Posted Nov 12th 2008 10:14AM by the AOL Mail Team
Recently, we have gotten several concerned calls from AOL users who are receiving emails from themselves that they didn't send. Most of the time, the content is inappropriate and users are troubled that their email address is connected to this content, and even more concerned that this is a sure sign their AOL account has been hacked and is being used by someone else.
Although it is possible that the account has been compromised, it's more likely that these users are being "spoofed." In other words, the email is most likely coming from a source outside of AOL that is "spoofing" the From address. Automated bots are often used by spammers to fill in the From: address with the To: address, making it look like the person has sent mail to themselves.
Why aren't the AOL spam filters catching these spoofs?
AOL actually catches most spoof emails before they reach the intended recipients. In fact, we block more than 2 billion pieces of spam each day before it even reaches our users. We continually modify our spam filters in response to new spam trends and threats, based on user feedback via the "Report Spam" feature.
What should I do with the spoof emails I am receiving? Should I send them to AOL?
When you receive any piece of mail that you consider to be spam, you should immediately hit the "Report Spam" button. This helps to ensure that future mail from this source will go to your spam folder in the future. Rest assured that by hitting the "Report Spam" button you are not blocking or reporting yourself; but, helping us identify the source of the spoof email.
What if I still suspect unauthorized use of my account?
If you suspect unauthorized use of your account, immediately check your Sent folder for any emails that were sent without your consent. If you see any unexpected messages, immediately change your password. This will lockout the unauthorized user and re-secure your account.
How do you tell the difference between a spoof and a compromised account?
Differentiating between the two can be difficult, but your best bet is to be vigilant about protecting your account, your computer and your privacy. Follow these tips:
**Use a secure password and change it frequently. AOL recommends that you immediately change your password if you suspect any unauthorized usage of your screen name. Only authorized users can change passwords. If you have stored the password on your computer, remember to update that, too.
**Make sure you are running up-to-date virus and spyware protection software.
For more information on spoofing, we also recommend that you take a look at this article: http://www.windowsecurity.com/articles/Email-Spoofing.html. Share