Question: Why do I get bounce-back emails from unfamiliar addresses?
While bounce-back emails are often legitimate, they could be caused by unsolicited email (spam) or malicious messages.
There are a number of reasons why a bounce-back email may not be all it seems. Three examples are as follows:
- A spammer could be using your domain name to create fake email senders. For example, they could be using email@example.com, fake1@ companyname.com, fake2@ companyname.com, etc.;
- A spammer could be circulating through millions of emails addresses, using them all to trick spam filters into accepting the messages;
- A spammer could be distributing their messages using a server that bounces invalid emails. They could be sending their spam emails to the server using the ‘From:’ address field. Because the emails entered would be invalid, the server would bounce them back to the “spammed” users. If your domain is set up so all emails sent to it are redirected to a catch-all account, disable or limit them. You should, instead, specify your valid email addresses (e.g. firstname.lastname@example.org).
Does that mean that your account was hacked? probably not. Your email address, as explained, is likely being used by a spammer to circumvent spam filters. Unfortunately, it is easy to spoof an email address; you simply tell the recipient’s email server that the message is from a specific account.