of that
    Im scared!
    I dont want to have to get a new email
    The problem is:
    I have soooo many contacts
    I go on email mostly on my iPod
    Maybe this darn thing has a virus
    Ill have to keep checking this site
    To see if u get a reply
    Coz i cant access mu emails

  77. Brian Reply

    In my case I don’t think the spammer is using my account to send the spam. I don’t see any email in my send folder and if I read the headers correctly they are coming from an IP registered in Thailand. Each email goes to 9 of my contacts. Each email has a different link. The text of the email has hidden character strings before and after the link. The subject line contains my name. Some of the email don’t have a link, just some of the HTML – looks like the email was malformed and missing the link. Any thoughts on what’s happened or advice about what to do?

  78. Mark J Reply

    @Brian
    If the spammer isn’t using your account and is spamming your contacts spoofing your email as a return address, there is not much you can do, as the spammers already have your contact list.

  79. Kriselle Reply

    Someone has been sending emails under my name, but it’s an email that is NOT even mine! What do I do?

  80. Dave Reply

    I have the same issue everyone described, my entire address book used to send e-mails in my name. I do not know how it happened. I promptly changed all my passwords, ran a full scan with McAffee, and found nothing. The spamming seemed to all occur the first day, so eventually I went back to business as usual. But a couple of weeks later I made an online hotel reservation with my credit card. And on this month’s bill, there were a couple of fake credit card charges. I canceled the card, but now I am freaked out. I am a very infrequent credit card user (sometimes no charges for a month or two), and to have my card compromised after using it the following week on the same computer seems like way too much of a coincidence. I downloaded Malaware bytes and ran it, which came up clean. I activated Windows Defender and ran it, also clean. So counting McCaffee, three anti malware programs have passed on the machine. Not good.
    It is a dual boot Windows 7/Ubuntu machine. I assume it is the Windows side that is trouble, and have only been using Ubuntu for the moment. And I have temporarily stopped using my online banking and brokerage (after changing the passwords using my office PC). I am just about ready to reformat the thing and start over, a huge amount of work. Any suggestions? I know that theoretically my e-mail account and my credit card could have been stolen by different methods, but it is unlikley and I am not comfortable.
    Thanks for any comments

  81. Steve M Reply

    People from my contacts have been receiving emails from what appears to be me. My account activity doesn’t have any suspicious logins and there are not any of the emails in my sent folder. I’ve also received some failure to deliver emails. I’ve changed my password a couple of times created secondary verifications. Has my account been hacked or spoofed?

  82. Jack Danner Reply

    My AOL account was hijacked. I did the recommended changing of passwords, but the malware spam kept going out over my AOL address. So, I totally deleted AOL from all my computers. Family members and friends tell me they still are getting malware spam from me. How can I stop this?

    • Leo Reply

      You can’t. The spammers are faking the from address on their spam to make it look like it’s coming from you. There’s nothing you can do about that.

  83. Igor Reply

    Yesterday I was foolish enough to open a message as if from one of my contacts thru a famous social network (“You have a message from…”) – now all MY contacts received the same message :(. Should I send an e-mail with apologies? Is it acceptable? I don’t want people to think that I may have done that thing!

    • Mark Jacobs Reply

      Sending apologies might prevent someone from clicking on one of those rogue messages, so I’d send out an email to my contacts apologizing and warning them.

    • Mark Jacobs Reply

      Sending apologies might prevent someone from clicking on one of those rogue messages, so I’d send out an email to my contacts apologizing and warning them.

    • Leo Reply

      Personally I don’t think it’s necessary. It happens often enough that people more-or-less understand. But there’s also no harm in apologizing. In the mean time, make sure your account is secure.

  84. Ashley Reply

    I was having spam e-mail sent to my contacts on gmail. I went through the two-step security, deleted all of my information, and changed my password to a 17-character one that included uppercase letters, lowercase letters, symbols, and numbers, and the only place it is stored is on a piece of paper in my house. Yet within two months, my contacts are telling me that they are getting spam e-mails from me. If I can’t log into my gmail without my password and a unique, time-sensitive code, how are the thieves doing it??

    • Leo Reply

      They probably just grabbed a copy of your address book way-back-when, or use some other technique to determine who your contacts are, and are now spamming them from other email accounts. They could easily fake the “From:” address to look like it came from you, without needing access to your account at all.

  85. Larry Blong Reply

    I mistakenly sent about 23 of my contacts on a CC instead of a BCC and now this guy is sending emails to these 23 contacts of mine putting me down and sending them his stuff. What can I do about it?

    • Leo Reply

      Nothing that I’m aware of. He has their email addresses. Unless it falls into slander/libel (you’ll need to contact an attorney) I know of no options.

  86. Scott Reply

    Is there a way to trace the owner of a particular gmail e-mail address? I received an email with a piece of personal information in it. I suspect it is from someone who does not like me but I want to verify. I’ve tried tracing the ip address of the original sender in the header of the email but it only leads back to a Google address in California. Do you have any suggestions?

    • Leo Reply

      Nope. If there are legal issues involved you can involve the authorities, but this is not something that is made available to the public.

  87. James Reply

    I know this is an old thread, but I have just had an email that looks like it has been sent by me – to me! This is how it happened:

    – I sent an email to the user a month ago
    – in Outlook 2010 he found my message in his inbox, opened it, went to file, “resend/ recall”
    – it gave a warning saying you are not the original sender etc etc are you sure? – he clicked ok
    – then he appeared to be able to send an email back to me and to others that looks like it is from my email address?
    – I am using a google apps email with my own domain

    I don’t use Outlook, I just use the web gmail interface for the google apps domain my email runs on, but this seems absolutely crazy, as from the way he has done it, it would seem anyone who I have sent a message can do this and send people messages that appear to have come from me – what am I missing here, or how did this happen, as something is clearly not right, and in this case there is no account breach, etc it is as simple as described above

    Many thanks

    • Connie Delaney Reply

      I know what you mean. Spammers send me email all the time that looks like it is from me. Really creates a problem since I don’t want to blacklist myself!

Leave a reply:

Before commenting please:

  • Read the article. Seriously. You'd be shocked at how many people make comments that prove they didn't.
  • Comment only on the article. If you have a new, unrelated question start with the search box at the top of the page.
  • Don't post personal information. Email addresses, phone numbers and such will be removed.

VERY IMPORTANT: because of a rise in comment spam that's making it through our filters any comments that do not add to the discussion - typically off topic or content-free comments - run a very high risk of being flagged as spam and removed.

If you have a new question unrelated to the article above, ask it on the Ask Leo! ask-a-question page.