A number of AOL users claim their e-mail accounts have been hijacked and are being used to send spam. AOL is on the case although preliminary reports suggest some of the accounts are being spoofed, not hacked.
The issue first surfaced a couple of days ago and picked up steam on Twitter with the hashtag #aolhacked. Typically, the first step in securing a hacked account is to reset your password but if someone is spoofing your address, that won’t help.
Spammers often use this technique to trick recipients into opening an e-mail they think is from a friend, family member or colleague. The reality is that spammers have simply edited the “From” field to look like it originated from someone the recipient trusts.
As such, spoofed messages sent never originate from AOL and do not have any contact with the AOL Mail system. They’re sent from the spammer’s e-mail server. Others, however, claim spammers are specifically targeting their address book contacts which would suggest the account has indeed been hacked in some sort of manner.
As AOL points out in an FAQ on the matter, the best clue as to whether you have been hacked or spoof may reside in your “Sent” folder. If you see messages there that you didn’t sent, you’ve probably been hacked. If not, it’s likely a spoof attack.
Sources close to the matter within AOL told TechCrunch that less than one percent of all users are affected and they expect the issue to be fixed in the near future.