Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

My mail account has a virus, how do I get rid of it?

Question:

My MSN email account has a virus and I can't seem to get any help via MSN to get rid of it...this is why I feel that I must close it. Do you have suggestions for how I might get help with the infection and keep my account or should I do as you suggest and just stop using it?

I believe you're heading off in the wrong direction.

Yes, if you want to close your account then absolutely stop using it.

But the question actually shows a very common misunderstanding of what's probably really going on.

You see ... email accounts don't get viruses.

Become a Patron of Ask Leo! and go ad-free!

Email & Viruses

Email accounts do not get infected with viruses. They may carry viruses as payloads in email messages, but viruses to not affect the email account itself.

Viruses infect computers, not accounts.

I can hear a bunch of people immediately saying "well, then MSN / Hotmail / Windows Live has a virus on their computers!

It didn't take a virus to do this.

No.

While it's theoretically possible, it's so incredibly rare compared to other possibilities that it's honestly not worthy wasting a moment even thinking about. Besides, if they did they'd be all over it and would resolve it extremely rapidly.

So, then, where's the virus?

There probably isn't one.

Email & Hackers

Emails Hacked!You didn't indicate what leads you to believe that your email account has a virus, however if you're situation is like any of the hundreds of reports I see every week, it's very simple:

Someone is sending email from your account, probably to email addresses that are in the contact list or address book of that account.

That's no virus. That's a hack.

Someone has gained access to your email account and is sending email from it.

Someone guessed your password, or stole it somehow to login to your email account. They may not even have changed the password, which means you could be logging in normally while all this is happening unaware that there's a problem at all, until your friends start complaining.

It didn't take virus to do this.

It just took lax password security like an easy-to-guess password, or logging in to your email without using encryption at an open WiFi hotspot, perhaps trusting someone you shouldn't have, or ...

OK, there's one scenario where malware could be involved: you could have a key logger installed on your machine, or you used a machine (typically a public machine) that has a key logger installed.

Email "From" You, but Not

I want to be clear that there are a couple of scenarios where email comes "From" you when it's not really from you:

  1. "From:" Spoofing: The email address in the From field is faked to look like it comes from you, but it has not. In fact you had nothing at all to do with it. Unfortunately, since you had nothing to do with it, there's nothing you can do. Spammers have been using this technique for years.
  2. Account Hack: As described above, someone has actually gained access to your email account and is using it to send email. It looks like it's from you because it really is from your account. Again, no virus, just a simple case of an account being hacked into.

While as I said the first case has been going on for years, I've seen a significant increase in the number of people who's accounts are getting broken into.

What To Do

This is where it gets ugly.

If you still have access to the account, then rather than closing it you should immediately change your password and every other bit of information stored as part of the account that could be used as account password recovery information by the hackers. You must assume that the hackers will have read all of that and perhaps changed some of it and that they are prepared to perform an account recovery to re-hack your account at any time. More on this here: Is changing my password enough?

If you don't have access to your account then your options are seriously limited. For example, you need to have access to your account before you can close it, so you can't simply close it. You'd need to regain access, at which point you should do what I just suggested: change all the information in it.

Regaining access to the account is often difficult to impossible. The section on "Losing and Regaining Account Access" in What are my Lost Hotmail Account and Password Recovery Options? details what options you have.

If you can't regain access to your account, then I suggest you simply move on:

  • Create a new account
  • Use a strong password
  • Tell all your friends, business relationships and newsletter subscriptions your new email address
  • Think carefully about how your account could have been hacked, so that you don't let it happen again.

And, sure, an up-to-date anti-virus and anti-spyware scan of your own machine(s) wouldn't hurt.

In fact, refreshing yourself on how to stay safe on the internet might be a good idea as well.

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

38 comments on “My mail account has a virus, how do I get rid of it?”

  1. Leo:
    I use MSN Hotmail for my main email account (the one I used in this comment)I have found that over the past several months the Hot Mail system has become very slow and non responsive. I have complained to them and they have denied any problem but the system miraculously speeds up for a short time after each complaint, only to slow down again a few days later. I have recently downloaded Internet Explorer 9 Beta and I now find that the editing function in Hot Mail is messed up. Back spacing to correct a typo when composing an email causes the display to become unreadable until the correction is completed. Microsoft needs to get their act together fast, Yahoo, Google and AOl are all doing a much better job on handling web based email. thnaks for listening and for all the great advice.

