How Spammers Spoof Your Email Address (#1201)

How Spammers Spoof Your Email Address (#1201)


Hi, this is Gary with MacMost.com. On this episode let me tell you about email
spoofing. So did you ever get a piece of junk mail and
it appears to come from you or from a friend of yours, or perhaps you got a message from
a friend of yours saying I’ve got a piece of spam and it looks like you sent it. Maybe your computer is infected, maybe your
email account has been compromised. Well, when you get a piece of email that is
coming from somebody different than actually who sent it, it is called email spoofing. It’s incredibly easy to do. So easy to do that any spammer is going to
actually spoof their email address. They are never going to use their real email
address when they send out spam. Very often they are going to use a real email
address from somebody else, maybe somebody you even know, just to get you to open the
email. So, the false assumption many people have
is that when you get a piece of email it says it is from somebody any you think it has to
be true. It has to be from that person. Well, it’s not true at all. You can fake that very easily. As a matter of fact it is just as easy to
do with an email as it is to do with physical mail. Physical mail you put the return address here
and it’s supposed to be who this is from. But you can write anything you want here. Nobody is going to check that. You can put the President of the United States,
the Queen of England, anybody you want here. It is just as easy to do that in a piece of
email. As of matter of fact, for spammers the software
they use to send stuff out, that’s going to allow them to put anything they want in there. They don’t even have to have any technical
knowhow to do it. So you can’t trust the From address in any
email that you get. Most of the time it’s going to be right because
somebody who sent you a legitimate email is going to want that From to be something accurate
because they are communicating with you. But spammers don’t care about that. Now let me show you how they can actually
get your email address without even compromising your computer at all and make it look like
you’re sending out spam! So let’s look at one way that this could happen. Here we’ve got Joe and Joe’s computer. Joe has friends that he emails. So you can see here these are Joe’s friends
and this is a list of all their email addresses. These aren’t necessarily in Joe’s contacts. These are just if you look at Joe’s email
you’ll find the email addresses in the From field from all of the emails that he has ever
gotten. In addition to that Joe also has all his work
people and he emails them and he has their email addresses on his computer. If you look through his email all those email
addresses are there. Also, you’ve got Joe’s Special Interest Group
SIG. This could be Joe’s neighborhood mailing list,
this could be a hobby he’s got and he subscribes to this mailing list and he communicates with
people or maybe his college buddies and they all email back and forth all the time things
about their alma mater. So Joe’s got a lot of different email addresses
if you search through his email here and they all combine to create all of this data here
that’s is email addresses on Joe’s computer. When put together they’re Joe’s email data
and it’s all sitting their on his computer. What happens if Joe get his computer infected. Say he is using an old PC and it’s out of
date and he downloads something he shouldn’t and now his machine is infected and he may
not even know it. So what’s going to happen now is that infection,
that malware, is going to go and look at all of his email data and it’s going to harvest
it. That may be it for Joe’s computer. It may actually harvest all that data and
send it somewhere else and Joe’s computer doesn’t actually do anything from that point
on. Or Joe’s computer can continue to be, maybe,
the agent that sends out spam. So what happens when it sends out spam. Well, it’s going to take an email address
from Joe’s email data. Say this one just at random. Then it’s going to take another one. Say this one and it’s going to compose an
email. That email could have anything in the From
and To field. So what it’s going to do is take this orange
email address and it’s going to stick it there in the From field. And it’s going to take this purple one and
it’s going to stick it there in the To field. So now you’ve got an email that could be send
by Joe’s computer, it could be sent by another computer somewhere else, or a server in another
country. It doesn’t really matter. It’s going to go and make it look like this
email is from this orange person to this purple person here and it’s going to be spam. What are the chances that this purple person
knows this orange person. Well, actually pretty decent since they both
know Joe. If you look at all the possible combinations
of sending say from this person to this person or this person to this person, or two people
over here to two people over here it’s going to send out a whole bunch of emails and a
lot of those are going to recognize where it comes from. They are going to think that it comes from
somebody they know and thus they are going to be that much more likely to read the email
which is all the spammer wants. The spammer may be sending out a million emails
on a given day and maybe a hundred people read them. If by doing this technique they can trick
two hundred people into reading them well they could perhaps double their return of
whatever it is they’re sending out. So that’s why they do this. The spammer doesn’t care that this person
here in orange is going to get an email from maybe this person in purple saying hey I think
your computer is infected or I think your email account has been compromised because
I just got an email from you. Well it turns out the orange person, their
email account isn’t compromised, their computer doesn’t have any malware. Their email address was just spoofed. They didn’t do anything wrong. There is nothing for them to do. There is nothing they can do. There is a whole bunch of emails that is going
to go out from this orange person to all of these people there is nothing they can do
but wait and field a bunch of emails from people saying hey I think you’ve been compromised. I’d just say well no I think my email address
has just been spoofed and wait for it all to die down. The spammer doesn’t care that this is going
on. The spammer just cares that maybe a few more
people clicked on the links in the body of the email. That makes it all worth it to them even though
it is an annoyance to the person in orange. It is, of course, an annoyance to the person
in purple. Joe may not even know it’s going on. That is just collateral damage in the spammer’s
attempt to make money. So what do you do if you get a message from
a friend saying that they got spam and it appears to come from you. Well, despite everything I just said you should
still look at it as an opportunity to change your email password. This probably has nothing to do with you or
your email account or your computer but you should be changing your email password every
once in a while anyway. And you should be changing it to something
that’s always a very strong random password. So look at this as an opportunity to do that. While you’re there check things over just
to make sure that everything looks legit. Look at your Sent email and make sure that
it is just stuff that you’ve sent and it probably is. Once you have assured yourself that everything
looks okay and you’ve changed your password then there is nothing to do but wait it out. Usually these kind of things happen for a
day or two. Maybe your email address gets used a lot and
there is nothing you can do to stop it. You just kind of got to wait till you get
through the wave of people responding to you or people notifying you about using your email
address and then it should all die down because the spammers are going to want to move on
to another email address just to keep things going and keep the chance that somebody will
open up a spammed email a little bit higher. So it is in their interest to actually move
on after a little bit than to keep using your email address. So I hope this has been of help in explaining
why it may look like why spam is being sent out from your account even though it’s not.

Danny Hutson

Leave a Reply

Your email address will not be published. Required fields are marked *