Email "Spamming" and Email "Spoofing"
Email Spamming refers to sending email to
thousands of email addresses, similar to a chain letter. Spamming is often done
deliberately to use network resources. Email spamming may be combined with email
spoofing, so that it is very difficult to determine the actual originating email
address of the sender. Some email systems, including our Microsoft Exchange,
have the ability to block incoming mail from a specific address. However,
because these individuals change their email address frequently, it is difficult
to prevent some spam from reaching your email inbox.
Email Spoofing refers to email that appears to have been originated from
one source when it was actually sent from another source. Individuals, who are
sending "junk" email or "SPAM", typically want the email to appear to be from an
email address that may not exist. This way the email cannot be traced back to
the originator.
Malicious Spoofing
There are many possible reasons why people send out emails spoofing the return
address: sometimes it is simply to cause confusion, but more often it is to
discredit the person whose email address has been spoofed: using their name to
send a vile or insulting message.
Dealing with a Spoofed Email
There is really no way to prevent e-mail spoofing. If you get a
message that is outrageously insulting, asks for something highly confidential,
or just plain doesn't make any sense, then you may want to find out if it is
really from the person it says it's from. You can look at the Internet Headers
information to see where the email actually originated.
Remember that although your email address may have been spoofed this does not
mean that the spoofer has gained access to your mailbox.
Displaying Internet Headers Information
An email collects information from each of the computers it passes through on
the way to the recipient, and this is stored in the email's Internet Headers.
1. With the Outlook Inbox displayed, right-click on the message and click on the
Options command to display the Message Options dialog box.
Internet Headers are best read from the bottom up, as they are added to as the
email passes through the system.
2. Scroll to the bottom of the information in the Internet Headers box, then
scroll slowly upwards to read the information about the email’s origin. The most
important information follows the “Return-path:” and the “Reply-to:” fields. If
these are different, the email is not who it says it’s from.
Virus spoofing
Email-distributed viruses that use spoofing, such the Klez or Sobig virus,
take a random name from somewhere on the infected person’s hard disk and mail
themselves out as if they were from that randomly chosen address. Recipients of
these viruses are therefore misled as to the address from which they were sent,
and may end up complaining to, or alerting the wrong person. As a result, users
of uninfected computers may be wrongly informed that they have, and have been
distributing a virus.
If you receive an alert that you’re sending infected emails, first run a virus
scan using a program such as Norton Anti-Virus from Symatec . If you are
uninfected, then you may want to reply to the infection alert with this
information:
“Your virus may have appeared to have been sent by me, but I have scanned my
system and I am not infected. A number of email-distributed viruses fake, or
spoof, the ‘From' address using a random address taken from the Outlook contacts
list or from Web files stored on the hard drive.”
But keep in mind that a virus alert message is quite often auto generated and
sent via an anti-virus server and so replying to the original email may not
elicit a response.
Alternatively, if you receive an email-distributed virus, look at the Internet
Headers information to see where the email actually originated from, before
firing off a complaint or virus alert to the person you assume sent it.
Phone: 208-376-3874 or E-mail:
support@andyybarr.com