Getting and being "spoofed"

Bill Henry-

Brussel Sprout Connoisseur
Joined
Aug 17, 2002
Posts
21,495
Loc
Boondock Bowerbank, ME
Business
Retired from the grind
It appears that I am at the same time both victim and “perpetrator” of some spoofing campaign.

For the past few weeks I have received about a dozen messages in my In Box saying that mail sent from an address on my site (subscribe@framersloft.com) was being returned as undeliverable. The problem is that I didn’t send any of them.

I fear that it may be like one of those “reply now with your account information” sent by your supposed bank to phish your social security number and credit card info.

I contacted my ISP and they said that it appeared to be “spoofing” i.e.
… the creation of TCP/IP packets using somebody else's IP address. Routers use the "destination IP" address in order to forward packets through the Internet, but ignore the "source IP" address. That address is only used by the destination machine when it responds back to the source.

So far there has being no developments to prevent spoofing......The following site contains detailed information on spoofing and some of the preventions you can take:

http://www.cert.org/tech_tips/email_spoofing.html#III
Unfortunately, I cannot view the text of the message that was returned to me as undeliverable, so I don’t know how potentially destructive these e-mails are to my business. Obviously, whatever scam is being generated, I don’t want my name associated with it, but, according to my ISP and CERT, there is nothing I can do about it! … except contact the FBI.

I’ve got a nephew (in-law) who is a feeb who might be able to guide me through this mess, but it’s not likely that the powers that be in that agency would consider this as much of a problem as I do.

I am so p****ed!
 
What this usually means is that your email address was posted somewhere on the internet (web page, etc) and HARVESTED by an automated system.

What the spammers do, to throw people off, is randomly put harvested email addresses in the FROM fields.

Chances are you were not the source, although this is certainly possible if you were infected.

This is why it's never a good idea to post your email address on a web site, even your own. It's usually best to use a "form", which goes between your email box and the web visitor. The form serves to "hide" your address from prying eyes, and passes along only legitimate requests from customers.

My guess would be you're just a victim of harvesting.

With all this talent, you'd think they would find more productive things to do.
 
Back
Top