Someone’s Sending from My Email Address! How Do I Stop Them?!


People are telling me I’ve sent them email I know I haven’t. Supposedly it’s spam, and that’s not something I do. Has my account been hacked? How do I stop it?

While possible, it’s highly unlikely your account has been hacked. Whatever is happening is something significantly more benign. Sadly, it’s something you can do almost nothing about.

There are a couple of variations, so before we begin, let me also mention some articles that might more closely match your situation.

Variations

If email is being sent to your contacts without your having done so, and you find messages in your “Sent Mail” folder that you did not send, your email account has most likely been hacked or compromised. See Someone’s Sending Email that Looks Like it’s from Me to My Contacts, What Can I Do?

If you’re getting email that appears to be “From:” your name or a name you recognize, but showing as “From:” the wrong email address, read this: Why Am I Getting Email from Someone with the Wrong Email Address?

Finally, if people you don’t know are getting email “From:” you — the most common scenario of all — there’s probably nothing wrong. Keep reading.

It’s not your fault

You’re minding your own business, and one day you get a message from someone you’ve never heard of, asking you to stop sending them email. Worse, they’re angry about it. Or worse yet, they accuse you of trying to send them malware!

But you don’t know them, you’ve never heard of them, and you know you’ve never sent them email.

Welcome to the world of email malware, where you can get blamed for someone else’s infection. And there’s worse news to come.

Before I get to that, there is a small possibility your email account has been compromised. The solution there is quite simple: change your password immediately. Assuming you choose a strong password, that should prevent someone from continuing to use your account for malicious purposes. (If you find that your account has indeed been compromised, you may want to do more. Check out Email Hacked? 7 Things You Need to do NOW.)

Account hacks, while they happen, are not the most common cause for the situation that I’ve described; spammers are.

What’s worse? There’s almost nothing that you can do.

“From:” forgery

Spammers forge the “From:” address for the email they send. This technique is referred to as “From:” spoofing.

Spammers use any email address they can find. That could include other email addresses they’re sending to, email addresses fed to them by a botnet, email addresses harvested online, or perhaps even the addresses in the address books of infected machines. For instance, your email address can end up in the address books of people you don’t know. Some email programs automatically collect email addresses included on messages received, or possibly from forwarded email.

If they can, spammers try to make it look like the email comes from someone you know, often by discovering who your friends are on social media and other sites.

They use all this information to create and send email messages with your name and email address in the “From:” line — email you never sent.

Peter, Paul, and Mary’s email


Let’s use a concrete example.

Peter’s address book includes entries for his friends, Paul and Mary. Paul and Mary have never met, have never exchanged email, and do not know each other; they each just know Peter.

Peter’s machine becomes infected with malware of some sort, which collects information from his address book. The virus on Peter’s machine sends email with the virus to Paul, looking like it came from Mary. Paul may wonder who the heck this Mary person is and why she’s sending him a virus, but she was never involved.

From Mary’s perspective, you can see how frustrating it would be to be accused of something you had nothing to do with and have no control over.

Spammers have also been known to use other sources of email addresses, including database breaches, harvesting email addresses from public webpages, or even purchasing lists of email addresses from one another.

Thus, the simple “friend of a friend” example I used with Peter, Paul, and Mary is just the tip of the iceberg. It’s certainly not the only way your email address could show up on a forged “From” line.

What’s important is this: one way or another, spam messages lie about who the sender is.

There’s nothing you can do

If someone accuses you of sending spam, and you are positive you did not do it, you have very little recourse other than to try to educate them about how viruses work.

Point them at this article if you like. But be clear: your machine is not necessarily infected with malware, nor is your account necessarily compromised. It’s some third party — the spammer — making all this happen. (Identifying that third party is difficult, which is why spammers use this technique.)

In other words, there’s nothing you can do.


This is a major update to an article originally posted January 27, 2004
The issue is as relevant as ever with some tweaks to the focus on spam,
as well as the addition of social media harvesting of relationships.

Originally published as Someone’s Sending from My Email Address! How Do I Stop Them?! on Ask Leo!