Gmail Users Are Somehow Getting Spam From Themselves
Spammers are getting craftier these days. Even Google's Gmail, with its suite of anti-spam measures, is now being turned against itself as some users report that they are somehow getting spam from their own email address.
A number of Gmail users took to the product forums of Google to complain that their accounts have seemingly started sending out spam. Based on the comments, even those who have already changed their passwords and logged out all their devices were still affected by the issue.
More worryingly, even those who have previously enabled two-factor authentication, a feature that requires a confirmation code sent to the user's personal number, were also affected as well.
The messages that were being sent out were, without a doubt, something only spammers will deal with, too. "The subject of the emails is weight loss and growth supplements for men advertisements," one user commented.
"I have reported them as spam. Please help, what else can I do to ensure my account isn't compromised??" the alarmed user added.
Google eventually replied with a statement, saying that the company is now aware of this spam campaign that it claims only affects "a small subset of Gmail users." The company also added that they have already implemented measures to protect other users against it, as relayed by Mashable.
"This attempt involved forged email headers that made it appear as if users were receiving emails from themselves, which also led to those messages erroneously appearing in the Sent folder," Google explained, adding that they have now identified and tagged messages sent this way as spam.
According to Google, they "have no reason" to think that these email addresses were compromised in the first place, even if the spam emails seemed to have originated from them at the first glance.
"If you happen to notice a suspicious email, we encourage you to report it as spam. More information on how to report spam can be found by visiting our Help Center," Google helpfully added.
The company also took to social media, with Google employee Seth Vargo assuring alarmed Gmail users that their engineering team is already working on solving the issue as soon as they were made aware of it, via a Twitter post on Monday, April 23.
There's no further word from Google on whether they have fixed this spoofing issue, as of now.
Apparently, most if not all of the spam messages appear to have been sent "via telus.com," the domain of a major telecommunications group in Canada. A representative from the company has also reminded users to "not to respond to any suspicious emails."
"We are aware of the issue and can confirm the messages are not being generated by TELUS, nor are they being sent from our server," a Telus spokesperson confirmed.