Client was advised that a ""Drop Box" email was generated from his AOL email account and sent to a number of Yahoo and AOL recipients automatically without his knowledge. A recipient shared that they received it and opened it but "nothing was in there". Its possible the recipient was infected also. I requested a copy of the email which I will post here once we remove identifying information. Guidance given to client to: 1) Change the AOL password. Client advised that they had already done this but simply changed a "1" to a "2". I let them know that will not stop the hacker as they will figure that out quickly. 2) Download a Password Manager like 1Password or KeeperSecurity to their android phone to generate a long and strong password or passphrase. This may lock the hacker out (if there is no malware involved) 3) Install an antivirus or antimalware solution and scan the desktop/laptop computer for a keylogger or other malicious software. 4) Consider preparing a message of steps to take for any recipients who may have received the email, clicked it and become infected.