We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

How to protect my email address list from hackers?

more options

On BT's advice I have now changed my BT password for the third time in order to stop hackers from sending emails to people on my address list, but they continue to be sent. Each of these emails has had me as the Sender, but there is no record of any of them in my Sent folder. Once the hacker has got hold of my address list is there any way of preventing him from continuing to send emails to my friends? I have been advised by a knowledgeable friend to change the wireless key of my BT Home Hub 2.0. Would this make any difference? And does this imply that someone within range of my WiFi is hacking my email address list? What can I do to be secure from hacking? I am using Norton 360.

On BT's advice I have now changed my BT password for the third time in order to stop hackers from sending emails to people on my address list, but they continue to be sent. Each of these emails has had me as the Sender, but there is no record of any of them in my Sent folder. Once the hacker has got hold of my address list is there any way of preventing him from continuing to send emails to my friends? I have been advised by a knowledgeable friend to change the wireless key of my BT Home Hub 2.0. Would this make any difference? And does this imply that someone within range of my WiFi is hacking my email address list? What can I do to be secure from hacking? I am using Norton 360.

All Replies (7)

more options

I doubt very much that anyone has "hacked" you. They have, IMHO, gleaned your address and those of other regular correspondents and are using them in messages. Inspection of the message "source" using ctrl-u usually reveals that the message came from a third-party's computer.

Changing your email password and your wi-fi key won't do any harm, but I doubt that either of these was an actual point of entry. If you have ever received a "round robin" kind of message with all the addressees shown in the clear, then you must assume that all of the addresses mentioned in it are now "in the wild" and are being passed from spammer to spammer.

more options

Hello Zenos,

Thanks for your reply, especially the ctrl-u tip which shows who sent it, though I don't know how to follow it up.

Can you explain how someone is able to send out stuff using my email address as the supposed sender - and how to prevent him from continuing to do it as often as he wants? I seem to be in a vicious circle from which there is no escape.

Regards,

Geoff

more options

Would changing my service provider disarm the spammer? And if so, how could I avoid being spammed in future?

Geoff

more options

Thunderbird doesn't encourage you make up or insert borrowed addresses, but not all mail clients are so scrupulous. (You can make it use a false From: address by way of identities…but my smtp server is still evident in the source listing when I tested it.) And spammers don't use regular email clients; they have their own tool kits, webservers, "owned" computers and so on. Unfortunately, it is trivial to write an email client to send using false credentials. Email

You can no more stop spammers from using your email address than you could stop someone sending a letter through the post that claimed to be from you. :-(

Some people take the view that all email addresses ultimately become despoiled after a period of use, so they'd abandon an address and start up with another. However it can be very disruptive to change a long-standing email address, and if you've paid for one on your own domain, you are not going to want to throw it away.

Wait it out; it's likely that your address is currently in circulation, but will be retired in due course.

more options

Returning to the point about viewing the message headers in the source: when you send through your ISP, there usually is a predictable hand-off of the message from one server to the next. First there is your computer, then one or more servers at your ISP and mail service, then one or more servers at the recipient's mail service. Messages with a "spoofed" sender address will not match the pattern: the initial servers usually will be completely different than yours often not even in the same country. If you can tell that your mailing list members are getting messages from a spoofed sender, then you can assume that they are not coming from your system or your mail account.

Thunderbird supports signing your email messages with an S/MIME certificate. This is a way for the recipient to know the message is really from you, since you keep this certificate confidential. If you can't stop your list members from getting fakes, at least you can add this indication of authenticity. Although S/MIME certificates for business charge an annual fee, they often are free for personal use.

More info: Installing an SMIME certificate - MozillaZine Knowledge Base

more options

Sad to learn that the cards are evidently stacked in favor of spammers and against the average innocent user, and that there is no simple and guaranteed effective counter to spamming. I am beginning to think it would be less stressful to abandon email altogether and go back to the worry-free days of snail mail. Geoff

more options

Pretty funny. A thread about spammers and one shows up with their bogus software. Like a bee to honey.