AOL Mail has changed its policies to prevent spammers from sending messages out of addresses that are made to look like real AOL email accounts.
The company announced the change Tuesday afternoon after numerous users took to Twitter to complain that their accounts were being used to send spam and that changing their passwords was not resolving the issue. Some users complained that spam was being sent from AOL accounts that had been deleted.
That was possible because the spam messages were not being sent from users’ actual accounts. Instead, spammers were using a technique called “spoofing,” in which messages are sent from accounts that have been modified to look like they are legitimate email addresses.
Spoofing enables spammers to send messages to users’ contacts, potentially tricking the receivers into clicking on unsafe links that they believe came from a friend or contact.
“These emails do not originate from AOL or our customers,” AOL said in a post. “Rather, the outgoing addresses are edited by the spammers to make them appear to be legitimate AOL email addresses.”
The change AOL Mail is implementing to fix the situation may cause some legitimate users’ messages to be rejected by email providers.
Affected AOL email accounts may include:
- Services that forward email
- Mailing lists
- Businesses that use third-party services to send mail from AOL accounts
- Websites that send mail using AOL addresses and also use a “Share with a friend” feature
“We recognize that some legitimate senders will be challenged by this change and forced to update how they send mail and we sincerely regret the inconvenience to you,” AOL said.
Since many of the affected users will be businesses and organizations, AOL recommends that they use their own Web domains to send emails, rather than continuing to use "@aol.com” accounts.
Another solution is using AOL SMTP instead, AOL said. Users can find instructions for that solution on this page. Users with questions regarding the change can contact the company at email@example.com.