22 September 2009

Email address hijacking

I've been distracted from my blogging during the past week because one of my email addresses was apparently hijacked by a spammer. I first noticed this when my personal mailbox started receiving notices of "undeliverable emails" sent to addresses totally unfamiliar to me. The email address was not the one associated with TYWKIWDBI, so the blog was not at fault. Dozens of such messages were flagged, and notices sent to me. A little investigation showed that the content of the returned messages was classic spam.

I have certainly heard of such "spoofing," but this is my first personal experience with it. My understanding is that it does not imply that my mail has been intercepted or that my address book was accessed; rather, the address was either found or was randomly generated. MacWorld offers the following advice:
Nearly all of us have had our email addresses spoofed by spammers at one time or another. It’s a regrettable downside of this Internet age in which we live. So, turn your mind from revenge for the moment and concentrate instead on protection and filtering...

Unless you’re living in the Stone Age you’re aware of spammer spoofing and I’m slightly shocked that there are still Internet Service Providers out there that haven’t done something to filter this junk on their end rather than making it your problem. But, it’s an imperfect world, and because it is I’d suggest creating a rule or two in whatever email client you use that diverts these bounces to a junk folder you create.
After about three days of receiving notifications from the Postmaster Daemon, the phenomenon just stopped, without any interventions on my part.

So I assume the problem has passed. But if anyone out there has received an email with what looks like my return address in the "from" box, I trust you will understand that I do not sell Viagra and Cialis...

2 comments:

  1. But...but, I was hoping for some deep discounts on my badly needed meds!

    ReplyDelete
  2. Make sure that your email service provider is publishing SPF records for your domain in DNS. It gives other mail hosts that receive "your" email a chance to verify that the email is coming from an accepted and published source.

    ReplyDelete