SPAM from myself?
We get asked this a lot, because frankly, it happens a lot. You come into work on Monday and your inbox is full of SPAM, the usual kind but also lots of SPAM where the sender is YOU! Have you been hacked? How could this be you ask.
The first thing to understand is that you're not special -- this happens fairly frequently, and it's most likely the result of email SPOOFING. SPOOFING is a a technique where a spammer has sent email using your return email address (the from field).
The second thing to understand is that there is little you or we can do about this problem. But that's not to say there is nothing you can do. First and foremost, you SHOULD rule out the possibility your account was hacked -- check your system sent logs to be sure your account did not send the email in question, and change your password and make it complex. These are things you should be doing anyway. But in virtually every case we see, spoofing is the cause.
How can this happen?
- The "from" address in your email is virtually meaningless to an email system, it could be literally any email address and easy for the spammer to setup.
- A spammer has gotten your email address from your website or other email or public forums and just decided to use it as the "from" in their spamming.
Why you get responses back?
- Either the spammer is trying to spam you, since you would typically not want to block your own email address, or
- The spammer sent the spoofed email to somebody else and the email got rejected, sending the bounced message back to you because of the "from" address that is listed in the email.
What can we do?
As I indicated earlier, there's not a whole lot we can do in the short-term because spammers can use any address they choose in the "from" line. But there are some long-term changes and techniques you can use to help this situation:
- Don't publish your email address on websites or any public place
- Keep an alternate "throw-away" email address from google, yahoo, or microsoft to use instead of your business address when you sign-up for websites or forums
- If you or your company uses "generic" email addresses like "sales" or "support" or "info" which are pretty common, consider changing these and be creative. Instead of sales uses "salesteam" or "infonow" as an example.
- If you must publish an email address, consider using a "throw-away" account from google, yahoo, or microsoft which you can change, or use one of the creative options noted above and change them periodically.
- Have your IT team investigate the emails further, sometimes the IP address can be traced back and reported to the ISP so they can be blocked. Just keep in mind this is not likely to have much effect because spammers move around.
- Continually re-evaluate your systems' spam rules and adjust or tighten as needed, consider using whitelists with very tight controls or a 3rd-party spam service depending upon the severity of the problem, these can all help.
Controlling spam and spoofing is an ongoing problem. These steps will help but there is no fool-proof way to prevent spam and spoofing.