Google's Gmail client is already equipped with a quite decent filtering service of spam emails. But, recent complains from Google Help community forum suggests that users have been receiving several numbers of spam messages — from themselves.
Reports by Mashable and other users in the forum implied that they have been receiving spam messages even after enabling the secured two-factor authentication and updating their current passwords.
"My email account has sent out 3 spam emails in the past hour to a list of about 10 addresses that I don’t recognise," a user complained in the Google Help Forum. "I changed my password immediately after the first one, but then it happened again 2 more times."
"The subject of the emails is weight loss and growth supplements for men advertisements," read the same Google Help Forum post. "I have reported them as spam. Please help, what else can I do to ensure my account isn’t compromised??"
In order to pass spam filters, the spammers used forged email headers to make them look as they came from users via a Canadian telecommunications company called Telus. As the messages seemed to be receiving from the same user, Gmail had pushed them to affected users' sent folders.
A Google's spokesperson has issued a statement to Mashable stating, "We are aware of a spam campaign impacting a small subset of Gmail users and have actively taken measures to protect against it. This attempt involved forged email headers that made it appear as if users were receiving emails from themselves, which also led to those messages erroneously appearing in the Sent folder. We have identified and are reclassifying all offending emails as spam, and have no reason to believe any accounts were compromised as part of this incident. If you happen to notice a suspicious email, we encourage you to report it as spam. More information on how to report spam can be found by visiting our Help Center."
Telus had also identified these spam emails and said they were aware of the issue. The company said they were working with third-party vendors to solve the issue....