Do you suspect your email account has been hacked? Can’t login to your email account? Are you getting undeliverable and bounce messages for email you never sent? Are friends and family complaining of receiving email you never sent? Is it malware? A hacker? Here’s how to tell.
Undeliverable and Bounce Messages
Spammers frequently spoof the From sender on the email they send. They just substitute their real email address with a random email address found on a mailing list or one just randomly made up.
Some poorly configured email gateway products don’t distinguish between the manually editable “From” address and the actual sender origin, so they simply send any undeliverable messages to the spoofed From address. To better understand how this works, and help you track down the real origin of an email, see: Reading Email Headers. Best defense: Simply delete the undeliverable/bounce messages.
In other cases, email worms will send themselves disguised as an undeliverable/bounce message. The bogus email contains either a link or an attachment. Clicking the link or opening the attachment leads directly to a copy of the worm. Your best course is to learn to overcome curiosity. Best defense: If you receive an undeliverable or bounce message for an email you know you did not send, resist the temptation to open the attachment or click the link. Just delete the email.
Unable to login to your email account
If you are unable to login to your email account due to an invalid password, it’s possible that someone has gained access and changed the password.
It’s also possible that the email service is experiencing a system outage of some sort. Before you panic, make sure your email provider is functioning normally.
Best defense: Prevention is key. Most email providers offer a password recovery option. If you have even a hint of concern that your email password has been compromised, change your password immediately.
If you specified an alternate email address as part of the password recovery, make sure that address is active and be sure to monitor the account regularly.
In some cases, you may need to call your email provider and request a reset. If you go that route, be sure to change your password from the one provided during the phone call. Be sure to use a strong password.
Email appearing in Sent Items folder
If copies of the sent email are appearing in your Sent Items folder, then it’s likely that some type of email worm might be involved. Most modern-day malware won’t leave such tell-tale signs behind, so it, fortunately, would be indicative of an older, more easily removed threat. Best defense: Update your existing antivirus software and run a full system scan.
Email is sent to address book, does not appear in the Sent folder, and it’s a webmail account
The most likely cause is phishing. Chances are at some point in the past, you were tricked into divulging your email username and password. This enables the attacker to login to your webmail account and send spam and malicious email to everyone in your address book. Sometimes they also use the hijacked account to send to strangers. Generally, they remove any copies from the Sent folder to avoid easy detection.
Best defense: Change your password. Make sure you’ve checked the validity of any alternate email addresses included in the password recovery settings first.
Symptoms don’t match the above
Best defense: Make sure you do a thorough check for a malware infection. Fully scan your system with installed up-to-date antivirus software and then get a second opinion with one of these free online scanners.
Receiving complaints from friends, family, or strangers
One of the problems with spoofed, hijacked or hacked email is that it can also lead to responses from angry recipients. Stay calm – remember, the recipients are just as much a victim as you. Best defense: Explain what happened and use the experience as an educational opportunity to help others avoid the same plight.