How To + Recommended

What to Do if Your Email Account Gets Hijacked and Sends Out Spam

Posted on January 30th, 2013 by

It’s an event that we’ve probably all dealt with at one point or another, either on the sender's or the receiver's end: an email that clearly didn’t come from the person who supposedly sent it, hawking weight-loss supplements or “male enhancement” pills or some such nonsense. What causes these, and what can you do about it? The short answer is, it’s one of two things:

  1. Poor password hygiene
  2. Spoofing.

(Is a virus sending emails from your account? Click here for a free trial of Mac Internet Security X8 for protection from malware and viruses.)

If the problem is poor password hygiene, that means your account was hacked. Or your account has been spoofed, in which case someone has made it appear as if it's been hacked.

A spam email one of Intego's employees received from her friend just this morning.

There are a number of reasons that can explain how your account got hacked:

  • Your password was easily guessable
  • You entered your credentials into a phishing site
  • The website where you had your account had a security breach
  • Your hacked account used the same password as a different, breached site
  • There is spyware on your computer

You can tell if your account has been hacked if:

  • The recipients of the spam-email includes a bunch of people you know
  • You try to access your account and the password no longer works
  • You try to access the “Forgot Password” link and it does not go to the expected email
  • Your Sent Items folder contains a bunch of spammy emails you’re not aware of sending

(I’m assuming, of course, that you didn’t have a brain-spasm and temporarily misremember your account, or you didn’t have way too many drinks on Friday night before drunk-emailing your friends.)

If your account was in fact hacked, there are a few things you’ll need to do:

  • You need to change your password on the hacked site
  • You need to change your password on any other sites where you used the same username and password
  • You need to change your password on any sites whose information you stored in the hacked account
  • If you determine that you have been affected by spyware, once it’s removed, you will need to change all your passwords for all your online accounts and follow procedures for recovering from identity theft
  • If you cannot follow any of these steps because your account details have been changed, you will need to contact support for the website that provides your account so that you can regain control

There are two main ways to see if your account was spoofed:

  1. Get a copy of the email, including headers, and check the originating IP address to see if it was not one you could have been using
  2. If you’re receiving bounce messages from a bunch of email addresses for people you’ve never heard of

If your account was spoofed, they simply created an email that had fake details (usually the “From” or “Reply-to” address), and there is very little you can do to stop this. And what you can do is likely to be ineffective. In short, you’ll need to do the following:

  1. Take the IP address from the email header
  2. Contact the ISP for that address
  3. Ask them to block it

However, the spammer could be using a different IP address the next day, and the ISP could either ignore or deny your request (especially if the ISP is a shady one).

This is one of those cases that reminds us computer security is not just about protecting your machine from malware. There is a lot of data on your machine that is valuable to hackers, and attackers don’t necessarily have to go to the trouble of creating malware to get it from you. But the good news is, it can also be fairly easy to protect yourself by making a few simple improvements. Stay tuned – in a future article, we’ll talk about more ways you can protect yourself against common computer security hassles.

Protect your Mac against malware, strangers, and suspicious applications with Intego’s award-winning Mac Internet Security X8.

  • Paul

    An ex girlfriend with whom Ive just started speaking to again called me hysterically saying she could not understand why i would be so cruel as to resend her old angry emails that I originally sent her after our breakup especially since we are now talking and on friendly terms. I told her i had no idea what she was talking about and that i did not resend any emails to her. I actually deleted the sent emails from my yahoo account shortly after sending them. I am at a loss. could my yahoo account have been hacked or maybe my computer has some type of virus which is causing this? she will not take those possibilities into consideration and insists i sent them. Has anyone ever heard of a case like this before?

    • Geovanny Morillo

      Yes you are right, my yahoo account was hacked 3 times already, they used it to send lots of spam and virus, luckily i was able to recover my account, and apologize to my friends for the inconvenience….

      • Kemi Akio

        How did you do it? My account is sending spam everyday to friends and even companies I have in my contacts. @geovannymorillo:disqus

  • Samantha

    Is it possible for an account to send out email replies to adds on Craigslist? My significant other is always getting messages and always states that it is spam but when I look in the sent email folder the message is there and has the “sent from my iPhone” signature. I’m not that tech savvy so I don’t know if it is possible for these emails to just show up.

    • Cassandra

      most likely- welcome to cheatersville, population: your boyfriend

  • Jeffrey Timothy Valerie

    So, now that you have asked me to join using one of my social sites, I can expect more useless post to both my social site and email. Anyway, how can we tell the IP is the ISP

    I have just done a lookup and, there is not just one IP drawn up and before the mail reached me, it’s last stop was the London Charing Cross train station?

  • Jeffrey Timothy Valerie

    Sorry, I found it is the building besides the main line station.

  • Elina Wills

    Thank you for sharing this insightful post with us. It was very knowledgeable and helpful. Please keep sharing!
    I know a website,, that provides Email Verification and Email List Cleaning Services in the USA.