    Ed Lieber

    Reply
  2. What do you expect? A Beta is a Beta. It is not meant for anything but test purposes. You should not even run it on your main computer unless it is in a VM. No problems you have can be blamed on Microsot. Did you read the EULA and release notes?
    There are many warnings to that effect.
    Read all Eula’s and notes, ALWAYS on all software.
    That goes for you people that download some file and end up with a bunch of crappy BHO’s and high-jacked home pages, etc. YOU allowed these things to happen by not paying attention.

    Reply
  3. Great response. I would like to add that the user should run a full virus scan of their computer using more then one security client to ensure that their own computer has not become a bot or is hacked. While the e-mail account may be the only account hacked your computer may also be infected and that is how they got your password in the first place.

    Reply
  4. As well as running a full virus check and also ensuring the firewall is working, I suggest that a security check such as “ShieldsUP!” should be included.

    Additionally, I run the ancient CHKLINKS daily whilst having breakfast. Although less necessary on later, faster computers, it can be helpful in ensuring that Broken Links are not accumulating.

    Reboot your ADSL/Broadband Router occasionally, say once a month.

    Take a good look at old emails accumulating in your account or on your PC. Get rid of the majority.

    Always run down and switch off “gracefully” – be patient and keep your fingers away from the On/Off Switch.

    In other words, there are several “housekeeping” tasks that the individual PC User can and should carry out, to keep the PC running smoothly and quickly.

    The individual PC User now has to undertake many of the “housekeeping” tasks that were carried out by the Computing Department, back in the good old days of main frames etc.

    Alex Dow

    Reply
  5. I would like to add a WARNING on here to this. 4 of us in the household use hotmail, or windows live. My mom gets an email that says windows live is having problems with spammers and fake accounts, and wants her to fill in her name, username, password and reply back via email. It ALMOST looks legit, until you hit reply. Suddenly it is redirected to a {removed by moderator}@hotmail.com. There is no way to report this to msn, hotmail, or windows live, so all I can do is spread the word-WATCH OUT. The other 3 of us did not get this same email-so we knew it was a hoax right away

    Reply
  6. Darrel Riffle
    The giveaway should have been “password”. What on earth does anyone but you need your password for? THINK! What do you need your password for? To log into your account. If you want any one else to log into your account, give ’em your password. Otherwise, never, never never give out your password.

    Reply
  7. I’m an administrator on several web site forums and I’ve always found it ironic that computer users don’t do any homework until after the fact (problem). Typical problem: “My computer has been clicking for about 2 months and now it won’t boot”
    Proactive trumps reactive every time. At least, do a little research! You would have found out that Hotmail is the most hacked e-mail service (and for that fact makes a great disposable e-mail address).
    Change your profile info every month or two with Hotmail and Yahoo mail. G-mail, not so often. Maybe every 3-4 months.

    Reply
  8. I was filling out for something on the computer and when I started to put my email address a completly different email came up for some one I didn’t know. What does this mean and what should I do?

    Reply
  9. @Dorleen
    Most browsers have an autocomplete feature that “guesses” what you want by giving a dropdown list of all of the email addresses you’ve previously typed in an email field that begin with those letters you’ve typed. If there is only one option on that list it may insert it directly in that field. In that case just keep typing and the options will disappear. This not only works for email addresses but many other fields, such as name, address etc.

    Reply
  10. Read the comments concerning mail account having a virus and I realize that email accounts do not get a virus but a computer does. My problem is a little different, no one has hacked into my email and sent things to my addresses. What has happened is that in my “Inbox” mail, sent mail, stored messages and some subfolders, all messages have been duplicated at least 2 times. Some messages have replicated 3 times. I have Windows XP on this computer, I don’t know what to do. I have deleted 200 emails from a total of 500 only weeks later to find they are back and replicated yet again to total 500 (just an example #). If anyone can help, I would appreciate it…. :)

    Reply
  11. Hi i having problems people sending my emails i must stop sending rubbish, but i dont know what they talking about because in the first place i neva sending them any messages whatsoever. What is the problem and how can i solve this problem

    Reply
  12. Hi, this has been going on for about two weeks actually, i can still log on my windows live Account but when i do i cant send any instant messages to anybody but i can recieve theirs. i cant even send emails to them they will never recieve them. they are also able to log in my msn while im logged in and it wont log me out. Ive tried resetting the password and change the security password. I dont know what to do, please help, what should i do? I dont want to close my account.

