Gmail account hacked?

[Dch48]

Today and yesterday, I have gotten an email ostensibly from myself that I didn't send. They have come to my GMX address and the header says they were sent from my gmail address. Scans have found nothing amiss. What could be going on here?

The only thing in the mails is a link that of course I didn't click on.

[DavidR]

Doesn't mean that your email account has been hacked. More likely someone that you correspond with has that email address in their address book and their system is infected.

They use email addresses in the addressbook not only to send spam to but for the From address, a doddle to fake. So headers would reflect what is in the From address, but the IP/Server address is likely to be wrong.

This is a bit of a common tactic to send a spam email to a person using their own email address as this is most likely to sail through any anti-spam filtering as it is from you (dumb filter) and is most likely whitelisted.

I have a spam filter specifically to deal with the form me to me situation and none of my email addresses are in any whitelist.

[Dch48]

I don't know of anybody that has the gmail address. It's not used for anything but a login to a few websites. I only have like 5 addresses in my address book in Outlook Express and I never made an address book at gmail because I never go to the actual gmail site. I also don't communicate with anybody regularly by email anyway. I did a full scan with Malwarebytes and a boot scan with Avast! and neither one found anything.

I guess I need to check the other machine here since Windows Mail on that one is set up to retrieve my mail from GMX and Gmail. That one would be more likely to get infected since it's user goes to all kinds of different game sites and I constantly am having to clean up toolbars and other stuff she has managed to acquire somehow.

[DavidR]

Nothing to stop it being harvested if that site gets hacked. The main issue is if your gmail account is out there in some spam list and I would say that is a racing certainty. No matter how infrequently that you use it.

I have had some that don't see the light of day and yet I received spam for them. With gmail there is such a huge user base that you could almost string together and number of characters and get a hit.

[Hermite15]

yes in such cases appearing senders and recipients have no meaning, what matters is what you find in the message source text, confirming most of the time that the mail originates from a friend of yours whose contact list was harvested.

[doktornotor]

What really matters here are the message headers (you have not posted those); From address is completely irrelevant.

[Dch48]

I didn't get one today but if I do get another one ,I'll post the header. Like I said though, the only thing in the mail body was a link that looked like it was to an advertising site of some kind.