Handling "Spam Spoofers"

What to Do When Someone Steals Your E-Mail
Address or URL to Send Junk or Pornographic Mail

by Barbara Brabec

Have you been undeliverable e-mail notices lately for messages you know you never sent? This is a problem thatís happening to a lot of us today as hackers steal our e-mail or Web site identities and use them to send their junk advertising or pornographic mail to millions of people. Since we only see the messages that bounce, it's anybody's guess as to how many messages have actually been delivered with our name or Web site URL indicated as the sender.

Since all e-mail addresses are up for grabs by Web robots and spiders, and unscrupulous spammers can spoof or forge their mailings so they appear to come from these collected e-mail addresses, we now have to assume that at least some of our friends, customers and clients may be receiving junk advertising or pornographic e-mails that seem to be coming directly from us. In some cases, this could be very harmful to our businesses or professional reputation, but the sad fact is that there is little that can be done to stop this kind of thing, according to my technical adviser, Chris Maher.

"The Internet was originally set up in a very loose fashion, and no one ever dreamed in the beginning that this kind of thing would happen," he says. "Because of the way the Internet was designed, there is nothing that can't be spoofed today, including the IP addresses people are often advised to look for in this kind of mail. Only amateur hackers are likely to be traceable in this fashion. The pros tend to use an e-mail address just once, and then change their identity for their next mailing. Because of this, many instances of the problem may just go away by itself. Reporting this kind of problem to the FBI Internet Crime division isn't likely to do any good. In doing this myself once, I learned that the FBI has one field office with just four people to police the entire Midwest region for all Internet hacking crimes, and they simply don't have the manpower to mess with little stuff like this. It's like having just one motorcycle cop for all the highways in your state."

Those who are new to the Web may not understand what's happening here, and many legitimate companies are obviously being victimized. I first began to understand this problem when I began to get two or three virus-laden e-mails every day from a variety of names attached to a particular company's URL. When I contacted the tech person at this company and asked him to stop sending me these infected e-mails every day, I was told that no one in the company was using the names on the e-mails I had received. Not understanding the problem at first, he said he would block my name so I wouldn't get any more of these messages. But of course these messages weren't coming from his company's Web site; a hacker had simply stolen its URL and made up a bunch of fictitious names for the infected e-mails they were sending out every day. I forwarded several of these e-mails and their Internet headers to the company, and the messages stopped coming, so either the company caught the hacker, or he just moved on to using someone else's Web site/e-mail identity.

Whether you decide to fight this problem depends on how much time and energy you have. But you absolutely MUST have a good antivirus program running at all times to avoid having your computer infected with a virus. The following experiences of two business owners in my network will give you an idea of what can be done, and how to do it.

How Two Web Entrepreneurs Handled Their E-Mail Identity Theft Problem


Copyright © 2000-2013
by Barbara Brabec
All Rights Reserved
Barbara Brabec's World