If spam is being sent out from your email account, your email address has either spoofed or hijacked.
Email Spoofing
Spoofing an email address is when an email is sent out with your From address, even though they have no access to your account. There’s really no solution to spoofing. Fortunately, hijackers tend to change spoofed addresses frequently and the annoyance will disappear soon.
Email Hijacking
Hijacking is when someone has taken control of your email account. They can read your mail and target people you know with spam; even lock you out of your own email account.
As soon as you discover that your email address is spamming, immediately try to change your email password. But if you're unable to change your password, it means the hijacker has changed the password and now controls your email account. Contact Us if you are unable to change your email password.
- If you been using the same password for other services, change them as soon as possible. (Tips for Secure Passwords)
Steps to stop your account from sending spam
- Change your password immediately
- Before updating your Email Client with the new password, check your computer for malware
- Run a full scan on all devices with the email account set up in the Email Client
- If your anti-virus tool hasn't found any issues, try again by installing Avast Home Edition + Spybot Search and Destroy + SUPERAntiSpyware
- Update your Email Clients with the new password
After you have secured your email account, prevent it from happening again by:
- Using strong, long passwords that people can’t guess
- Use different passwords for different services, and keep track of them with a password manager similar to Bitwarden
- Never email your password to anyone
- Get an antivirus program and regularly update its virus definitions
- Make sure your mail program is set to not automatically download and open attachments or display HTML content
- Verify the source of any suspicious email before you act.
- Do not blindly forward emails, open attachments and links, or view HTML content
- Check and monitor if your email has been breached at Have I been pwned
Signs of email infection:
- People tell you they received emails sent from your email box which you did not send
- A lot of messages without a sender address and subject in your mailbox
- The recipients of the spam-email includes a bunch of people you know
- You try to access your account and the password no longer works
- Your Sent Items folder contains a bunch of spammy emails you’re not aware of sending
- You’re receiving bounce messages from email addresses you’ve never heard of
Common cause for an email account to be exploited
- Your password was easily guessable
- You entered your credentials into a phishing site
- The website where you had your account had a security breach
- Your hacked account used the same password as a different, breached site
- There is spyware on your computer
