Spoofing occurs when a user receives an email from your domain making it look like you were the sender. It's no different than you putting an envelope in the mail and putting your intended receipient as the return to line, and YOUR address in the send to line. This then means that when the post office sees no stamp on the envelope, they send it back to the original sender (which of coure is who you wanted to send it to in the first place).
If you believe your email address has been compromised or there are emails being sent out in your name which you are not sending, please copy the email headers from one of the emails that were sent and open a new support ticket. We can then verify for sure that the email did not come from your servers and work toward a resolution.
If the mail header indicates the mail did not come from your server, one thing you can do to help is make sure you're rejecting email that's being sent to non-existing addresses. Make sure your cpanel / mail / default mail account is set to Reject mail with a failure message. If you have been using your default account (your cpanel user name) to accept valid mail, please contact support.
Other than making sure you're only getting mail that's sent to a valid address, there's not much you can do other than wade through the mass emails until they decide to quit and move on to the next place. Using the header information we'll be able to find out what data center is responsible for sending the mail and we can contact them to have them shut down for spamming etc.
Reviewed : 11/13/2016