I need help with this issue, somehow unauthorized users or scripts are using my company’s email account within Roundcube webmail to send thousands of spam emails all over the world, we have isolated the issue to roundcube, we can choose between Horde, SquirrelMail and roundcube and looks like is just happening in roundcube.
The intruder is also changing the users name to PayPal, Payoneer, Apple Inc, Service, etc.
Is there anything you can do for us and all those users that are getting spammed from our hacked email account?
This is the response I got from GIGENET support team:
Disabling webmail might be a good idea if you're not using it and since it's where the spam seems to be coming from.
Since the scan didn't really pick anything up I'm not sure where the issue lies here, but it does seem that the spammer is logging in via Roundcube somehow.