This morning I received a spam email from my own hotmail account. No, my account hadn’t been hacked. Yes, someone had spoofed my email address (and my name) and had sent it to me using my own email address but from a different IP address. Don’t ask me how they did it but they did. I wanted to block that person from sending me any more emails like that but I didn’t want to block myself, obviously. Every now and then I send an email to myself. Let’s say I change a password on some account on the ‘net. The easiest and most secure way to keep a record of that change is to send it to myself in an email. Of course, I don’t put anything in the email that gives the account that I’ve changed. I use a code. Anyway, here’s how I blocked that person from sending more emails from myself.
As we discovered HERE , it’s easy to find out where an email originates. Using Hotmail as an example, right click any email in its folder (as opposed to having the email open) and choose ‘View message source’. Every email system is a bit different but you can view an email’s source in any of them. If you don’t know how to do it, use Google or ask me in a comment below or on Twitter.
Once you find the source, there will be an IP address at the top. There will also be an email address, in my case it was my own. Since I know that I didn’t send the email, I knew that someone had spoofed the original email. Regardless, the IP address was there. I checked the address, of course, and it turned out to be somewhere in Israel. No problem there, I would block the IP address, not the email.
TIP: If you have the time, it’s always good to block an IP address as opposed to simply blocking an email address. This post is a perfect example of why you’d want to do that.
OK, now I had the IP address and it was an easy task to block it using Hotmail’s great system. It’s described HERE. Once that was done, I can rest assured that I won’t get any more emails from that address, certainly none from my own email address.
A good point to all of this is that if a spammer can send me an email from myself, they can also do other things that will make me think the spam is legitimate. As the Internet changes, you have to keep on your toes to prevent your accounts from being compromised. Make sure you use a good virus and email protection system AND keep reading my posts. If you have questions or concerns about computer or email security, make a comment and I’ll work out an answer for you.
Thanks for reading!
I’ve tried following the post instructions, but Hotmail won’t allow me to initially ‘block’ my email. When i click on ‘block’ it says ‘You can’t block your own email address,’ and i can’t go to the next step of entering the IP address i want to block.
thanks in advance.
It’s not a one step process. Once you get the message that says, “You can’t block your own email address”, check the source of the email and see if there is another domain name in it. That’s the one you have to copy and block. Our post mentioned blocking an IP address, which was possible at the time of writing. That option isn’t shown now. Maybe that’s because people were blocking their own IP address, we’re not sure. If you do manage to enter an IP address, double check to make sure you’re not blocking your own, right? Use a Whois site to check. We’be been getting a lot of these emails that seem to come from our own accounts. We’re pretty sure the slow world economy is the cause of this. At this moment we have no such emails in our junk folder but as soon as we get another one, we’ll research it and write another post about this troublesome topic. For now, just delete the email. Stay tuned for an updated post. Thanks for commenting.
The same started happening to me. I replied to it to see if it was really from my account and it did come back to me. So they must have access to my account. What do I do then? The IP address is different for each email. It can go on forever blocking the IP’s and them changing locations. Does that mean they have access to my account and also my computer? I ran a malware software but found nothing.
They probably don’t have access to your account but it’s worth changing your password anyway. If they did get into your account, whoever is your email host would have suspended your account due to spam emails. Do you receive a number of these emails or just one every now and then. We’ve had a few over the years, nothing extreme. Once you change your password, you should be fine. Check your start menu for programs that you don’t recognize (use MSCONFIG for that and check Startup), run MalwareBytes and your anti-virus software plus do an online check using http://housecall.trendmicro.com/. Copy and paste that link into your browser and accept the download. This site is safe but avoid others that you see in pop-ups around the net. We’ve use Housecall for years. If you have problems running any of these checks, restart your computer in Safe Mode with Networking and run them from there.
For more on the ’email from yourself’ problem, here is a link to Lifehacker that explains in great detail how these folks do it. lifehacker.com/how-spammers-spoof-your-email-address-and-how-to-prote-1579478914 (copy and paste).
Good luck and let us know if you need more help. Thanks for commenting.
I’ve been doing what this forum said and I still find the IP Address in the source. What shall I do? I recently went on holiday in Portugal and I now receive an email from myself in Portuguese.
The IP address that is sending you the emails is in the email source. Use the directions in the post to find the IP address and then block it. In Hotmail it’s very easy to block the IP address. All of the directions are in the post. As an extra precaution, download Malware Bytes, install it and check your computer. If you have malware, this software will find it. Good luck. If you need more help, feel free to comment again and we can give you step by step help. Thanks for commenting.
I get emails from myself quite often and I just checked the last one after reading the post.
I’ve pasted an excerpt from the source code here
Authentication-Results: hotmail.com; spf=softfail (sender IP is &&&; identity alignment result is pass and alignment mode is relaxed)
As you can see the senders address in the source code is &&&
I did a reverse lookup and it came back as ^^^
Does this mean that the ^^^ is sending me spam using my own email address
There’s an interesting thought
Eliot
Wow, you sure went out of your way to spam us with your gambling link. A spam comment about spam. Fascinating.
Thank you for the info. this just happened to me yesterday.
We’re always happy to hear that we helped someone. By the way, we’ve noticed a lot less spam in our hotmail accounts. We hope that hotmail has stepped up its spam fighting. Whatever they’ve done, it’s working.
Thanks for commenting!