Sunday, May 24, 2009

When Spammers Are Spoofing Your Email address

What I mean by spammers spoofing your email address, you are getting spam from yourself to yourself and particular to others. All the sudden your email box gets all these returned messages and you know you never email out that much, so you think: what is going on and why am I getting all this garbage in my box? This has happened to nearly all people who are online who use their email as a primary means of communication online. Not only do you get spam, but you get bouncebacks. Typically the subject line will indicate something to the effect of "This message has been returned" or "Undeliverable." In addition to getting junk email, receiving bounceback messages of spam complaints from other unknown recipients can be very vexing for an email users.

I suspect in most cf these cases, your email is simply being spoofed. It is very annoying when spammers spoof your email address. I am sure for most of us this has happened at one time or another. Unfortunately, the best way to deal with this issue is to wait it out and delete the bouncebacks you get.

In most cases, I suspect, spammers will sometimes use real email accounts in the forged Reply field of their spam. What then happens in some cases, is the spammed mail servers return that unwanted spam to you, the innocent recpient whose email address was used in the forged Reply field.

Unfortunately, the best thing to do is to wait it out by deleting all the returned messages you get. Some people who have this happen get thousands of returned messages a day, so deleting them can be very time consuming.

There could be a few reasons why this might happen to you. Below are three valid reasons why this may have happened to you.

Below is a great summary as to what may have happened to your email address: taken mostly verbatim from InBoxRevenge forum with permission:

- Someone you know has an email worm - most unlikely as it is an old exploit

- Your email address was forged randomly

- Your email address was forged as retaliation, for instance for reporting spamming

- The "bounce" message is not a real bounce message, but a spam crafted to look like one, since most mail servers are now set up to refuse mis-addressed email, not to bounce it to the forged "from" address. In that case, if you look at the spam, you will see they usually didn't even bother to put your email address in the "from" of the "original message." Spams like that are more likely to be opened by the recipients, as that's the only way to know they are fake if you don't have a customizable spam filter like Mailwasher that lets you look for the information in the headers that would identify a real bounced or refused email

- It could mean your online email account has been hijacked and the spammer is sending mail that way (in which case it's immaterial whether you have a mac or PC). It may be to get past spam filters, since spam originating from those accounts is less likely to be blocked by filters, or it may be for scams similar to spearphishing, where the people in your address book get an email that appears to be from you and includes personal information they gained from your stored emails, making them more likely to be sucked into a scam.

But if your computer were sending spam as part of a botnet, it's unlikely the spammer would put your email address in the "from" of spam. If he can forge any address he wants, why let anyone know which computer is compromised and risk it being cleaned of malware?

No comments:

Post a Comment