Last week, a spam email was sent — that appeared to come from me — to many of my contacts.
It’s very scary to think someone has hacked your email address book!
Immediately, I phoned my Internet provider, SBC Global. They were useless. I didn’t understand a word of what they told me.
So I sent out a notice to everyone to disregard the email, and I requested assistance from one of my readers to help me solve the mystery.
Ross Lasley, The Internet Educator, came to my rescue.
He offered to help and I sent him copies of some of the emails that had bounced back to me.
After reviewing my emails, he totally allayed my fears: I had been spoofed.
I asked him to write up his explanation for my readers. I thought it would be very helpful to you all.
I sure learned something … I hope you do, too.
Here is Ross’s letter …
Hi Kathy,
Great to chat with you, sorry that you are having these silly troubles.
What you are experiencing goes by a variety of names — but it is most commonly referred to as spoofing.
Email spoofing is a term used to describe email activity in which the sender address and other parts of the email header are altered to appear as though the email originated from a different source.
By changing certain properties of an email, ill-intentioned users can make the email appear to be from someone other than the actual sender. The result is that, although the email appears to come from the address indicated in the “From” field (found in the email headers), it actually comes from another source.
As I mentioned to you, the person who is being “spoofed” as the sender almost never has an infection or security breach problem.
A common scenario is:
“Barbara” is sent an infected email and then the email is opened, triggering propagation.
The worm finds the addresses of Fred and Mark within Barbara’s address book.
From Barbara’s computer, the worm sends an infected email to Fred, but the email appears to have been sent by Mark.
This can also be caused without any viruses issues — emails sent out that include large lists of people that are being cc’d are the most common culprits there.
As you know, depending on whose numbers you believe, somewhere between 90-99% of all email being sent is some form of junk, the vast majority. There are many automated systems in place to capture and block this unwanted mail but issues like this one are a bit harder — because there are in fact legitimate uses for spoofing. A worker is at home on the weekend and uses their ISP’s connection to send email that comes “from” their work email address — that’s spoofing.
That’s one reason why banks, eBay, and folks like that continue to have ongoing problems with this issue.
Every time something like this happens geeks respond with the same “best practice” type advice:
- Have, use, and update your anti-virus software. Free alternatives like Avast exist, there is no excuse to not do this
- Protect your own systems with a firewall or some basic security device
- Backup your computer regularly (the most likely problem of failure has always been and remains a spilled cup of coffee)
END OF ROSS’S LETTER
I did hear from several geeks who strongly stressed using my anti-virus software. A few also recommended changing email passwords regularly.
All good stuff.
Easy Web Tip 81: If a spam email goes out to people in your address book, you’ve probably been “spoofed” and it’s usually no big deal. But, still, be careful and take precautions just in case.