If you’ve found yourself in a situation where you start receiving emails and calls from people in your contact list they received a spam message you did not send, the most likely scenarios are that your password has been hacked or your account has been spoofed. Spam sent from your address causes issues for you as your email provider can close and terminate your account without notice if someone reports you. So, why is my email sending spam and what can I do? Here are the steps you should take when this happens, along with a few precautions to prevent this from happening again, protecting your contacts and your own integrity.
One of the first things you should do is change your password. Clear your web browser’s history and cache and change your settings so your browser doesn’t remember your login in and password. If your email service rejects your new password, a hijacker has already changed your password before you could and now has control over your email.
If you are still logged in to a current session and can receive email, try logging in on another computer or open a browser in private mode. When your login attempt fails, try the “need login help” link. You will automatically receive a new password link.
Next, change your password on other sites if you have used the same one. The best practice is to have different passwords for every site. However, people are people and this is not always the case as we love having a single password for everything – but bear in mind – if one account is hijacked, the others are left vulnerable.
Contact your email provider with the problem. You can find help with your Outlook mail, recover your Gmail account, as well as get assistance with your Yahoo account from your provider’s technical support teams. Keep these links handy in case you find a need to quickly reach out to your email provider for issues.
What can you do after the damage is done and how do you prevent it?
Whether or not you manage to regain control over your account, you should send out apologies to your friends, family, and other contacts who received spam mail. Close friends and family will understand though you may find it difficult to get businesses and acquaintances to trust you again. Clean up the damage as best you can and take steps to help prevent it in the future.
You should practice using strong passwords. This includes a password that is at least twelve characters including a mix of upper and lower case letters, numbers, and special characters. Do not use common names or words that can be guessed or associated with you in any way. If available, set a two-factor verification for your email, which can be found on your service’s help or options section.
If you can get a copy of the email sent from your account, check the headers and see if you can find an originating IP address. If the IP address is not yours or from any computer you used, you should report it immediately. This can be difficult as several attackers hide behind ghost or mirrored IPs. If you begin receiving emails from addresses and people you never contacted before, report and block them as they are attempting to verify your email is still active.
After you have recovered and are back to your normal email use, become more vigilant about your password and email use. If you use your email at work, school, or through public Wi-Fi, never allow the browser to remember your login and password. Try adopting a habit to change your email password on occasion throughout the year.
What if the account was spoofed?
A spoofed email means someone created an email, which mirrors your address. Spammers will include false details in the From and To lines of the address. You cannot really do anything to prevent this other than warn friends and family not to open any links or files that appear abnormal for you to send. In this case, you can contact the ISP for the IP address (if any) from the header and report it as having spam issues. These steps may prove to be ineffective, however; it is worth trying.
Cases of email sending spam are common and happen all the time so if this happens to you, you’re not alone. If you find yourself a victim of email hijacking, you can recover. You can protect yourself easily by making a few simple modifications to your Internet and email activity. Internet security is not only about protective measures for your machine, it’s also about your behavior. Your machine contains valuable data to hackers who often employ social engineering tactics to avoid the hassle of creating malware to steal your data.
If all else fails, you can always save your contacts and create a new email account. While this may sound cumbersome, it will help ensure any malicious activity tied to your account is cut loose. Save any information, you want to keep to a document or spreadsheet and send it to yourself from your new email account.