|
I got email from:
someone@somedomain.com where “someone@somedomain.com” is someone I don’t know, but “myemail@outlook.com” is, in fact, my email address. It as if I was getting spam from myself, but I did not send it.
How do I stop these emails from coming into my inbox? How do I stop them from being sent? It’s usually for drugs or financial services that I don’t need or would never be interested in. How can they use my own email? I can’t block them, as it says it is illegal to block my own email. |
I’ll start with the bad news: there’s almost nothing you can do.
This is spam, pure and simple. Abusing your email address is only one of many techniques spammers use to throw their garbage into our mailboxes.
The remedies are pretty standard, albeit less than 100% effective.
What you’re seeing is called “spoofing” (or more correctly “From: spoofing“): sending email appearing as if it’s coming From: someone that it isn’t.
Spammers hide their email’s origin, and do so very effectively. Spoofing is used in almost all spam you see.
The From: address is meaningless on spam — it tells you absolutely nothing.
There’s nothing in the email protocol requiring that the From: line of a message has anything to do with the message’s true origin. To discover the true origin requires more detailed analysis of email headers (which you normally don’t see), and even then, at best you might be able to get the IP address of the computer sending the email.
That you’re seeing your email address in the From: field of spam shouldn’t alarm you. It might be annoying, but there’s no need to worry about it. You’re already on spammer’s lists to get spam, and they’re using that same list, or variations of it, to select which addresses to use when spoofing.
Currently, there is no effective way to stop them.
When you see your own address spoofed in the From: field of spam, it’s generally happening for one of two reasons:
Now, as to why the “someone@somedomain.com <myemail@outlook.com>”, where the two email addresses don’t match, or the more common “Name <myemail@outlook.com>”, where the name is obviously unrelated to the email address, I can only speculate. My guess is it’s either intentionally confusing, to boost the chance recipients will open the email, or a side effect of the tools spammers use, which may not be able to put together a proper name/email address pair.
There’s nothing you can do to prevent From: spoofing.
Spammers can put whatever they like in the From: line. If they want to put your email address there, they can.
The good news is, most automated spam filters realize the uselessness of the From: line, and probably won’t start blocking the email you send because some spammer happens to be using your address. Naturally, some people might not realize this, and they could try blocking you, but given that spammers spam everyone, the chances that it’s someone you know or care about is pretty slim.
The only thing you can do is to keep doing whatever it is you do to control spam. Typically, that’s marking spam as spam and moving on with your life.
I want to be clear: since you’re able to log in to your own account to get your mail, what I’m about to caution you about is not very likely.
But it is possible.
Sometimes you’ll get spam from yourself if your account has been hacked.
You can log in to your account, so if your account has been hacked, the hackers didn’t change the password. That’s unusual. Normally, a hacked account means you can’t log in.
Nonetheless, it’s something to be aware of, and perhaps check. For example, check the Sent Mail folder to see if there are messages you didn’t send. If so, take all the precautions outlined in Email Hacked? 7 Things You Need to Do NOW.