Martin from NY wrote in today after receiving spam that seemed to be from him, to him. He wanted to know how this could happen. It's a common question, so I thought I'd share the answer.
The sad fact is that your e-mail address is valuable to spammers and virus writers, because it's trivially easy for them to fake, or 'spoof,' an e-mail that looks like it comes from you. And people are more likely to open an e-mail that looks as if it comes from someone in the same company, for instance.
The slimeball spammers have a number of ways they can harvest e-mail addresses for these spoofed e-mails. For one, you probably already know that some malware will try to spread itself by reading your contact list and mailing itself out to your unsuspecting friends.
That's the worst case scenario, and one you can protect against by using good antivirus, keeping your programs and OS up-to-date, and being careful about the sites you surf and the e-mail you open.
But there plenty of other methods. Spammers will scour forums, blogs and other Web sites for places where people post their e-mail address. They'll also try to break into valid sites and online services to steal their lists of user's e-mails, along with other potentially valuable user information.
Disposable e-mail addresses can help protect against some of these spammer tricks. I wrote about some free and paid disposable e-mail services in a Privacy Watch column.
These scumbag scammer practices are why you should always be extremely suspicious of any unsolicited e-mail, even if it seems to come from someone you know. I can't tell you how many e-mails we get here at PC World that seem to come from a co-worker, but instead carry a virus payload as an attachment.
Is there anyway to prevent a spammer from sending emails using my email address? I get hundreds of "Returned Mail" and "Mail Delivery Failed" messages each day. I really don't want to change my email address unless it is absolutely necessary because I use it in my business.
FractalGolfer, you didn't mention if you use proactive means of detecting viruses, trojans or malware. I would hope you do.
I would suggest you have a good firewall installed and operational, a good security app like Norton, McAfee, TrendMicro, etc. running at all times. And *do* use apps like SpyBot Search & Destroy, Lavasoft AdAware and even Microsoft's Windows Defender.
Your computer may actually be a "bot" which is using your machine to send spam. If you're uninfected, then there is little you can do except try and find out *where* the actual emails in your name are being sent from and contact the domain involved. Otherwise, you're left with the only alternative which is to change your email address. Not desireable, I know.
ImaPhake, thanks for the response. I do use a Firewall and AVG for security. I had heard that the company that hosts my website and email should be able to prevent someone else from using my email to send messages. Is this true?
IT'S ABOUT TIME! I'VE BEEN WAITING 60+ YEARS......
...NOW LET'S LEGALIZE POT!!
FractalGolfer asked: "I had heard that the company that hosts my website and email should be able to prevent someone else from using my email to send messages. Is this true?"
That would probably be true *if* the email was being sent from the server that hosts your Web site and email. A responsible company doesn't maintain open email servers, so it's not likely that the email in your name is being sent from there.
Spammers can find open email servers and use them to spew email with forged email headers, but these days they prefer to use "bot farms" -- computers which have been secretly taken over via malware and under their control (zombies). We're talking about hundreds (maybe even thousands) of computers worldwide being remotely directed to spew spam.
For every zombie that gets shut down (user discovery/intervention) another will just take its place.
Long story short: There's probably nothing you can do other than changing your email address.
OK, I can see where spammers might send me stuff using my email address and a good spam filter would catch it. I use Yahoo to send out newslettrs to two groups. At times Yahoo will catch something I have sent to myself and blind copied to others and put my copy in my bulk (spam) folder.
My question is: Shouldn't Yahoo mail be "smart" enough to know that a from me to me generated on the same email account is not spam and is a legitimate email?
Spammers can also forge headers. I have reported some of these to MSN. Hopefully one day we can have the technology to get rid fo these pest people.
Spammers can also forge headers. I have reported some of these to MSN. Hopefully one day we can have the technology to get rid fo these pest people.