In reply to Removed User:
> First, what you're describing isn't hacking.
I didn't describe anything. I made a statement. Also, 20 years ago I would have argued with someone over the difference between cracking, hacking, phreaking, etc. Now hacking is synonymous with accessing without authority.
There are various different ways these spoof emails after generated. In the case I know of the address book was only hosted with AOL web interface, so the AOL account was compromised. In other cases it can be done malware using an unsecured SMTP server to send all your subdued address book emails and it can set the sender to one of those emails rather than the host.