Tip #4635 - E-mail Spoofing
Printer Friendly Version | E-Mail This Tip
E-mail
Spoofing
I have received
a number of questions lately about e-mail spoofing, so today, I will
discuss the topic and let you know what you can do to fight against
this type of e-mail identity theft. Let's get started!
For those of you
who have never heard of this, here is a little information about e-mail
spoofing.
Email spoofing
is a common e-mail trick used by spammers and phishers. It involves
changing special information on an e-mail header. The header of an
e-mail is not usually seen by the reader, but it contains important
information about how the e-mail is displayed. When an e-mail is spoofed,
the header information is changed so that the e-mail appears to come
from someone who did not actually send it. Have you ever received
an e-mail that says it's from your own e-mail address, but you know
you didn't send it? That's a spoofed e-mail.
Now that we all
know what e-mail spoofing is, it's important we understand what causes
it. There are a couple main reasons why e-mails are spoofed. One way
is by spammers and phishers and the other is from a virus.
If an e-mail address
is spoofed by a spammer, it's likely that the spammer is actually
a computer and not a real person sending out one e-mail at a time.
Spam bots can send out millions of e-mails a day and they use spoofing
to get around the filters that try to block the messages they send.
A spam bot will usually do one of two things when spoofing e-mail
addresses:
1.) The spam bot
will send e-mails with random spoofed e-mail addresses. This means
that every e-mail they send will appear to come from a totally different
person.
2.) The spam bot
will send e-mails to your address that appear to be coming from your
address. This means you will get e-mails that appear to be from yourself,
but you did not send them.
If an e-mail is
spoofed by a virus, you will see similar results. The main difference
is the spoofed e-mails will look like they're coming from people you
know. In order for the virus to spread, it will spoof the addresses
that are located in the Contacts folder of the infected computer.
That way, the recipients may be fooled into opening the e-mail, thinking
it's coming from someone they know.
Right now, there
is a huge debate going on in the tech world about how to stop e-mail
spoofing. With the current protocol used to send e-mail (called SMTP),
anyone can change the header information and send out a spoofed e-mail.
There are no restrictions on the technology to stop spoofed e-mail
from being sent. Hopefully, within a couple years, we will see a new
protocol for sending e-mails that will not allow a spoofed e-mail
to be sent out.
Until then, here
are a few things you can do to try and fight against e-mail spoofing.
If you feel like
you have received a spoofed e-mail, you can do some digging and report
it. The first thing to do is look at the header of the e-mail. Finding
the header is a little different for each e-mail program. In Outlook
Express, right click on the e-mail's subject line and choose Properties.
Next, go to the Details tab and you will see the
header. If you don't use OE, look for a View Header
option in your e-mail program.
Here's what a
normal header looks like:
As you can see,
it's pretty complicated, but the good news is you only need a little
bit of information from the header. If you look at the header, you
can see the e-mail is from gary@worldstart.com. This is a non-spoofed
e-mail.
Here's an example
of a spoofed e-mail:
In this header,
you can see the message says it's from smtp007.bizmail.sc5.yahoo.com,
but the Reply To message at the bottom shows aw-confirm@ebay.com.
This is a spoofed e-mail.
When you have
a spoofed e-mail, you should contact the domain of both e-mail addresses,
as well as, the FTC's spam fighting division. To do that, copy the
header information and paste it into a new e-mail. Address the e-mail
to the company that is being spoofed. If they are a larger company,
they will have an address to contact for abuse (which is usually abuse@theirdomain.com).
In this case, it would be abuse@ebay.com. Also, address the e-mail
to spam@uce.gov and lastly, Cc the message to the sender's domain
(in this case, abuse@yahoo.com).
I know this is
a lot to take in, but hopefully, it will help you defend your own
e-mail address from spammers, as well as, help others who are being
spoofed. Until next time, stay safe out there, my friends!
~ Gary
Want To Comment On This Tip? Click Here! We'd love to hear from you :-)
Like These Tips? Get 'Em Free In Your E-mail
