If you've had an email delivered that was sent from your address, and you know you didn't send the message, that's an example of a spoofed email. These are often used in phishing scams or spam to convince the reader the mail was sent from a trusted source.
Spoofed messages are where the From address is faked, usually to appear to be coming from your own domain. Much like mailing a physical letter, you can customize the From address, so there is not a way to stop this behavior. However, you can ensure your accounts have SPF and DKIM records in place to help your legitimate email messages be validated by other mailservers.
If you are using the local DNS server on your cPanel and WHM system we have a tool to ensure your DNS records have the SPF and DKIM records in place here:
If you want to make your server even more strict on incoming messages, you can go to WHM >> Exim Configuration Manager and enable the "Allow DKIM verification for incoming messages" option as well as the "Reject DKIM Failures" option. Those will keep unverified messages from being accepted by your machine.