    Reply
  13. this annoying pedant could have answered the question in 3 bloody sentences and he knows it: “The email address in the From field is faked to look like it comes from you, but it has not. In fact you had nothing at all to do with it. Unfortunately, since you had nothing to do with it, there’s nothing you can do. Spammers have been using this technique for years.”
    that was what the person was after

    Reply
  14. My gmail account is having multiple problems. My emails are combining, for example a business email combines the To and Subject lines with a non-business correspondence. I am not getting some emails and other emails are being sent to my trash folder. It doesn’t matter if I access my email from by laptop or my I phone. I read email doesn’t get viruses, so what is going on?

    Thanks!

    Reply
  15. Leo, my friend sent me a email with no attachments and when I opened it, nothing on my chrome would load. It says the pages I opened are not responding. Help?

    Reply
  16. Hi Leo – somehow a virus or something has changed my email address. When I send an email, the words ‘Nigeria National Freelotto’ are included in my email address. Everyone erases my email right away before reading it because of this. For example, if I sent you an email it would be from ‘Nigeria National Freelotto {removed}@sbcglobal.net. Do you have any idea how to get rid of this? I have had this address for a very long time and would like to keep it if possible. I also have a second address that is attached to the same account. ‘{removed}@yahoo.com. Both address’s work and access the same email account. I like the first one because it is easy for people to remember. Thanks!

    Reply
  17. I recieve emails from work with files as attachments.When I receive an email with a PDF attachment. I download the attachment but it opens as a poster for a visa assistance company in the Philippines that I recently used. Any ideas?.

    Reply
  18. Okay, all those rules are also applied for all kind accounts, right? Such as social media account or blog account?

    Let say, someone unintentionally uploaded image to a blog from their computer with virus in it (or the computer already has the virus). So the virus absolutely can’t infect the blog account/blog page itself?

    Thank you

    Reply
    • The account or page is not infected. However malicious software – be it an image that exploits an unpatched vulnerability or anything else – has the potential to infect machines that visit that page. “Malvertising” is a good example – malicious ads were uploaded and when displayed could cause some of the machines on which they were displayed to become infected. Technically neither the site nor the advertising network itself was “infected”, but they served as delivery vehicles for malware. Fortunately this is extremely rare.

      Reply
  19. What about synchronized/synchronizing account? For example, does malware/virus keep coming back if we synchronize our email account with browser (Google Chrome)?

    I think I’ve ever read your article about malware that kept coming back to Google Chrome browser, user already removed it yet malware kept coming back.
    From one of your answers/suggestions: “Perhaps you have synchronized your Google Chrome browser with your Google Chrome account, that what makes the malware keeps coming back.”
    (I tried to google this article, I’m really sorry that couldn’t find it to put the link here.)

    Thank you

    Reply
    • Syncronizing your account simply means that an malicious extension (for example) that is installed on one machine in Chrome will automatically be replicated to your other Chrome installations. Your ACCOUNT is NOT infected, but the feature of syncronized account means that the malware is automatically replicated from YOUR machine to your other machines. You might remove it from one, but it comes back when sync happens from one of your other machines. The only solution is to temporarily disconnect ALL machines from that syncronization, disinfect ALL machines, and then carefully re-enable sync one by one.

      Reply
  20. Hi! I feel VERY stupid. Just last night I opened an email on my computer from a person that I kind of know. I thought this was something important but in the body it said Error. and told me that if I wish to open it to click here. That is what I did. (I know that everyone now is cringing). This was something that caught me off guard. There were all kind of things that popped up on the computer that seemed bogus.

    The computer is fine now. But my LG smart Phone can’t receive the emails that I am getting in on my account. This is a feature that I depend on for my smartphone. What should I do?

    Reply
  21. Hi..good day..
    My official domain return some mail, from my mail id, How to stop…

    For example,
    My id – {email address removed} , its return some mail from this email to my email id, means From and To address are same, How we can stop and what is this.
    please advice me.

