Posted by _Liz G., Last modified by _Korey Chapman on 31 January 2012 05:43 PM
What is email Spoofing?|
Have you ever received a message from someone you don't know - or from a company telling you to stop sending emails - -
But you KNOW you have never sent an email to that person - or company before?
The message may indicate that your email address has been been spoofed.
The term "spoofing" refers to email that appears to have originated from one person when it was actually sent from another. Those who send spoof email typically want the message to appear to be from an email address that doesn't exist, or one other than their own. This way the email cannot be traced back to them.
Spoofing can also be used to distribute viruses, such as the Klez or Sobig virus. These spoofing viruses take a random address from an infected person's hard disk and mail themselves out as if they were from that randomly chosen address.
Recipients of these viruses believe they are receiving a message from someone they know; but, they are actually receiving an infected message from a spoofer. As a result, users of uninfected computers may wrongly be informed that they have distributed a virus.
If you receive an alert that you are sending infected emails, first run a StopSign scan. If you are NOT infected, you may want to reply to the infection alert with the following:
Your virus may appear to have been sent by me, but I have virus-scanned my computer and I am not infected. A number of email- distributed viruses fake, or spoof, the From' address using a random address. The infected email you received did not originate from me.
Virus alert messages are often auto-generated and sent via an anti-virus server and so replying to the original email may not elicit a response.
Alternatively, if you receive an email-distributed virus, look at the Internet Headers information to see where the email actually originated from, before firing off a complaint or virus alert to the person you assume sent it.
HOW TO DISPLAY INTERNET HEADERS
An email collects information from each of the computers it passes through on the way to the recipient. This is stored in the message's Internet Headers.
1) With Outlook Inbox open, right-click on the message and click the OPTIONS command to display the MESSAGE OPTIONS dialog box.
Internet Headers are best read from the bottom up, as they are added to as the email passes through the system.
2) Scroll to the bottom of the information in the Internet Headers box.
Scroll slowly upward to read the information about the email’s origin. The most important information follows the Return-path and the Reply-to: fields. If these are different, the email is not from whom it says it is. Click here for a full explanation of the mail header.
1) With Outlook Express Inbox open, right-click on the message, and click PROPERTIES > DETAILS tab.
2) Scroll through the details information and verify that the "From" and "Return Path" information are the same.
Additional user information may be found via the StopSign KNOWLEDGE BASE.