I'm still unsure I dealt with the spammer completely.Emails were sent from my email sent box to people in my address book. This is from an article in pc magazine.
Compromised, or spoofed? Here's a significant point. The article mentions this:
"The tactic can also increase the spam message's seeming legitimacy: You're more likely to open email that purports to come from a person or a company you know than email that comes from a total stranger."
Why are the spam messages going to people who know you? If a spammer only gets your e-mail address, and sends 'spoof' messages that seem to come from you, those spam messages go all over the place. They are not particularly sent to people you know. But if your own account or computer is compromised, the spammer will have not only your address to use as the 'from' address, but also names and addresses of people in your e-mail account to use for spam targets.
So if many people you know are getting messages that seem to come from you, someone may have your entire address book. That is more likely to signify that there's a real compromise rather than just a case of someone finding your own name and address for spoofing.
Richpond makes a very good point: spoofing doesn't give spammers access to your address book; it just uses your email address to send junk. If the junk goes to a bunch of your friends, it's probably not a case of spoofing, but more likely a hacked email account. If it's not hacked, the spammer doesn't have your friends' email addresses
Edited by rl153, 08 December 2012 - 11:43 AM.