Hi,
unfortunately, there are no ways to prevents spoofing. E-mail protocol is very old and unsafe.
You may find a real sender's address in a service part of the message. Outlook classic and Outlook new allow to do this.
spam email sent from my own email to myself
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(156.8, 69%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAM%3C/text%3E%3C/svg%3E)
Allen Moniri
0
Reputation points
Spam email is being sent from my own email address to myself. It seems it's a spoofing attempt.
How can this be prevented so they can't use my email address?
Outlook | Web | Outlook.com | Email
-
Hornblower409 6,880 Reputation points2026-04-07T06:24:49.3533333+00:00 @Allen Moniri
Are these emails being delivered directly to your Junk folder? If so, then the Microsoft Mail Filters have already determined that, while they may look like they were sent from your account, they actually are using a different email address. You can just ignore them.If they are showing up in your Inbox, then you will have to determine what address they are actually being sent from so you can automatically send them to your Junk folder. If this is the case, please advise and I'll give you the detailed instructions on how to do this.
-
-
Hornblower409 6,880 Reputation points
2026-04-07T18:30:04.8033333+00:00 @Allen Moniri said
[Self Spoof Spam] showing up in my inbox
Open one of the Spam emails.
Open the Message Header
https://support.microsoft.com/en-us/office/view-internet-message-headers-in-outlook-cd039382-dc6e-4264-ac74-c048563d212c#tab=web
(It says "View > View message details". It's actually "View -> View message source")In the Message Header Look for a line that starts with
From:. It should be in the format:
From: DisplayName < ActualEmailAddress >If the ActualEmailAddress is not yours, then you have two things you can do:
1 -- Add ActualEmailAddress (without the <> brackets) to your Blocked Senders List. This will send any mail from that address to your Junk.
https://support.microsoft.com/en-us/office/block-or-unblock-senders-in-outlook-9bf812d4-6995-4d19-901a-76d6e26939b0#picktab=web2 -- Create an Outlook Rule to Delete them
I would suggest that at first you have the Rule just assign them a specific Cat. e.g. "Self Spoof Spam"
Let it run for a day or two to be sure that it's catching all the Spoof Spam and no False Positives. If it's all good, change the Action to Delete or Mark as Junk.
Sign in to comment
2 answers
Sort by: Most helpful
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 10%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EIL%3C/text%3E%3C/svg%3E)
Igor Leyko 110.5K Reputation points Independent Advisor2026-04-06T19:22:48.9966667+00:00 -
Q&A Assist2026-04-06T18:45:28.7966667+00:00 AI generated content. This question contains an answer created with AI from Q&A Assist. Learn moreMessages that appear to come “from” the same address as the recipient are typically spoofed: the sender is forging the From header and the message is never actually sent from the real account.
For Outlook.com / Outlook on the web, prevention and handling focus on:
- Relying on Microsoft’s anti-phishing and anti-spoofing protection
- Spoof intelligence in Exchange Online Protection helps prevent spoofed and phishing messages from reaching the inbox by verifying that the sender is who they claim to be and marking malicious messages as junk email or unverified.
- When a message is suspicious but not definitively malicious, Outlook flags the sender as unverified so the recipient can treat it with caution.
- Treating self-from-self spam as phishing
- Consider these messages phishing attempts: do not click links, open attachments, or reply.
- Move them to Junk or report them as phishing in Outlook.com so that Microsoft’s filters can learn and block similar messages.
- Understanding that spoofing does not require access to the account
- Spoofing is “disguising who you really are” in email. Attackers can forge the From address without signing in to the real mailbox.
- Because of this, there is no way to completely stop others on the internet from attempting to spoof an address; protection is provided by the receiving service’s authentication and anti-phishing systems.
- General safety practices
- Be suspicious of any email (even if it appears to be from the same address) that asks for personal information, passwords, or payments; this is a common phishing tactic.
- If a message appears to be from a company or service, verify it by going directly to the official site or using known contact methods rather than any link or phone number in the email.
If there is any sign the account itself is compromised (unexpected sent items, forwarding rules, or sign-ins), immediately change the password, enable multi-factor authentication, and review account rules and security settings.
References:
- Relying on Microsoft’s anti-phishing and anti-spoofing protection