Important update 1: Email Support is being transitioned to Webforms. Click here for more information.

Secure Your Enom Email Account

A few signs indicate a compromised or spoofed email account, such as undeliverable bounce-back emails, emails you did not send, and people complaining about spam sent from your address. This article helps you determine whether your account has been compromised by a virus, malware, or a spammer, or whether you are being spoofed, and what to do in each case.

Signs of a compromised email account

Email headers help you determine whether an email account has been compromised. Here is what to look for in the headers.

Received: from [11.22.33.44] (11.22.33.44.servername.com [11.22.33.44])
(Authenticated sender: sender@senderdomain.com)
by something.servername.com (Postfix) with ESMTPA;
Fri,  4 Jul 2014 19:28:23 +0000 (UTC)

This example contains fake information, but the key detail is Authenticated sender. This means the email was sent after authenticating the sender using the username and password. The message was sent through the outgoing mail servers using the email's login credentials. If your email account has been compromised, run a complete system virus scan on your computer and reset your email password using the webmail portal or your Enom portal. Changing your email password cuts off any connection a third party may have to your email account.

Understanding email spoofing

Email spoofing is when the sender of an email, typically spam, forges (spoofs) the email header From address so the email appears to come from a legitimate address that is not the spammer's.

Spammers do this for two reasons:

  1. To trick spam filters into allowing the email through using a reputable email address. This is one way your friends and family see spam emails from you in their inbox rather than their spam folder.
  2. To prevent bounce-back emails from reaching the spammer's inbox. Spammers may send their spam to thousands of email addresses, and inevitably many of those emails bounce.

Email spoofing is more common with email accounts that are not actively used. If the account is used daily, there is a higher chance it has been compromised by malware or a virus.

Prevention and account security

There is no fool-proof way to prevent either type of abuse to your email address, but you can adopt best practices to improve your email security.

ActionBenefit
Update your password frequently.Helps prevent attackers from obtaining your passwords and cuts off access if the account is compromised.
Run full weekly virus scans.Identifies issues and security risks on your computer.
Do not share your email address online.Sharing your email on social media results in malicious automation harvesting your address. Instead, use a format such as "example(at)gmail(dot)com".
Use throwaway email accounts.For mailing lists and contests, use a throwaway account such as Gmail or Hotmail that you do not mind deleting if it gets abused.
Reserve your primary email for priority mail.Only use your primary email to communicate with people you know or trust.

Spammers may acquire your email address in several places, and following these best practices lowers the risk of being targeted. Programs and software exist that do nothing but scavenge the internet for email addresses, including from:

  • A website contact page
  • Domain WHOIS records
  • Mailing lists. Some are legitimate, but others may sell your information.
  • Anything you post online with your email address in it.
  • A contact's computer that becomes compromised, where your information is taken from their contact list.

If spoofing is recurring and causing significant inconvenience, the best option is to delete the account and start over with a new email account. Since this is not always possible, you can create a temporary filter in webmail to keep the bounce-back emails out of your inbox until the spammer moves on. They usually last only a week or two, sometimes less.

Next steps

Questions? Contact Enom Support.

How helpful was this article?

Thanks for your feedback!

Do you still need help? If so please submit a request here.