This has happened to me a couple of times, and I always get panicked calls from clients when it happens to them. All of a sudden your email inbox is flooded with undeliverable return email messages, sent to people you have never heard of. Hundreds of them, spanning sometimes as much as a week’s time. See below.
Has your email account been hacked? Do you have to change your password? In a word, NO. You are merely the victim of “spoofing,” which is when a spammer decides to impersonate you as the email sender. They have merely borrowed your email address ONLY, not your account.
Spammers use botnets to send millions of messages a day (not exaggerating here), and purchase lists of email addresses from list builders on the dark web. Some of these email addresses are old, and the account is closed. So when the spam goes out to one of these dead email accounts, the mail server that is responsible for that email domain will send an undeliverable message to the sender.
What is interesting in my own case, is that they are spoofing someone else’s name and coupling it with one of my email addresses. I got a cute reply from someone’s “Aunt Mabel” who told me that the link on the email made her anti-malware software pop up a scary red warning screen, so she was not able to see the dancing kitties or whatever.
In any event, the only thing I can do is wait out the storm. It seems that the spammers are using several different email accounts on my business email domain. There is nothing that can be done here, other than to delete the return messages piling up in my inbox, and write this illuminating article about it. Eventually the spammers will spoof someone else, and it will be over, at least for me.Share