Stay informed with the latest news

Informative, compelling, gain the advantage with news that matters most.

Email SPAM & Phishing: From Spoofing Explained

Monday, December 08, 2014
Published in Email Marketing

You're getting emails from yourself and they are clearly SPAM. Here's our top tips to explain what's going on and what to do.

I get email from: This email address is being protected from spambots. You need JavaScript enabled to view it..

This email is your email address. It as if the email was sent by you, but you know you didn't send it.

It's usually for drugs, a pharmacy or financial services that I don't need or would never be interested in. How can they use my own email?

Let's start with the bad news, there's almost nothing you can do. This is spam, pure and simple. Abusing your email address is only one of many techniques spammers use to throw their garbage into everyone's email mail boxes. The remedies are pretty standard, albeit less than 100% effective.

Spoofing

What you're seeing is called "spoofing" or more correctly "From-spoofing" - sending email that appears as if it's coming "From:" someone that its not.

Spoofing is a technique that is used in just about every bit of spam you see today. Spammers are trying to hide where the email comes from and are doing so very effectively. The From: address is meaningless on spam - it tells you absolutely nothing. It requires more detailed analysis of the email headers, and even then at best you might be able to get the IP address of the computer sending the email. As we've discussed in other postings these IP's are almost meaningless as you can't get a person's name, phone number or location from an IP address.

The fact that you're seeing your email address used in the "From:" field shouldn't alarm you. It might be annoying, but there's no need to worry about it. You're already on spammers lists to get spam and they're using that same list, or variations of it, to select which addresses to use when spoofing. And there's currently no effective way to stop them from spoofing.

The From: address is meaningless on spam - it tells you absolutely nothing.

When you see your own address spoofed in the From: field of spam, it's happening for one of two reasons:

  • They're trying to spam you, and know that it's unlikely you'll block email from yourself. In fact, as you've seen, it's not even always possible, but I'd consider it a bad idea even if you could do it. It'll prevent certain types of legitimate email from reaching you.

  • They're trying to spam someone else, and what you're seeing is a bounce message indicating that the original spam was rejected by its intended recipient. Since the email looks like it came "From:" you, you get the bounce message.

What to do?

First, realize there's nothing you can do to prevent From-spoofing. Eventually your email address is going to show up in the "From:" field of spam that you had nothing to do with. In fact as you've seen, it probably already has.

If you do see bounce backs starting to come back to you in large numbers, this can be serious, as it may mean that some how your PC that sends out emails has been compromised. Contact your IT person, webmaster or others who control the email process for you. Otherwise, if you see just a few emails every now and then, the only thing you can do is to keep doing whatever it is you do to control spam.

Does your email client allow for a spam filter. Good if it does as this will move your emails to a specific folder which you can review these emails when convenient. and even then some gets through. It's a juggling act because I don't want to risk marking something as spam that isn't - hence a little more spam gets through. Depending on your mail program and your mail provider, you may have similar or additional options available.

Read 1901 times

Don't wait another minute.
Let's work together and see performance today.

PPL-Logo

Do-It-Yourself Ends Here.

Support

Newsletter Sign Up

Get news, tips and special promotional offers. Sign up today.

captcha