when it’s yours, but it’s not you.
I’ll start with the bad news: there’s almost nothing you can do.
this is spam, pure and simple. Abusing your email address is just one of many techniques spammers use to dump their junk into our mailboxes.
Reading: Gmail spam from myself
Remedies are fairly standard, though less than 100% effective.
what you’re seeing is called “spoofing”, or more correctly, from: spoofing: sending email that appears to come from someone it’s not.
Spammers hide the origin of their emails effectively. they use phishing in almost all the spam you see.
and it’s pretty easy.
so easy, in fact, that the from: address in spam says absolutely nothing. there is nothing in the email protocol that requires the from: line of a message to have anything to do with the true origin of the message.
Discovering the true origin requires a more detailed analysis of the email headers (normally unseen) and even then, at best, you may be able to get the ip address of the computer you send the email. and as I’ve argued ad nauseam, the ip address is pretty much useless to you and me.
they are not using your account
Many are concerned that since the email appears to be coming from you, it means the spammer has access to your email account.
They don’t need access to your account to send spam that appears to have been sent by you.
do not be alarmed. it can be annoying, but there is no need to worry about it. you’re already on spammers’ lists to receive spam, and they’re using that same list, or variations of it, to select which addresses to use when spoofing.
Currently, there is no effective way to stop them.
why are you getting it
When you see your own spoofed address in the spam field, it usually happens for one of two reasons.
- They’re trying to spam you and they know you’re unlikely to block your email. in fact, as you have seen, it is not even always possible. it’s a bad idea even if you could; it could prevent you from getting a legitimate email.
- They’re trying to spam someone else, and what you see is a bounce message showing that the original recipient rejected the original spam. Since the email looks like it came from you, even though you didn’t actually send it, you get the bounce message.
Now, as to why “firstname.lastname@example.org <email@example.com>”, where the two email addresses don’t match, or the “most common name <firstname.lastname@example.org> ” , where the name is obviously not related to the email address, I can only speculate. I guess it’s intentionally misleading to increase the chance recipients will open the email out of curiosity, or a side effect of the tools spammers use, which may not be able to put together a proper name/email address pair. /p>
what to do about it
there is nothing you can do to avoid: phishing.
spammers can put whatever they want in the from: line. if they want to put your email address in there, they can.
The good news is that most automated spam filters realize the uselessness of the from: line and probably won’t start blocking the email you send because some spammer is using your address. Naturally, some people may not realize this and might try to block you, but since spammers spam everyone, the chances of it being someone you know or care about are pretty slim.
The only thing you can do is keep doing what you already do to control spam. usually that’s marking spam as spam and getting on with your life.
the only thing to keep in mind
I want to be clear: since you can log in to your own account to receive your mail, what I am going to warn you about is not very likely.
but it is possible.
sometimes you will get spam from yourself if someone has hacked your account.
In your question, it’s clear that you can log into your account, so if someone hacked into your account, you didn’t change the password. that’s unusual. Normally, a hacked account means you can’t log in.
is something to keep in mind and maybe check. for example, check your sent mail folder for messages you didn’t send. if so, take all the precautions described in hacked email? 7 things you should do now.
Even if you don’t find any hard evidence of a hack, there’s nothing wrong with changing your password just to be safe.