April 9th, 2009

Protect yourself from email spoofing spammers

by Brandon Rowlett

We spend a lot of time educating our clients and helping them prevent viruses, spam, and other Internet threats. One of the most common threats we face is email spoofing.

Email spoofing is a technique used by spammers to alter the originating email address to appear as though it came from some other address, even your own. Email spoofing is relatively common, and is usually caused by malicious bots randomly scanning websites to pick up email addresses, and then using them to mass target other email addresses around the world.

If you suddenly receive a big spike in spam that seems to be coming from yourself, you may have been targeted by email spoofing. When a spammer spoofs an email address they will use an email name generator that can send thousands of messages to random names at any domain name. This results in you getting thousands of bounce-back messages in your inbox. The messages that are bouncing back to you are from legitimate mail servers either denying the spam message (that you did not actually send) or letting you know that the email address where the message was sent does not exist.

Unfortunately, once you have been targeted, there really isn’t a lot that a spam filter can do to block these messages from coming into your inbox. They aren’t technically spam even though they are bothersome. If you notice a substantial amount of bounces coming from the same domain name, they can be blocked at the domain level. Other than that, you just have to ride out the storm.

The easiest way to prevent these malicious bots from harvesting your email address is to use a public contact form on your site instead of posting a mailto: link. This will not prevent all harvesting, but it can definitely slow some of it down.