I just got an email informing me that a message I’d sent couldn’t be delivered. But I never sent the email that I’m being told couldn’t be sent. I’m assuming this means that one or more of my computers has a virus of some sort that’s using my email to send spam. Is there a way to find out from which computer the email was sent? What should I do? :3
Are we talking POP mail or web-based email (yahoo, hotmail, gmail, etc)?
If you are talking about a POP account, look at the sent items folder in your mail client on your computers and see if there are any sent items. For webmail, check the sent items folder from any computer.
If you don’t see any sent items, then your computer and/or your account didn’t send the email. A spammer put your address in the FROM field and used their own computer (or someone other innocent-yet-infected person’s computer) to send the spam. That’s called “spoofing” and there’s nothing you can do about it.
You can look at the headers in the return email and see the hops it took to get to the intended recipient (the one you got the bounce message from). It won’t contain any hops that are related to you.
If you find that you do have sent items that you didn’t send, change your email account password (whether it be POP or webmail). If you are using a POP mail client, you need to scan the computer from which the emails were sent.
Thanks for the response. I’m using a web-based email account. I looked in the sent folder like you suggested and there’s nothing there that matches what I received. So yeah, I guess I’m being “spoofed.” I wasn’t aware that you could use your address when sending email. The email wasn’t sent to anyone I know so at least I think I can be safe in knowing that my own personal contacts aren’t being sent spam email that they’ll think is from me
E-mail has exactly the same security in the “from” field that old-fashioned mail has on the return address: That is to say, none at all. It’s just as easy for some random person to send e-mail from “obama@whitehouse.gov” as it is to send physical mail with the return address “1600 Pennsylvania Ave., Washington, DC”.
It’s quite possible that this email is the attack, and it is upon you.
Often, such emails contain a link in them, labeled something like “view a copy of the email you sent” – something that might fool you into clicking on that link. And of course, it is not any email you sent, but a malicious site that tries to download malware to your computer.
Some of them even appear to show a generic email, with your return address, something that you will at least spend a few seconds reading. Meanwhile, the site is busy sending malware to your computer.
So just delete such emails. Don’t bother opening them (especially if your email program automatically opens embedded pictures or attachments). And certainly don’t click on any links in the email!
Thanks for the heads up, t-bonham. I simply deleted it without bothering to investigate it too much.
If it’s Gmail or Yahoo mail, I probably wouldn’t worry about it if they don’t tell you some other IP used your account. Any webmail that does not have a way to check it, I’d probably slightly modify my password just to be sure. Especially if I get too many more.
Yeah, it coudl just be a spoof. But it’s not like changing my password costs me much.