Mac sending out spam emails

[themvf]

Hello all,

I have no idea what is going on with my Macbook.

A few months ago I realized my GMAIL was sending out spam emails. I quickly added two step verification (which sends a text to my cell phone) in the hope that my email wouldn't be hacked in the future.

As of a few minutes ago, family and friends notified me that they received suspicious emails from me.

I haven't received any text notification, which must mean that there is a virus on my mac that is sending out these emails.

Please tell me what steps I should take next.

Thank you!

 

[GGJstudios]

I haven't received any text notification, which must mean that there is a virus on my mac that is sending out these emails.

It's not a virus. Your email account has been spoofed or hacked. Change your password to something secure, using upper and lower case letters, numbers and special characters.

Macs are not immune to malware, but no true viruses exist in the wild that can run on Mac OS X, and there never have been any since it was released over 12 years ago. The only malware in the wild that can affect Mac OS X is a handful of trojans, which can be easily avoided by practicing safe computing (see below). 3rd party antivirus apps are not necessary to keep a Mac malware-free, as long as a user practices safe computing, as described in the following link.

​

Read the What security steps should I take? section of the Mac Virus/Malware FAQ for tips on practicing safe computing.

 

[themvf]

It's not a virus. Your email account has been spoofed or hacked. Change your password to something secure, using upper and lower case letters, numbers and special characters.

Let's assume it was hacked the First time. I then changed the password with upper, lower, numbers, and 2 special characters.

I ALSO added two step notification which means that if I want to sign in to my gmail on a different computer, my CELL PHONE receives a text message with a verification code which I need to enter on gmail.com

However, since I added two step notification, I have never received a text message other than when I want to sign on to gmail.

Therefore, I think my gmail is not being hacked in the conventional way.

As for spoofing, emails are going to family and friends which means there is some access to my account. So I don't think it is being spoofed.

----------

I also want to add that I don't even see the emails in my SENT folder.

 

[GGJstudios]

As for spoofing, emails are going to family and friends which means there is some access to my account. So I don't think it is being spoofed.

I also want to add that I don't even see the emails in my SENT folder.

The fact that emails are not appearing in your Sent folder is indicative of spoofing. It doesn't matter who the emails are being sent to. Spoofing means the emails are actually being sent from another account, but they are made to look like they came from your account.

 

[themvf]

Don't you think it's odd though that the emails are being sent to my family and friends?

How in the world would a "spoofer" know the emails of my family and friends unless they had access to my account? He's not sending it to Johnsmith@xyz, he is sending it to my wife.

I really appreciate your help in this matter, but I think there is something more here than meets the eye.

 

[GGJstudios]

Don't you think it's odd though that the emails are being sent to my family and friends?

How in the world would a "spoofer" know the emails of my family and friends unless they had access to my account? He's not sending it to Johnsmith@xyz, he is sending it to my wife.

I really appreciate your help in this matter, but I think there is something more here than meets the eye.

Your account could have been hacked, giving them access to your contacts. The actual emails could have been sent via spoofing, however, which would not show in your sent items folder. No malware is involved in your situation.

 

[themvf]

So basically I'm SOL?

I have an 11 character password (including 2 special characters) and 2 step authentication.

"They" also hit my Yahoo email address.

I doubt changing these passwords will be any help since they obviously have found a way to get past the text message I should have received.

 

[GGJstudios]

So basically I'm SOL?

I have an 11 character password (including 2 special characters) and 2 step authentication.

"They" also hit my Yahoo email address.

I doubt changing these passwords will be any help since they obviously have found a way to get past the text message I should have received.

Unfortunately, there's no way to stop spoofing. It sounds like you've taken all the precautions you can. Of course, recipients may be able to block spam messages by keywords, without blocking all emails from you.

 

[Weaselboy]

So basically I'm SOL?

I have an 11 character password (including 2 special characters) and 2 step authentication.

"They" also hit my Yahoo email address.

I doubt changing these passwords will be any help since they obviously have found a way to get past the text message I should have received.

Yahoo had a big security breach a year or so ago, so your contacts may have been scooped up during that time period. Also, Facebook has notoriously bad security, so if you or your friends are using Facebook the contacts may have been scooped up from there also.

There have also been Windows viruses that snag the entire address book, so it is possible you have a friend that got a Windows virus and you are included in their contacts list.

I very much doubt either of your accounts (Yahoo or GMail) have been hacked and this does look like a classic case of spoofing.

Both GMail and Yahoo Mail have a page you can use to check and see when and from what IP your account was last accessed from. If you check that page and see the times and IPs match with your activity, you can be assured nobody else is accessing your account. Here is how to access the logging on Yahoo and here is how to do it on GMail.

You should report the messages to GMail and Yahoo (including full email headers) so they can combat the spam. If there is a trend of these coming from a particular ISP, they (Yahoo/GMail) can take steps with those ISPs to have the spammers shut down. Report the GMail spam here and the Yahoo spam here.