Summary: Among the spam we all get are messages that we appear to have sent ourselves. From-spoofing is just a way spammers try to get their email delivered.
I get email from:
someone@somedomain.com <myemail@hotmail.com>
where "someone@somedomain.com" is someone I don't know, but "myemail@hotmail.com" is, in fact, my email address. It as if the email was sent by me, but I did not send it.
How do I stop these email from coming into my box? It's usually for drugs or financial services that I don't need or would never be interested in. How can they use my own email? I can't block them as it says it is illegal to block my own email.
•
I'll start with the bad news: there's almost nothing you can do.
This is spam, pure and simple. Abusing your email address is only one of many techniques spammers use to throw their garbage into our mail boxes.
The remedies are pretty standard, albeit less than 100% effective.
•
What you're seeing is called "spoofing" or more correctly "From-spoofing" - sending email that appears as if it's coming "From:" someone that its not.
Spoofing is a technique that is used in just about every bit of spam you see today. Spammers are trying to hide where the email comes from and are doing so very effectively. The From: address is meaningless on spam - it tells you absolutely nothing. It requires more detailed analysis of the email headers, and even then at best you might be able to get the IP address of the computer sending the email. As I've discussed ad nauseam, the IP address is pretty much useless to you and me.
The fact that you're seeing your email address used in the "From:" field shouldn't alarm you. It might be annoying, but there's no need to worry about it. You're already on spammers lists to get spam and they're using that same list, or variations of it, to select which addresses to use when spoofing. And there's currently no effective way to stop them from spoofing.
When you see your own address spoofed in the From: field of spam, it's happening for one of two reasons:
-
They're trying to spam you, and know that it's unlikely you'll block email from yourself. In fact, as you've seen, it's not even always possible, but I'd consider it a bad idea even if you could do it. It'll prevent certain types of legitimate email from reaching you.
-
They're trying to spam someone else, and what you're seeing is a bounce message indicating that the original spam was rejected by its intended recipient. Since the email looks like it came "From:" you, you get the bounce message.
Now, as to why the "someone@somedomain.com <myemail@hotmail.com>" where the two email addresses don't match, or the more common "Name <myemail@hotmail.com>" where the name is obviously unrelated to the email address, I can only speculate. My guess is that it's either intentional confusion to perhaps boost the chance that recipients will open the email, or a side effect of the tools that spammers use that may not be able to put together a proper name/email address pair.
•
"But what do I do?"
First, realize there's nothing you can do to prevent From-spoofing. Eventually your email address is going to show up in the "From:" field of spam that you had nothing to do with. In fact as you've seen, it probably already has.
The only thing you can do is to keep doing whatever it is you do to control spam. I run two levels of spam filters, and even then some gets through. It's a juggling act because I don't want to risk marking something as spam that isn't - hence a little more spam gets through. Depending on your mail program and your mail provider, you may have similar or additional options available.
Article C3131 - August 27, 2007
I solved this problem simply. My email address is all caps and most programs automatically convert to lower case, which works anyway, but spammers use the lower case. I blocked the lower case address and the upper case I use to send memos or information to myself still goes throug just fine. I have AOL and was able to do this very simply by adjusting my email settings. Hope this helps.
Posted by: Steve from Montana at August 7, 2010 5:44 AMI sent just a quick test return email back to an email that supposedly came from me, and guess what? It sent it to my inbox. So they aren't just spoofing my email address, they're somehow actually using it! I changed my password. Hopefully that will help.
20-Aug-2010
Posted by: Chell at August 20, 2010 7:31 AM
I have just started to receive emails 'from myself' on a Hotmail account after my first email account with the original provider I joined years ago has had them for ages. Surely other people are getting them as well, and they will think the emails are from me as it's my email address on them? It doesn't matter that they aren't actually coming from me. Recipients will think they are.
21-Aug-2010
Posted by: andyinamood at August 21, 2010 2:58 AM
I route all mail coming to my name@domain address through SpamCop before it comes to my ISP mail address. That cleans out a lot of junk, including ones spoofing my address. Of course, you have to list with SpamCop ALL the legitimate addresses you have set up in your domain, so it does not report you as a spammer. It knows how to parse the headers to report spammers.
Posted by: Kate in RP at August 31, 2010 8:43 AMIt isn't so much that MY address book has been hijacked as someone else's address book has been hijacked, and one of the addresses in it happens to be mine.
The issue for me is not how to block spam coming to me from "myself", but when it goes to others. They see it as the spam that it is, and then block me. No problem by itself. But some of those spam blockers utilize an internet database, and so I'm blocked all over the internet.
I do BCC: myself along with all other recipients to ensure that my emails get through. And I'm constantly having to UNspam myself on Gmail.
And it's not just me. I've had to unspam known good emails on Gmail from others who use AOL, Comcast, and SBC email providers. I'm envisioning the day when no legitimate emails get through, and only spammers can get through.
Posted by: Mike at September 2, 2010 3:32 PM