Basically the emails was sent by the thousands and we spend about an hour clearing all of these emails. Nowadays this is a very common attack. Hackers do not want to take the troubles of hacking servers. Instead they choose the far more vulnerable office or home computers, taking over them to do their illegal deeds such as blasting of phishing or scam emails.

Email servers can be protected well. But there is far fewer ways of protecting against a valid user whose account password was stolen. Some of the ways include limitations on sending etc which will inconvenienced all users for the sake of a few users. Hence this is rarely implemented. The best way of preventing a hacker attack is to practice good computer habits of patching your operating systems and programs regularly with new updates. Updating your virus scanner with the latest virus definitions and scan as well as defrag your computer regularly. Hopefully after this, the client learn his lesson and be more alert on protecting his own computer and data.