fbpx

Spoofing – Someone is sending from my address

spam

Someone is sending from my address (Gmail helper)

{include_content_item 526} If you receive bounce messages for mail that appears to originate from your account, you find messages in Spam from 'me,' or you receive a reply to a message you never sent, you may be the victim of a 'spoofing' attack. Spoofing means faking the return address on outgoing mail to hide the true origin of the message.


When you send a letter through the post, you generally write a return address on the envelope so the recipient can identify the sender, and so the post office can return the mail to the sender in the event of a problem. But nothing prevents you from writing a different return address than your own; in fact, someone else could send a letter and put your return address on the envelope. Email works the same way. When a server sends an email message, it specifies the sender, but this sender field can be forged. If there is a problem with delivery and someone forged your address on the message, then the message will be returned to you, even if you weren't the actual sender.

If you've received a reply to a message that wasn't sent from your address, there are two possibilities:

 

  1. The message was spoofed, forging your address as the sender.
  2. The original sender used your address as a reply-to address so that responses would be sent to you.

 

Neither of these possibilities indicates that your account was compromised, but if you're concerned that your account may have been compromised, you can check recent access to your account. Just scroll to the very bottom of your inbox and click the Details link next to 'Last account activity.'

For further information, please select the description that matches your situation below.

You're receiving bounces for messages you never sent.

Many spammers use software applications to generate random lists of email addresses at common domains, based on words in the dictionary. Spammers then use these lists to send illegal mass mailings. This practice is called 'dictionary spamming.' Many of the addresses randomly generated by dictionary spammers are invalid. If a spammer spoofs your Gmail address to send dictionary spam, you will likely receive reports of delivery failures, which appear to be replies to message sent from your address.

Because these messages originate outside of Gmail, we aren't able to stop spammers from spoofing your address. However, Google helps protect your Gmail address's reputation by designing our systems to authenticate all the mail that really comes from you. When another domain receives an unauthenticated message from Gmail, it can tell that you didn't really send the mail, and it is unlikely that your email address will be blocked. For our part, we are concerned about spoofing and bouncebacks. We ask you to report these messages by checking the box next to the unwanted message and clicking Report Spam at the top of your inbox, or by opening the message and clicking Report Spam at the top of the message.

You can help stop spammers by also sending the full headers of these unlawful messages to the Federal Trade Commission atspam@uce.gov.

If you feel that you may be a victim of identity theft, we suggest contacting your local authorities.

There are messages in Spam from 'me.'

One common tactic used by spammers is to send a message to a recipient, and fake the 'From:' field to contain the same address. Spammers hope that because the mail is sent 'from' your address, it will slip past our spam filters. But not so fast! Gmail authenticates all of our mail, so we know when a message wasn't actually sent by you. We do our best to place these forged messages in your Spam folder.

Because Gmail replaces your email address with 'me' when you look at lists of messages, you may see spam mail from 'me' in your Spam folder. All this indicates is that someone forged the return address on your messages to be your own email address.

If we miss any messages, we ask you to report them by checking the box next to the unwanted message and clicking Report Spam at the top of your inbox, or by opening the message and clicking Report Spam at the top of the message.

You can help stop spammers by also sending the full headers of these unlawful messages to the Federal Trade Commission atspam@uce.gov.

If you feel that you may be a victim of identity theft, we suggest contacting your local authorities.

My Contacts say I sent spam to them, or I found suspicious access to my account.

If your Contacts received spam from you, or if you find access activity that you can't account for, we suggest taking the following steps as soon as possible.

  1. Make sure your operating system is up-to-date. Be sure you've downloaded and installed any critical Windows updates from Microsoft, or Mac OS updates from Apple. We recommend enabling automatic updates.
  2. Check for viruses and malware. Run a scan on your computer with a trusted anti-virus software. If the scan detects any suspicious programs or applications, get rid of them immediately. Note: We have no connection with these companies and can't comment on their effectiveness. We can tell you, though, that trying all of these programs often makes a difference, as does having the latest versions.
  3. Change your password. Make sure you choose a password that contains a combination of numbers, characters, and case-sensitive letters. Never reuse your Gmail password on any other website. These steps will help strengthen the security of your account.
  4. Update your secondary email address and your security question. Should you ever lose access to your account, these two items will be vital to recovering your account. Make sure that you have access to the email address listed as your secondary, and the answer to your security question should be easy for you to remember, but hard for others to guess.
  5. Check your Settings. Click Settings at the top of any Gmail page and verify that the following items have not been changed:
    • On the General tab: Your SignatureVacation Responder and Browser Connection.
    • On the Accounts and Import tab: Send mail as.
    • On the Filters tab: Look for any filters you did not create, especially filters that forward your mail.
    • On the Forwarding and POP/IMAP tab: Look for any changes you did not make.
  6. Use a secure connection when signing in to Gmail. In your Gmail settings, select 'Always use HTTPS.' This setting helps protect your information from being stolen when you are signing in to Gmail on a public wireless network, like at a cafe or hotel.

Also, to make sure that no one gains unauthorized access to your account:

  • Never tell anyone your password or security question and answer, and don't write them down.
  • Never send this information by email.
  • Never give out your gmail password after following a link sent to you in an email. Access gmail directly by typing mail.google.com in your browser's address bar.
  • Don't reuse your Gmail password on other websites.
  • Periodically change your password and security question.
  • Keep your secondary address up to date.

We are very concerned about this activity. Please obtain the full headers of the spam message from Sent Mail or from one of your Contacts, and report it to our team. We'll investigate your report, but we're unable to respond to individual cases. In particular, please note that we aren't able to provide you with information about attempted logins to your account including, but not limited to, the IP address from which the attempted login was made, and the time and date attempted logins occurred.

 

 

 

Source: http://mail.google.com/support/bin/answer.py?hl=en&answer=50200


Recommended Posts