Why does SES show email sends at times that emails were not sent?

The situation you're describing could be due to a few different factors:

1. Delayed reporting: SES may sometimes show email send activity with a slight delay. This could make it appear that emails were sent at times when you didn't actually send them.

2. Queued messages: If there were any previously queued messages that couldn't be sent immediately, SES might attempt to send them at a later time. This could result in send activity appearing at unexpected times.

3. Retries for soft bounces: SES automatically retries delivery for soft bounces. These retries could show up as send activity at times when you didn't initiate new sends.

4. Complaints and bounces from old sends: Complaints and bounces can sometimes be reported long after the initial send. Recipients might mark an old email as spam, or an ISP might report a bounce for a previously accepted message.

5. Potential account compromise: If you're seeing send activity, complaints, and bounces for email addresses you're not intentionally sending to, it's crucial to investigate the possibility of unauthorized use of your SES account.

To address these issues:

1. Verify your sending logs to ensure all sends are authorized.
2. Check your SES dashboard for any unusual activity.
3. Review your SES configuration, including any automated sending processes.
4. Ensure your account credentials are secure.
5. Consider enabling additional logging or event publishing for more detailed insights.

If you continue to see unexplained activity, it's advisable to contact AWS Support for a thorough investigation of your account activity.
Sources
Amazon SES Delivery problems - Amazon Simple Email Service
How to investigate what happened to the email that was sent via SES but was never received in recipient inbox | AWS Messaging & Targeting Blog