Spam Appears Sent from Your Email Address? Here's Why
Mon Nov 5, 2007 11:21PM EST
See Comments (29)
Reader Denise Brown writes: I just read your article "Follow the Spam." There was a sentence in there regarding unsuspecting users' email accounts being used to send spam. About two weeks ago, I received spam from what appeared to be my own email account. The address was the same as my email account, and I thought it was weird, but just used the Yahoo! Delete Spam button. Should I be concerned about my email account? If so, what should I do? I like my email address, have used it for years, and don't particularly want to change it, but will if I have to.
This is an important point that I probably should have clarified at the time. Put simply: What you see in the "From" field on an email has little bearing on where it was actually sent from. Why? It's one of the easiest things to forge in the book.
In fact, so-called address spoofing is such a common trick that it's become a major tool in phishing scams. The hope is that a suspicious recipient will just look at the sender, see it says "admin@ebay.com" or "service@paypal.com," and assume the message is legitimate. Of course, it's as phony as a three-dollar bill, and if you click on the links in that message, you'll be whisked off to a scam website.
With general "Viagra"-style spam, one common trick is to simply forge the email of the recipient as the sender as well, which is what you're seeing. So you@yahoo.com receives email sent from you@yahoo.com, or so it seems. Again, the idea is that you might trick a few people into thinking they actually emailed themselves. Of course, it's all a fiction.
That doesn't mean that spam never comes from the address in the From field or that legitimate email accounts can't be hijacked for evil ends. They can. But compared to spoofing, both are fairly rare: It makes much more sense for a spammer to hide his tracks as much as possible to prolong the amount of time before he gets caught and that account or computer becomes defunct. It should go without saying that you should protect yourself thoroughly with antivirus and anti-spyware applications so that doesn't happen to you.
Comments on Spam Appears Sent from Your Email Address? Here's Why
Post a Comment
Join in the discussion. Here you'll see the comments in the order they were posted.
-
2 Posted by wovercash5@sbcglobal.net on Thu Sep 3, 2009 10:49PM EDT Report Abuse
So when somebody forges the email of the recipient as the sender, do they actually have the recipient's email address?
-
3 Posted by d.tfish95 on Thu Sep 3, 2009 3:33PM EDT Report Abuse
I have a question....My mom recieved an emial from me the other day. It wasnt from me. When I tried to log onto my email accout (I am with Yahoo)(The name was Devinfsh) it said I couldnt. When I tried the recovery I couldnt get it to go......Can you suggest somthing to me to get it back or should I just let it slide?
-
4 Posted by d.tfish95 on Thu Sep 3, 2009 3:33PM EDT Report Abuse
I have a question....My mom recieved an emial from me the other day. It wasnt from me. When I tried to log onto my email accout (I am with Yahoo)(The name was Devinfsh) it said I couldnt. When I tried the recovery I couldnt get it to go......Can you suggest somthing to me to get it back or should I just let it slide?
-
5 Posted by jim.pease on Thu Sep 3, 2009 4:35PM EDT Report Abuse
d.trish95 . . . Let it go. I tried and tried for months to get help from Yahoo to recover access to my Yahoo account (jimbofla) that I had since the mid 90's. There were absolutely no help.
-
6 Posted by rogueist on Thu Sep 3, 2009 8:49PM EDT Report Abuse
Look at all the headers in the received email message. Several of the header lines will be with "Received:" track down the list for "Received:" and you will have the IP address of each location that the mail flowed through, right on back to the original spamming computer's IP address. If it originated from Nigeria, Australia, Turkey, China or anywhere in the MidEast - its directly sent spam. If the IP address is a US IP, then in all likelyhood it came from a spambot network. Contact the originating ISP, give them the details about the IP address time and date that the offending email was sent, and ask them to check if the user that was on that IP address at that point in time has been compromized and is using a spam zombie computer. This is the point where it usually breaks down since most ISPs will NOT persue unless the FBI or some other law enforcement agency comes along and forces them to do so. In the meantime, you informed them - so when it comes time to file the lawsuit against the ISP for damages for their failure to stop sending the tide of emails to you, you have a leg to stand on, and a possible winnable case.
-
7 Posted by agrjs on Thu Sep 3, 2009 2:47PM EDT Report Abuse
I have received several "From: me, To: me emails which I have moved to a special folder. I have not been shut down as a couple above have. Should I expect to be? Am I helpless?
-
8 Posted by d_violan on Thu Sep 3, 2009 3:50PM EDT Report Abuse
I have my previous e-mail address and I received a lot of fraudulent e-mails and two months ago I was not able to log in anymore to that account. I tried to recover the password but it won't sign me in. How can I remove all the information in my previous account since I can no longer use that e-mail address?
-
9 Posted by stevejac1 on Thu Sep 3, 2009 9:43PM EDT Report Abuse
OK, Chris, so they can spoof my email address. How is this done? What can I do to prevent some bot from doing this? How can I do it to them?
-
10 Posted by itr206 on Thu Sep 3, 2009 4:25PM EDT Report Abuse
Simple answer to an annoying problem. . . . Ignore the emails. Anything looks or sounds fishy, delete it! Don't even bother to read it and deff don't click on the links. There is nothing you can do about it and reporting it won't get you far either.
1 Posted by ingram79413 on Thu Sep 3, 2009 4:24PM EDT Report Abuse
About a month aga, I received an error msg on my yahoo email, then a msg that my email had been dropped due to complaints. I was totally at a loss as the only people I email are generally family. This is possibly why it had happened.