Getting An Email From Your Own Email Address That You Did Not Send To Yourself

by 11 replies
14
From time to time in several of my email boxes, I have gotten an email that shows on the inbox screen that the email was sent from the very email box I am looking at.

For example let us say my email is goodboy@astromail.com and I go into that email box and it shows an email coming in from goodboy@astromail.com.

I then change the password, and the next time I check the email box I find the same thing has happened even though I changed the password just in case a hacker got in.

LIGHT JUST WENT ON: Perhaps the hacker gained access to my cpanel password and is able to access the email box from that? But the emails are not that important so why would someone waste his or her time doing this?

Anyway, is it possible for someone to send an email and make it appear as if it is coming from the email box they are sending it to? How do they do this?
#off topic forum
  • This could be a symptom of malware or a spammer. Spammers can definitely "send an email and make it appear as if it is coming from the email box they are sending it to." How that's done isn't really important. That fact that it's being done at all is, because if they're sending you mail with your own name, they're sending it to a bunch of other people with your name.
    • [ 1 ] Thanks
    • [1] reply
    • Can you do anything to stop this, or prevent this from happening?
  • I really wish I had an answer for you. Maybe your ISP or whoever is hosting your email service can help. I'm really sorry I don't have a solution.

    In this case, malware would be an easier problem to resolve, as it's a simple matter of running the right anti-malware software.
    • [1] reply
    • Thanks "nmwf." The other posters had some good recommendations. This is the nature of the internet, huh?
  • Email can be easily spoofed. There is no authentication, so no accounts were (necessarily) compromised. The easiest way to avoid seeing this is to not look at your email.
    • [ 3 ] Thanks
  • I had this problem a few times. What I did - not sure if this is correct but worked - is that I copied all my contacts to a document and then delete them from my email address list. Then I changed the password at that account and reload all the contacts. That worked for me.
    • [1] reply
    • yes, it's called email spoofing.
      The best way to stop it is to set up a very strict SPF record.

      basically you can set an SPF record in the "email authentication" section of your cPanel

      here is info about SPF records:
      SPF: Project Overview

      your web host can help you with it if it's not automatically created for you.
  • I get a few of those now and again. Only once was it something that was significant, and I could tell by the amount going through. I contacted my webhost and changed my password. It was long enough ago that I don't remember the details, but if it's just one or two here and there, don't worry about it - if you start getting strings of them, then contact your email provider.
    • [1] reply
    • Much depends on the source of the email itself. Most email readers allow you to look at the headers for all the details you normally aren't interested in. If the actual sender is different than the from: line, it's probably garden-variety spoofing.

      The spammer has gotten your email, either from your computer or more likely from someone whom you've emailed in the past. The spammer then uses their stolen addresses to send emails like you've received.

      If they do match, you have a more serious problem. Simply changing your passwords won't protect you. Your computer will need a thorough cleaning because you may be part of a botnet. Ask your ISP and/or email host to check for odd bursts of activity, especially at times your computer is usually down.
      • [ 1 ] Thanks
  • I have an old yahoo email address. Should I change the password on that account as it's all online and not from a webhost.

    Kind regards

    Brian
    • [1] reply
    • Security-conscious companies I've worked with have a regular schedule for changing passwords, even on internal networks that are not connected to the net. Many of them change passwords either monthly or quarterly.

      If you have any concerns about funky emails, changing the password could help and can do no harm.
Join the discussion

Next Topics on Trending Feed