I keep receiving e-mails in my spam folder that say they are from my own e-mail address. When I look in my sent folder there is nothing in there showing I sent myself anything.
How can someone be using my e-mail address?
This question was answered on November 5, 2010. Much of the information contained herein may have changed since posting.
As with most things that involve the online world, you can’t take what you’re seeing at face value (in other words, the messages aren’t actually being sent from your account).
The good news is that your account likely isn’t compromised; the bad news is that there’s little you can do to stop it
Just like with snail-mail, there is nothing to stop anyone from forging or ‘spoofing’ the return address of any piece of mail.
The most likely cause of these messages is that a spam-bot forged your return address on junk messages as a diversion tactic or in hopes of fooling those that may know you.
The longer you have your e-mail address and the more you submit it to various websites, etc the more likely it will be in circulation and make it into a database for spammers
This generally doesn’t mean that you’re infected or that your account has been hacked or hijacked, but rather someone that has your e-mail address in their address book has been infected by an auto-spamming ‘bot’ or the spammers are simply trying to fake out your spam filter by using your own address to yourself.
All it takes is one of your friends to get infected by one of the thousands of malware programs designed to harvest e-mail addresses to get the ball rolling
The automated code randomly selects someone from the address book of the infected computer to appear to be the sender and then sends the junk message to everyone else in the address book.
The spammers figured out a long time ago that if they sent spam from an account and included the actual infected computer’s e-mail address as the sender, it wouldn’t take long for the victim to be notified that they were infected.
By forging the senders address, the wrong person get’s accused of being infected, allowing the nefarious activities to continue from the actual infected computer.
They also realized that the chances of the recipient opening the junk message increased if it came from someone that they may know Logically, some percentage of e-mail addresses in anyone’s address book would be acquaintances and so it goes.
The reason that you’re seeing messages in your spam folder that appear to be from you is your mail system is automatically filtering out messages that they figured out didn’t actually come from you.
Most major e-mail systems use a process to ‘authenticate’ messages that come from their mail servers so messages that have your e-mail address as the sender that were not authenticated will end up in your spam folder.
Included in this auto-filtering process are any spoofed messages that result from delivery failures which would ‘bounce’ back to you.
If you think your account has actually been hijacked, change the password and update any of the security questions to play it safe.
Every mail system has specific guidance for what you should do if you suspect that your account has been compromised, so check the support section of your specific mail system for the proper steps.
About the author
Posted by Ken Colburn of Data Doctors on November 5, 2010