X

Email Spoofing Exposed

E-mail spoofing, sometimes called hijacking, is a term used to describe fraudulent email activity in which the sender address and other parts of the email header are altered to appear as though the email originated from a different source.

Spoofing is commonly used for SPAM e-mail and phishing, to hide the origin of an e-mail message. By changing certain properties of the e-mail, such as the From and Reply-To fields,  ill-intentioned users can make the e-mail appear to be from someone other than the actual sender. It is sometimes associated with website spoofing which mimic an actual, well-known website but are run by another party with fraudulent intentions.

The technique is used by mass-mailing worms as a means of concealing the origin of the propagation. On infection, worms such as ILOVEYOU, Klez and Sober will often try to perform searches for e-mail addresses within the address book of a mail client, and use those addresses in the From field of e-mails that they send, so that these e-mails appear to have been sent by the third party. Variants of these worms have built on this technique by randomising all or part of the e-mail address

Eeeeeek! What can I do?

To be honest, there isn't all that much that you can do. Anyone with Outlook or any other email program can forge whatever address they want in the FROM field of an email, regardless of whether they own the domain name in the address, regardless of whether they have permission to use it, and regardless of whether the domain name even exists or is valid. There is nothing that the rightful owner of a domain name can do to stop people from sending out email with an address in the FROM field using someone else's domain name.

If the forged email address is one that is important to you, one that you need to receive email from, then your options are very limited. If the FROM email address is one you usually receive orders from or other business critical communications and the legitimate emails originate from your website then you can change that address and filter out the old address to get rid of incoming illegitimate emails.

Remember if you receive these spoof emails, IGNORE THEM is the best advice I can give - don't click on the attachments or reply to the email. Communicating with the low life that create these emails only encourages them.

 

© Spiral Web Design Limited

May 2007

Back to Articles List

 

Contact Audrey on +64 4 5862686 | audrey@spiral.co.nz Spiral Web Solutions Ltd
240 Jackson Street
PO Box 33360
Petone, Wellington
New Zealand


External links to other Internet sites should not be construed as an endorsement of the views or privacy policies contained therein.

© Spiral Web Solutions Limited, 240 Jackson Street, PO Box 33360, Petone, Wellington, New Zealand