Hey everyone, I just received a phishing email that appeared to come from my own Outlook address (which is linked to my own domain). I did a bit of research, and it seems like scammers can easily fake the "from" field, which explains why it wasn't in my sent items. However, when I click on the email's name or reply, it still shows my email address. Does this mean the scammer has access to my inbox? Everything I've read about spoofing suggests that replying should reveal the actual sender's email address. Any insights would be greatly appreciated!
4 Answers
No need to worry, it's pretty common for scammers to spoof your email address without actually accessing your account. When you hit "Reply," it's going to send it to your address because they've just made it look like it’s coming from you. That doesn't mean they've hacked into your inbox! Just be sure your account has strong, phish-resistant MFA in place to up your security.
a
a
{
Thanks for clarifying that! I was concerned since I heard that replies should show the original sender's email. Should I do anything else to protect my account?