E-Mail Spoofing

This week I’m going to reply to an e-mail I received from a reader this week which touches on a subject I’ve have had a fair amount of first hand experience with just recently:

I follow your column in the Herald Express and see you sometimes highlight problems.I have followed your advice and some time ago installed the AVG Grisoft virus check, which I keep fully updated.

I am however being inundated with returned e-mails which did not originate from me but uses the latter part of my e-mail address.I note that they all have attachments which of course I have never opened. As virus checks do not reveal a problem on my computer, can you suggest a possible cure?

John Cadman, via e-mail

As mentioned at the beginning of this article I have encountered this exact problem myself just recently.Unfortunately a number of spammers have been trying to sell Viagra and shares in dodgy companies to unsuspecting users by using my own business e-mail address rather than their own.

There could be a number of reasons for them wishing to do this however I believe the most likely useful purpose would be to fool spam filters.Usually when a spammer starts a campaign of mailing random people their e-mail address is very quickly blocked by the spam filters to prevent the intended recipients from receiving unsolicited mail.If the spammer can send out messages from completely random and alternating addresses then it is very difficult for spam filters to function efficiently without banning millions of legitimate users e-mail addresses.

Of course this is quite frustrating for those that have had their e-mail address exploited because like John I am receiving a large number of ‘your e-mail cannot be delivered’ messages on a daily basis as the messages sent from the spoofer get bounced back to my legitimate e-mail address.Additionally I have had a few customer complaints about me supposedly trying to sell them treatment for impotency when the reality is that this particular business venture has nothing to do with me!

Unfortunately the problem stems from the fact that the SMTP mail protocol that is most commonly used to send e-mail on the Internet doesn’t require any authorisation and as such it is incredibly easy to send e-mails that appear as though they are from someone else entirely.I’m sure most of you have by now received a spoof e-mail which appears to have come from your bank asking for you to confirm your account details and this scam works on the same principle.

The short answer to your question is unfortunately there isn’t really anything that you can do to stop this from occurring although the good news is that the symptoms experienced are not a sign that your computer is infected with anything nasty.Businesses and individuals will continue to be vulnerable to these kinds of spoof e-mails until a more secure system of sending e-mails is implemented.To the best of my knowledge for the time being the best you can do is ignore the bounced e-mails and hope that the spammers soon find a new target.


About the Author – Chris Holgate works for Refresh Cartridges who supply a wide range of printer cartridges at the UK’s lowest prices.