" forged email Archives - HIPAA News, Web & Email Security Tips & News - Plus More | LuxSci
LuxSci

Posts Tagged ‘forged email’

Save Yourself From “Yourself”: Stop Spam From Your Own Address

Friday, September 22nd, 2017

I just got junk email … from me!

It is surprisingly common for users to receive Spam email messages that appear to come from their own address (i.e. “joe@domain.com” gets a Spam email addressed so it appears to be from “joe@domain.com”).  We discussed this issue tangentially in a previous posting: Bounce Back & BackScatter Spam – “Who Stole My Email Address”?  However, many users wonder how this is even possible, while others are concerned if their Spam filters are not catching these messages.

Spam from your own email address

How can Spammers use your email address to send Spam?

The way that email works at a fundamental level, there is very little validation performed on the apparent identity of the “Sender” of an email.  Just as you could mail a letter at the post office and write any return address on it, a Spammer can compose and send an email address with any “From” email address and name.  This is in fact extremely easy to do, and Spammers use this facility with almost every message that they send.

Read the rest of this post »

Self-Addressed Spoofed Email: How to Shut Down Spam

Thursday, May 11th, 2017

Spam messages coming from… your own email? This may sound like a cheesy movie plot, but this form of spam, known as “spoofing,” can have horrifying consequences if they result in compromised security, stolen data, or malware on your company’s machines. Read on to find out how to snuff out spoofing and help everyone avoid these attacks in the future.

Forged Email

Read the rest of this post »

Infographic: Steps to Avoiding Forged Email

Friday, February 12th, 2016


Forged emails are extremely common. Most of the time forged emails are merely a nuisance.However, if you accidentally share information with or click on a link from someone who sent a forged email, the results can devastate your goal or even your site, or if it’s really evil, an entire computer. Here’s some information about how to recognize and stop forged emails.

How to Avoid Forged Email: Forged Email Facts & SPF Significance

Avoiding Forged Email. Significance of SPF

Read the rest of this post »

Stopping Forged Email 1: SPF to the Rescue

Tuesday, February 17th, 2015

We have recently looked at how hackers and spammers can send forged email and then seen how these forged messages can be almost identical to legitimate messages from the purported senders.  In fact, we learned that generally all you can trust in an inbound email message is the internet IP address of the server talking to your inbound email server — as this cannot realistically be forged in any way that would still enable you to receive the message.

We know who the message says it is from and the address of the server that delivered it to us.  How can we reliably prevent fraud by checking if the message was forged or not?  Seems hard.

It turns out that there are a number (yes, more than one!) of techniques that can be used to do this.  The first and simplest is SPF – Sender Policy Framework.  Below, we shall look at what this does, how it works, how to set it up, and what some of its deficiencies are.  In future articles, we will look at the other techniques.

SPF – Sender Policy Framework: A Super Simple Explanation

Simply put, SPF is a way for the owner of a domain, such as bankofamerica.com, to publish information indicating what servers (Internet addresses) are authorized to send email from that domain.  Recipients (e.g. your spam filtering software) can check the Internet address that is trying to send you an email from bankofamerica.com against this authorization list — if it is on it, the message is probably legitimate; if not, it’s probably forged.

Read the rest of this post »

Analyzing a Forged Email Message: How to Tell It Was Forged?

Monday, February 9th, 2015

In our previous posting, we looked at exactly how Spammers and hackers can send forged email — how its is possible and how it is done.  Therein, we gave an example how one could send an email forged to be from Bank of America.

In this post, we will look at that forged Bank of America email to see technically what it looks like and how it differs from legitimate email from Bank of America.

What can we learn that allows us to detect forged email in the future?

The Forgery: Received.

The forged email from Bank of America was based on a legitimate email message, so that the forgery could look as close as possible to actual email from them.

In truth, the majority of forged email simply changes the “From” address and does not bother with anything else.  These forged messages are used for Spam and hope the forgery fools enough people to be worth it, through numbers.  What we are looking at here is a more carefully crafted message designed to fool filters and a careful eye.  These kinds of fakes might be used in spear phishing attacks on an individual or in more sophisticated Spam campaigns.

The the forged Bank of America email that arrived in the recipient’s mail box looked like this (the raw headers):

Read the rest of this post »

How can Spammers and Hackers Send Forged Email?

Thursday, February 5th, 2015

Everyone has seen spam messages arrive with a “From” address that is your own address, a colleague’s, a friends, or that of some company that you work with or use.  These From addresses are forged to help the messages (a) get by your spam filters, and (b) get by your “eyeball filters”.

But how are these folks “allowed” to do that?

When email was first developed, there was no concept of the need for security; protections against identity theft and forgery were not part of the plan.  As a result, it is actually trivial for one to send an email with a forged “From” address and even some forged “Received” tracking lines by just connecting to your target’s email server and telling it whatever you want.

Let’s try to send an email to the address “testuser@luxsci.net” pretending to be from “Bank of America”.  The purpose of this exercise is not to teach you how to send forged email so much (this is not a new technique) as to set the stage for understanding how to detect and combat these kinds of messages.

Read the rest of this post »