    Reply
  22. Leo, my problem is this: I get no e-mail period. I open and closed 3 or 4 accounts, change my password, and still I get no e-mail. I do get greeting from the account I open that’s it. I have tried to sign up at different sites for e-mail, but noting comes in. I tried it with your site. The accounts that I open with have said I have a problem, and that’s it. They don’t tell me what it wrong or how to correct it. Can you help. New to all this computer thing. Note: On my e-mail, I don’t any thing , so I am putting my sister e-mail.

    Reply
    • No one will be able to answer your question unless we know what kind of email account you are opening. My guess is that the email accounts are probably fine, but that you are trying to download mail to your computer, and that’s where you are going wrong. The big question is, what type of email accounts you are setting up. If they are online accounts like Gmail, you can test them online to see if they work.

      Reply
  23. leo, I’m having problems with my computer, when i go to my aol account I can’t open my mail, I have a mac. I am not very smart whe it comes to cumputers, I think I have a virus as my computer crashes quite often. What do I do? Also I don’t know why I’m asking you because I can’t open my emails?

    Reply
  24. I realized about 6 weeks ago that we are having email issues at work. I was trying to send a contract to two clients that I had been going back and forth with all week (they have also been clients since 1994 who have always used email with us) March 24 things were all good and they were responding to me, as of March 28 I realized I wasn’t getting the emails that they were saying that they responded to. I contacted our IT company and they said they “released” something ( I am guessing our IP address?) and I got literally 70 emails from the past 10 days that were sent to me and sitting in lala land? At this same time our Marketing company had started using Zoho campaigns to send out a newsletter from our company using my email address, they never set up the SPF record prior to doing so. Over the last 6 weeks I’ve been noticing the weirdest things with our email – I can email some people and they get it no problem, but when they try to respond to me it wont let them or I never receive it back. And then there are some people who can email me and I get it, but it will not allow me to send anything back to them. It bounces back and says [P4] Message blocked due to spam content in the message. Your message wasn’t delivered due to a permission or security issue.
    This message when I am sending “testing” as the subject and only thing in the body says “hey its Katie”
    I have checked every black list, can’t find us on it. I have even called centurylink and Comcast (two of the ones we are having issues with, so far 9 different companies that I know of so far) and they are saying that they don’t see anything wrong at all on their end, my clients were on the phone with us while they looked into this. They are saying its on our side.
    Well IT on our side is getting pissy with me saying it absolutely is not on our side – but I have to think it is. 9 different email users having issues with us who we were fine with prior to March 28? what’s the common denominator here?! ME/US! lol I haven’t noticed any emails being sent from me, but another guy in the company did notice some and sent out a warning to all of us.
    I am not the only when in the office having these issues either, March 24 we were fine and as of March 29 when accounting sent out an invoice to a customer (who hasn’t been late in 7 years on a payment till now) never received it. we sent it 4 more times over the next month to no avail, but I am getting his emails.
    So I am thinking we have some type of malware in our system at the office? Would that make sense to you? Honestly at

    Reply
  25. On April 24, 2018, my email account was “hacked”. It sent out spam emails to those who had previously sent me emails. The spam emails were “replying” to the past emails that I received (sometimes seven years ago). The hack was very sophisticated. The content of the spam “replies” had my contact info at the bottom of the email and usual disclaimer I have in emails. The spam “replies” looked very legitimate. Additionally, the spam “replies” included an attachment which others have told me contains a virus. After people told me about the spam, I changed my password on the email account. This seems to have stopped the spam (at least for now, I hope). Interestingly, my “sent” folder did not include any of the spam emails. As a final matter, I do not use a “free” email account, such as gmail, yahoo, etc. The email that was hacked is from a paid email/domain name company that I’ve used for ten years. Moreover, I did several virus scans of my computer — no viruses were detected.

    Can someone let me know what happened? Could the service that provides me the email account have been hacked?

    Reply
    • Honestly there’s no way to know how this happened. It could be malware, but more likely your password was simply discovered or guessed. Particularly if you also used that password elsewhere, that’s the most common cause.

      Reply
  26. What kind of attachment are you trying to send? For example, Gmail won’t send executable (program) files. To send those, you put them in a Dropbox or OneDrive folder and send a download link.

    Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.