cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Got a Spam email from my own domain.... Am I compromised?

I received an email from June6@mydomainname.com It had a zip file attachment.  I deleted it immediately.

 

We only have 8 addresses associated with our account.  June6 is not one of them.  I checked my account. June6 has not been added without my knowledge.  Should I be concerned or take any steps toward better security? 

6 REPLIES 6
Super User II Super User II
Super User II

Re: Got a Spam email from my own domain.... Am I compromised?

@MAE2402

I don't think you are compromised. Sounds like typical spam/phishing. 

 

All anyone has to do is change the from address in an e-mail program to look like anyone they want. I could do that now and put in Bill Gates and send to whomever I want! Smiley Happy

 

The complete e-mail header information (all the gobbly-**bleep** in the background) will show the servers the e-mail came from and went through.  You can see all that by seeing where you can "view message source" in your e-mail program if you want to be sure.

 

HTH! Smiley Wink

Judith
"Do or do not. There is no try." ~Yoda

New

Re: Got a Spam email from my own domain.... Am I compromised?

Same thing just happened to me 😕 

 

New

Re: Got a Spam email from my own domain.... Am I compromised?

I am also facing the same issue. Few of our users got email from our own domain (so its looks like its genuine email). however we never created that email id.

How to prevent that?

 

I am worried now if godaddy is safe place for hosing emails.

New

from secureserver.net

I'm getting killed with massive amounts of "mailer-daemon" that of course have attachments.  How can I stop them?  Surely don't want to block secureserver.net

 

I appreciate any help!!

Re: Got a Spam email from my own domain.... Am I compromised?

Hi,

 

You have to look at the headers of the email and see where it originates from. A technical person should be able to determine the origin and whether there has been spoofing involved. Usually, a good way to do that is compare to headers of a valid message doing a similar route.

If the source is outside of your network then there is not much you can do. This is a forgery. Setting up SPF and DKIM can help.

If the source is from your network it can be a result of your account being compromised. In some cases it can be somebody else's account that is compromised as long as that account is on the same network/server (shared hosting).

You can post headers here and perhaps people will be able to help. It is advised to mask-out any email addresses and sensitive information when you post.

New

Re: Got a Spam email from my own domain.... Am I compromised?

Hi,

Earlier we were facing the same issue and I would like to give you some notes to stop the Spoofing.

  1. SPF record should be updated to your domain DNS
  2. You can configure DMARC record as optional.
  3. All your end user systems should be installed with endpoint security (i.e. Symantec Endpoint Security) which can be blocking the network attack as well as port scan attack.
  4. Normal antivirus will not help you to stop against the Spoofing in your end user systems.
  5. Keep all the system security updated and secured.
  6. Advice the user to not click link or open the mail which is received as SPAM.
  7. If you are using only the webmail, you will not face any issue like spoofing.

Kindly do above mentioned steps and you will not face any issue like getting SPAM mail from OWN domain.