- Worldstart's Tech Tips And Computer Help - http://www.worldstart.com -

E-mail Spoofing

Posted By On February 22, 2008 @ 2:48 PM In Security Help | Comments Disabled

I have received a number of questions lately about e-mail spoofing, so today, I will discuss the topic and let you know what you can do to fight against this type of e-mail identity theft. Let’s get started!

For those of you who have never heard of this, here is a little information about e-mail spoofing.

Email spoofing is a common e-mail trick used by spammers and phishers. It involves changing special information on an e-mail header. The header of an e-mail is not usually seen by the reader, but it contains important information about how the e-mail is displayed. When an e-mail is spoofed, the header information is changed so that the e-mail appears to come from someone who did not actually send it. Have you ever received an e-mail that says it’s from your own e-mail address, but you know you didn’t send it? That’s a spoofed e-mail.

Now that we all know what e-mail spoofing is, it’s important we understand what causes it. There are a couple main reasons why e-mails are spoofed. One way is by spammers and phishers and the other is from a virus.

If an e-mail address is spoofed by a spammer, it’s likely that the spammer is actually a computer and not a real person sending out one e-mail at a time. Spam bots can send out millions of e-mails a day and they use spoofing to get around the filters that try to block the messages they send. A spam bot will usually do one of two things when spoofing e-mail addresses:

1.) The spam bot will send e-mails with random spoofed e-mail addresses. This means that every e-mail they send will appear to come from a totally different person.

2.) The spam bot will send e-mails to your address that appear to be coming from your address. This means you will get e-mails that appear to be from yourself, but you did not send them.

If an e-mail is spoofed by a virus, you will see similar results. The main difference is the spoofed e-mails will look like they’re coming from people you know. In order for the virus to spread, it will spoof the addresses that are located in the Contacts folder of the infected computer. That way, the recipients may be fooled into opening the e-mail, thinking it’s coming from someone they know.

Right now, there is a huge debate going on in the tech world about how to stop e-mail spoofing. With the current protocol used to send e-mail (called SMTP), anyone can change the header information and send out a spoofed e-mail. There are no restrictions on the technology to stop spoofed e-mail from being sent. Hopefully, within a couple years, we will see a new protocol for sending e-mails that will not allow a spoofed e-mail to be sent out.

Until then, here are a few things you can do to try and fight against e-mail spoofing.

If you feel like you have received a spoofed e-mail, you can do some digging and report it. The first thing to do is look at the header of the e-mail. Finding the header is a little different for each e-mail program. In Outlook Express, right click on the e-mail’s subject line and choose Properties. Next, go to the Details tab and you will see the header. If you don’t use OE, look for a View Header option in your e-mail program.

Here’s what a normal header looks like:



As you can see, it’s pretty complicated, but the good news is you only need a little bit of information from the header. If you look at the header, you can see the e-mail is from gary@worldstart.com. This is a non-spoofed e-mail.

Here’s an example of a spoofed e-mail:



In this header, you can see the message says it’s from smtp007.bizmail.sc5.yahoo.com, but the Reply To message at the bottom shows aw-confirm@ebay.com. This is a spoofed e-mail.

When you have a spoofed e-mail, you should contact the domain of both e-mail addresses, as well as, the FTC’s spam fighting division. To do that, copy the header information and paste it into a new e-mail. Address the e-mail to the company that is being spoofed. If they are a larger company, they will have an address to contact for abuse (which is usually abuse@theirdomain.com). In this case, it would be abuse@ebay.com. Also, address the e-mail to spam@uce.gov and lastly, Cc the message to the sender’s domain (in this case, abuse@yahoo.com).

I know this is a lot to take in, but hopefully, it will help you defend your own e-mail address from spammers, as well as, help others who are being spoofed. Until next time, stay safe out there, my friends!

~ Gary

Article printed from Worldstart's Tech Tips And Computer Help: http://www.worldstart.com

URL to article: http://www.worldstart.com/e-mail-spoofing/