3

I just logged in to my gmail and was shocked by the amount of automatic responses I got in my inbox. I then looked at my sent messages folder and noticed that apparently, thousands of spam e-mails were sent using my gmail to all my contacts.

These people include trusted contacts such as university and work application managers aswell as other important people.

Now that the e-mails have already been sent, what can I do to control the damage done as much as possible? Should I send all those contacts another e-mail explaining the situation? Note that that would mean that another 5000+ e-mails are being sent from my account (which is probably already flagged as "spam"). If I don't clarify however, this will lead to awkward situations.

I checked the IP history and it also says that some IP has logged in to my account 45 minutes ago. I do not know this IP, so the mails must've been send at an other location with my password. I changed my password, but the mails have already been sent.

I am lost here and only see very bad outcomes of the situation, whatever I do. Should I maybe contact google? What do you recommend?

Tom
  • 278

4 Answers4

7

You did the right thing by changing your password. I'd also check that all the contact details (alternate e-mail addresses etc.) are still correct. Monitor the account closely and make sure that no one gets in again. The worst case is that you've got a keylogger installed so you might want to consider changing the password again from a different computer, and running a full scan of your machine.

As to the problem of all the e-mails sent - don't send out a mass e-mail, you'll only be compounding the problem and you might be marked as a spammer. It's important to note that most of the e-mails might not have been delivered if the various mail servers involved have decent, up to date spam and virus filters.

By all means contact the most important people individually - but it's sad to say that with all the spam going around and e-mail spoofing most people get spurious e-mails at some point.

ChrisF
  • 41,540
2

I just logged in to my gmail and was shocked by the amount of automatic responses I got in my inbox. I then looked at my sent messages folder and noticed that apparently, thousands of spam e-mails were sent using my gmail to all my contacts.

Thousands of spam emails ? I may be wrong, but some vague memory assures me that google has some sort of spam filters, that prevents you from sending a mail to more than a certain number of people.

Never do send mails to a lot of people, so never cared about it. Therefore the uncertanty.

These people include trusted contacts such as university and work application managers aswell as other important people. Now that the e-mails have already been sent, what can I do to control the damage done as much as possible? Should I send all those contacts another e-mail explaining the situation? Note that that would mean that another 5000+ e-mails are being sent from my account (which is probably already flagged as "spam"). If I don't clarify however, this will lead to awkward situations.

Yes, if you do care, send a carefully worded mail of explanation.

I checked the IP history and it also says that some IP has logged in to my account 45 minutes ago. I do not know this IP, so the mails must've been send at an other location with my password. I changed my password, but the mails have already been sent.

I am lost here and only see very bad outcomes of the situation, whatever I do. Should I maybe contact google? What do you recommend?

Well, it has nothing to do with google (just like if you crash your car, it isn't Peugeot's fault), but do:
- try to find out as much as you can about that spyware (I never heard of any exploiting gmail)
- try to clean it
- change your gmail password (after cleaning the spyware) - check if the sended mails had any sort of attachment with them

Rook
  • 24,289
2

Apart from the fact that your account was hacked, there's the possibility that your email address is now logged in some hacker's database together with all your contacts. In that case, having closed off access to your account won't stop spam from your address from arriving, as it can still be sent from other computers and tricked-out to look like it was sent by you.

The best solution is to abandon your email address, so as to allow your contacts to add it to their black list. For all you know, some anti-spam software on their side might have already done so automatically when receiving email that's obviously spam.

The best tactic in my opinion is:

  1. Several antivirus scans on your computer, or re-installation of Windows,
  2. Change your email address.

If you don't like the idea of installing multiples antivirus programs, Google for "antivirus online scan" and use a couple of the best-known ones to scan the computer (each takes some hours to complete).
Some that I like are Trend Micro House Call and Kaspersky Labs Free Virus Scan.
Please note that they might require you to use Internet Explorer as your browser.

harrymc
  • 498,455
0

Check your computer for viruses and malware, worst case scenario is that it might happen again.

Niels Bom
  • 177