Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

Why am I getting spam that appears to be from my IP address?

by

Email headers, the place where the IP address information is stored, are incredibly easy to falsify. Spammers do this on purpose to hide their true location.
Question:

Someone including myself is receiving emails from fake email addresses, but
the IP address leads back to my computer. I have Windows XP. They were all
Yahoo accounts and Ymail accounts. My Yahoo account had been hacked a few days
earlier. I’ve changed my password and even created a new account, so I can
completely close the other one down once my stuff is transferred. I’ve cleared
all the cookies and run a virus scan and the IP address has changed. I just
don’t understand how this happened.

In this excerpt from
Answercast #63, I look at various ways that spam could be sent using your IP
address.

Become a Patron of Ask Leo! and go ad-free!

IP address spam

Normally, it depends on exactly how you’re determining that it’s from your
IP address.

Understand that email headers, the place where the IP address information is
stored, are incredibly easy to falsify. Spammers do this on purpose to hide
their true location. Since your email address (or your account) had been
compromised, it’s very possible that one of the things that they squirreled
away was the IP address that you were using at the time – so that not only
could they have the emails come from you (from your account while they
had the account hacked), but by falsifying the header information, maybe they
even went so far to make it look like it came from your IP address when it
didn’t.

So that’s first thing that comes to mind.

A compromised computer

The second thing that comes to mind is zombies – botnets.

Basically what those are… those are malware that are installed on your
machine that send email. In fact (depending on how they’re configured),
absolutely, the IP address of the email that those botnets send could look like
it came from your machine – because it really, honestly did!

Now, you say you’ve run anti-malware scans, I’m going to say run them
again:

  • Run them with up-to-date signatures.

  • Run them with an up-to-date program.

  • While you’re at it, run the free program from malwarebytes.org.That often picks up a
    few things that some of the other utilities don’t.

Run an anti-virus scan, run an anti-spyware scan, run the malwarebytes.org
utility, and see if those don’t catch something.

Finally, move on!

In the long run, as long as your machine is known to be clean… to be
honest, spam is so convoluted and so complex, all it really boils down to is
spammers are trying to obscure things and hide themselves. I would just
continue to treat it as spam and not really get too worked up about
it.

Next from Answercast #63 – Which
is more secure: fax or email?

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.

Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
Additional information is available at https://askleo.com/creative-commons-license/.