Tons of spam emails were sent from my email address without knowing.
Hi. First of all, excuse my English if there is any mistake. It is not my first language.
As I mentioned in the title, tons of spam emails were sent by me, which I did not even know until I got "Undelivered Mail Returned to Sender" mails. Then I checked my sent folder, "I" sent emails to these email address that I am not aware of. I use my thunderbird account at work, and also installed it in my private laptop recently so that I can check email when I'm off office. It seems those spam email were sent from my private laptop, since I did not find anything in my office PC sent folder.
What should I do with this situation? Is there anything that I should do to protect my account? Thank you.
Wšě wotmołwy (3)
Is your account on your home laptop imap and the one in the office POP by any chance?
Thank you for your reply.
The one I use in the office is POP, I have not checked my home laptop. I received many more "Undelivered Mail" this morning when I check my work PC... Again sent from my home laptop. Is there any way that I can solve this problem? Or I should just uninstall my home laptop one..
The reason I ask is it is more likely your mail account on the server has been breached than either of your actual computers. (Thunderbird is not convenient for spam bots to use at all.)
Disregarding the failure to deliver, that is called backscatter what is needed to do is determine the source of the outgoing mail.
If the source of the ougoing emails is Thunderbird then the following should be in the message source
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:60.0) Gecko/20100101 Thunderbird/60.3.2
Select a message in the sent folder and press Ctrl+U to see the message source.
I would be almost certain however that the source is not Thunderbird. So the most sensible approach is log into the mail server using a browser and change you email password. make sure it has upper and lower case letters and some numbers and punctuation, or use a passphrase like Ilikepinkteadybears. While dictionary hacking is relatively easy these days, getting multiple words from the dictionary into a passphrase in the right order takes quite a bit longer.
It is however most likely you password has been revealed in a hacking incident and no hacking of your actual account was required because you used the same password in more than one thing.
Mozilla has a tool for you to see if your information has been exposed in a known hack. https://monitor.firefox.com/.