First phishing, and now spoofing?

emailI know of two definitions for the word spoof. One tastes like soap, and the other is really, really funny. But now there’s a third one, and it induces neither cleanliness nor mirth.

I rarely check my spam folder, but lately I’ve noticed it has mails from ‘me’. I didn’t pay much attention, since lots of people sign their mails with ‘Love, me’, including, well, me!

But I got curious today and clicked on one of the me-mails. In the From box, it had my own address! How weird is that?

I immediately went into panic mode thinking my account had been hacked and that I needed to change my password. A depressing thought in itself because I have fifteen fairly complicated ones an it’s all I can do to keep them straight in my head!

But then good old google came to the rescue. At the top of the mail, there was this red banner that said :

‘This mail probably did not originate from your inbox. For details click here’

I clicked and got this:

If you receive bounce messages for mail that appears to originate from your account, you find messages in Spam from ‘me,’ or you receive a reply to a message you never sent, you may be the victim of a ‘spoofing’ attack. Spoofing means faking the return address on outgoing mail to hide the true origin of the message.

When you send a letter through the post, you generally write a return address on the envelope so the recipient can identify the sender, and so the post office can return the mail to the sender in the event of a problem. But nothing prevents you from writing a different return address than your own; in fact, someone else could send a letter and put your return address on the envelope. Email works the same way. When a server sends an email message, it specifies the sender, but this sender field can be forged. If there is a problem with delivery and someone forged your address on the message, then the message will be returned to you, even if you weren’t the actual sender.

If you’ve received a reply to a message that wasn’t sent from your address, there are two possibilities:
1. The message was spoofed, forging your address as the sender.
2. The original sender used your address as a reply-to address so that responses would be sent to you.

Neither of these possibilities indicates that your account was compromised, but if you’re concerned that your account may have been compromised, you can check recent access to your account. Just scroll to the very bottom of your inbox and click the Details link next to ‘Last account activity.’

One common tactic used by spammers is to send a message to a recipient, and fake the ‘From:’ field to contain the same address. Spammers hope that because the mail is sent ‘from’ your address, it will slip past our spam filters. But not so fast! Gmail authenticates all of our mail, so we know when a message wasn’t actually sent by you. We do our best to place these forged messages in your Spam folder.

Because Gmail replaces your email address with ‘me’ when you look at lists of messages, you may see spam mail from ‘me’ in your Spam folder. All this indicates is that someone forged the return address on your messages to be your own email address.

For the technobofs among us, this simply means somebody sends you spam then puts your own address in both the ‘from’ and ‘to’ boxes. They can get your address off any form you filled online, or from forward lists, but may not necessarily have access to you account or passwords.

This did rather set my mind at ease, at least I don’t have to re-change my passwords now. Though it helps to check the ‘last account activity’ to be sure. Good ol’ gmail! Maybe them controlling my world isn’t so bad after all.

I have to admit though, these online words are pretty nifty. I wonder what they’ll come up with next.

You might also like:

Crystal Ading' is a professional author, editor, rock lover and mother. Her work is available through threeceebee.com.