Email Spoofing
If you have ever received a bounce message for mail that appears to originate from your account, find messages in Spam from 'me,' or received a reply to a message you have never sent, you may be the victim of an email 'spoofing' attack. Spoofing means faking the return address on outgoing mail to hide the true origin of the message.
When you send a letter through the post office, you write a return address on the envelope so the recipient can identify the sender, and the post office can return the mail to the sender in the event of an issue. But nothing prevents you from writing a different return address than your own.
In fact, someone else could send a letter and put your return address on the envelope. Email works the same way. When a server sends an email message, it specifies the sender, but this sender field can be forged. If there is an issue with delivery and someone forged your address on the message, the message will be returned to you even if you weren't the actual sender.
If you've received a reply to a message that wasn't sent from your address, there are two possibilities:
1) The message was spoofed, forging your address as the sender. 2) The original sender used your address as a reply-to address so that responses would be sent to you.
Neither of these possibilities indicates that your account was compromised. If you are concerned that your account may have been compromised, please open a Technical Support at the following link:
