A friend just received an email that was presumably sent to her from her own account.
She has no idea what Clickbank is and doesn’t use their services and her email does not exist online, at least not by her own hand. My guess is that her address was harvested by some other means, probably from someone she has regular contact with.
The questions:
How to determine if her address is in fact being used to send spam?
If so how to proceed? Does the email account need to be deleted or is there some other less drastic solution?
It is a fairly common spam technique to send an e-mail to an address apparently from that same address, on the grounds that it will pass by any inbound filters. In Apple Mail (and most other mail applications) there is the option to show all headers on the e-mail message. Reading through this carefully can often uncover the actual sender. The proper course of action is to do nothing.
Very often, the sending address will be a hijacked PC, but it might also be the sender for real. If you send a message to abuse(a)thesendingserver.dom, you may actually just be telling the abusers that they have a real address to send further “interesting offers” to.
You can try forwarding the entire message (headers showing) to abuse(a)your_isp.dom and see what they make of it.
Walter
On Jan 20, 2013, at 2:54 PM, Todd wrote:
A friend just received an email that was presumably sent to her from her own account.
She has no idea what Clickbank is and doesn’t use their services and her email does not exist online, at least not by her own hand. My guess is that her address was harvested by some other means, probably from someone she has regular contact with.
The questions:
How to determine if her address is in fact being used to send spam?
If so how to proceed? Does the email account need to be deleted or is there some other less drastic solution?
A friend just received an email that was presumably sent to her from
her own account.
She has no idea what Clickbank is and doesn’t use their services and
her email does not exist online, at least not by her own hand. My
guess is that her address was harvested by some other means,
probably from someone she has regular contact with.
The questions:
How to determine if her address is in fact being used to send spam?
If so how to proceed? Does the email account need to be deleted
or is there some other less drastic solution?
Todd
This just happens. It will die down eventually. If it were general
spam I would just ignore it. As it’s a financial institution I would
check their site for a spam/phishing report address and forward a
sample to that, mentioning that it’s your address and you didn’t send
it. But there again I have the phishing report address for a couple
of dozen banks and the like in my Eudora address book and forward any
I get apparently from any of them using a ‘sig’ set up for the
purpose. It takes me less than 10 seconds per report because I’m so
used to it. I only get around half a dozen a week at the moment.
David
–
David Ledger - Freelance Unix Sysadmin in the UK.
email@hidden www.ivdcs.co.uk