Some Gmail users woke up to find spam sent from their accounts

By Eric Brackett Published March 26, 2019

On Sunday morning, many Gmail users woke up to find spam in their sent folders. Understandably, many people’s first thoughts were that their accounts were hacked. That does not appear to be the case, however, as some users reported that spam was still being sent from their accounts even after changing their passwords.

“My email account has sent out 3 spam emails in the past hour to a list of about 10 addresses that I don’t recongnize[sic],” reads a post on the Google help forums. “I changed my password immediately after the first one, but then it happened again 2 more times. The subject of the emails is weight loss and growth supplements for men advertisements. I have reported them as spam. Please help, what else can I do to ensure my account isn’t compromised??”

Recommended Videos

The content of the emails makes it clear that they are spam and include such topics as shady loans, male growth supplements, and other such things.

Several users also reported that the spam emails appear to be linked to Telus, a Canadian telecoms company. The company has said that the emails were not sent from its servers and that it is currently working with its 3rd party vendors to address the issue.

There are currently spam emails being circulated which are disguised to appear from https://t.co/rpexKwMFiR. We can confirm they are not being generated by TELUS nor are they being sent from our server. We are working with our 3rd party vendors to resolve the issue. pic.twitter.com/LzYZMTU0ZN

— TELUS Support (@TELUSsupport) April 22, 2018

In terms of account security, several users noted that had two-factor authentication on their accounts making it very unlikely that they were hacked.

“My account is totally secured and has no access from anywhere but my PC and my phone,” another user replied. “Along with 2 factor authentication. Still getting these spam emails from ‘myself’, come on google fix it up.”

Fortunately, Google is aware of the issue. In response to a tweet about the topic, Google’s Seth Vargo said that the company’s engineers are working on the problem.

Hey Alex, thanks for letting us know. Our engineering teams are aware of this and are working on a resolution :)

— Seth Vargo (@sethvargo) April 22, 2018

Former Digital Trends Contributor

Topics

Computing

The Mac Pro is dead at Apple, and I’ll miss the cheese-grater powerhouse

RIP Mac Pro. The Mac Studio is taking the throne, and we're okay with that.

Electronics, Computer, Pc

Apple has officially discontinued the Mac Pro. It’s been removed from Apple’s website, and Apple has confirmed to 9to5Mac that there are no plans to release a future version. The buy page now redirects to Apple’s Mac homepage, where the Mac Pro no longer exists.

Why did Apple kill the Mac Pro?

Computing

March Madness, Revisited: The AI Model Did Well. But Mad Things Still Happen

Stills from NCAA games.

(NOTE: This article is part of an ongoing series documenting an experiment with using AI to fill the NCAA brackets and see how it fares against years of human experience. The original article is as follows.)

A week ago, I wrote about entering an NCAA tournament pool with a more disciplined process than I usually use.

Computing

A simple coding mistake is exposing API keys across thousands of websites

Security gaps that are easier to miss than you think

Computer, Electronics, Laptop

After analyzing 10 million webpages, researchers have found thousands of websites accidentally exposing sensitive API credentials, including keys linked to major services like Amazon Web Services, Stripe, and OpenAI.

This is a serious issue because APIs act as the backbone of the apps we use today. They allow websites to connect to services like payments, cloud storage, and AI tools, but they rely on digital keys to stay secure. Once exposed, API keys can allow anyone to interact with those services with malicious intent.