Skip to Content
© Alexander Limbach |
Security & privacy

Quick check to see if your email address was used to spread spam

Malware and spam are pretty common issues on the web. Most of us try our best to avoid infected sites, but it can be tough to do — especially when there are issues like Emotet to contend with. Bad actors behind Emotet are responsible for a storm of malware spread through spam emails that have been causing serious issues.

All it takes is one malicious spam email to create a firestorm. Open it and your computer could be bombarded with deceptive, malicious attachments, which can then spread to other people. Tap or click here to see how Emotet recently reactivated after a 5-month slumber.

The way Emotet botnet spreads is effective and scary, and it’s one of the biggest malware issues we’ve seen in recent years. Worried you’ve been infected? Well, there’s an easy way to check whether your email or domain has been used in any Emotet spam campaigns.

Is your email spamming people without your knowledge?

If you want to check whether your email or domain address has been linked to any Emotet spam campaigns, all you have to do is visit the haveIbeenEMOTET website. This site offers a free tool that will tell you whether your email address or domain has been connected to Emotet malspam.

RELATED: 5 essential email hacks you’ll wish you knew sooner

All you have to do is enter your email address or domain name into the tool on the landing page of the site and hit enter. The tool will check whether it has been used for Emotet malspam.

You’ll get one of a few results. Either you’ll get confirmation that your email address has not been used in an Emotet spam campaign or you’ll get verification that it has.

If your email address or domain has been used, it will be marked as either “Sender Fake,” “Sender Real,” or “Recipient.” If you get one of the latter results, you need to take steps to repair the possible damage.

The site name may sound similar to HaveIBeenPwned, but the two sites aren’t affiliated. While the haveIbeenEMOTET site focuses on spam campaigns, HaveIBeenPwned is a free service that tells you if your information has been exposed in a data breach or sold on the Dark Web.

HaveIBeenPwned lets you enter usernames or email addresses to determine whether they were one of the billions of leaked accounts affected by data breaches. You can also sign up to be notified by HaveIBeenPwned if your email address appears in future dumps.

What to do if your email has been hijacked

The haveIbeenEMOTET site doesn’t retain any information about your email address or domain that you input. It simply checks your info against the data it has in its database.

If your email address is in the haveIbeenEMOTET database, the first thing you need to do is scan your computer for malware. Be aware, though, that malware can interfere with your antivirus software, so you may have to boot up in Safe Mode and run the antivirus software again if that happens.

Need help finding a good antivirus program? Tap or click here to see our favorite antivirus programs.

Your next move is to change the password associated to the email account in question. Make sure you’re using unique, hard to crack passwords for all of your online accounts. Tap or click here for tips on creating stronger passwords.

Finally, check your email account settings to make sure privacy and security is at a maximum. Tap or click here to secure your emails by tweaking a few settings.

Komando Community background

Join the Komando Community

Get even more know-how in the Komando Community! Here, you can enjoy The Kim Komando Show on your schedule, read Kim's eBooks for free, ask your tech questions in the Forum — and so much more.

Try it for 30 days