Hi, someone is sending spam from my gmail address to my contacts.<p>I found out yesterday when a friend texted me saying he was getting spam from my address.<p>I logged into my account and found some failed delivery messages of emails I'd never sent myself.<p>There is no trace of sent emails left in the Sent Mail folder.<p>I also can't see any suspicious login activity in my gmail login history at the time the spam was sent or any other time.<p>The thing that's worrying is that they got hold of my contacts. It was an account I was not using directly any more, so I have closed that account now.<p>I have 2-factor auth enabled on my other accounts and have even changed all the passwords again.<p>I have reported twice to Google, but haven't heard back anything yet.<p>Edited to add:<p>I have looked at the original email message and the header does suggest it came from google. I reported the Message ID to google along with the full email message.<p>I also suspected it may be some app or service that I gave access to my contacts to, but I didn't see any in my app access list.<p>That's why I'm turning to you guys to ask if any of you've been in a similar situation, how do I secure my accounts, and trace down the cause of this particular incident?<p>Thanks
See @ <a href="http://nakedsecurity.sophos.com/2011/06/02/how-to-stop-your-gmail-account-being-hacked/" rel="nofollow">http://nakedsecurity.sophos.com/2011/06/02/how-to-stop-your-...</a><p>Bullet list includes
Account Security:
Settings -> Accounts and Import -> Google Account Settings -> Change Password [pick a new secure password]
Settings -> Accounts and Import -> Google Account Settings -> Change Password Recovery Options [verify secret question, SMS and recovery e-mail address]<p>Potential Spam:
Settings -> General -> Signature [make sure nothing as been added]
Settings -> General -> Vacation Responder [make sure it's disabled and empty]<p>E-mail Theft
Settings -> Accounts and Import -> Send Mail As [make sure it is using your correct e-mail address]
Settings -> Filters [no filters that forward or delete e-mail]
Settings -> Forwarding and POP/IMAP -> Forwarding [disabled or correct address]
Settings -> Forwarding and POP/IMAP -> POP Download [disabled]
Settings -> Forwarding and POP/IMAP -> IMAP Access [disabled]<p>Additional Information
Keeping account secure: <a href="https://mail.google.com/support/bin/answer.py?hl=en&answer=46526" rel="nofollow">https://mail.google.com/support/bin/answer.py?hl=en&answ...</a>
Protecting your account: <a href="https://mail.google.com/support/bin/answer.py?hl=en&answer=29407" rel="nofollow">https://mail.google.com/support/bin/answer.py?hl=en&answ...</a>
More account security info: <a href="http://www.google.com/help/security/" rel="nofollow">http://www.google.com/help/security/</a>
If your account is compromised: <a href="http://mail.google.com/support/bin/answer.py?hl=en&answer=50270" rel="nofollow">http://mail.google.com/support/bin/answer.py?hl=en&answe...</a>
Someone using your address: <a href="http://mail.google.com/support/bin/answer.py?hl=en&answer=50200" rel="nofollow">http://mail.google.com/support/bin/answer.py?hl=en&answe...</a>
Google Employee comments: <a href="http://www.google.com/support/forum/p/gmail/thread?tid=560d53dee40be5e6&hl=en&start=7010" rel="nofollow">http://www.google.com/support/forum/p/gmail/thread?tid=560d5...</a>
Click the Details link next to the Last account activity line at the bottom of any Gmail page.<p>That will give you a list of IPs signing into your account.<p>I get a lot of those failed delivery messages though because I have my own domain via google apps. Someone scrapped my mail domain and fakes it in the headers, but I get the actual replies because I have it set so all addresses on the domain go to me.
How do you know "they" are using your account rather than just using your email address as a "from". That used to be the most common way of trying to get SPAM past people's simpler filters.<p>Might be worth checking what would happen if such an email was rejected from one of those email servers that bothers to send a response back - could explain it all.