The Facts About Email Spoofing and Email Backscatter

What is Email Spoofing?

Spoofing occurs when a spammer pretends to be sending out email as you by using your email address. The spammer does not actually have access to your account and is not using your account to send the message, but they are pretending to be you. Instead of using the email account address where the mail is actually coming from, they put your email address in the From line of their message. This makes it appear to come from you. The spammer does this to make the email look legitimate even if it isn’t.

What is Email Backscatter?

When the spammer spoofs your email address, they use it to send out possibly hundreds or thousands of emails. If, for any reason, these emails cannot be delivered, you may receive hundreds or thousands of emails letting you know that the emails cannot be delivered. These messages of undelivered email are called backscatter. They may come in the form of:

  • Delivery Status Notification. This is an email that lets you know the email could not be delivered.
  • Auto-Replies. These are auto replies that let you know the mailbox is full or the recipient is out of the office.
  • Spam Rejections. This is a message that the email has been rejected as spam.
  • Requests for Confirmation. This is a message asking you to confirm that you sent the email before it can be delivered.

Though the spammer does not have access to your email, receiving backscatter as a result of their spoofing can be frustrating.

What is the Purpose of Spoofing?

Most mail systems attempt to prevent spamming by not delivering email that is from a known spammer or from a non-existent domain. For this reason, spammers cannot make up a fake domain or keep using the same email address once it is shown to deliver spam. They switch around the use of email addresses by spoofing real ones, increasing the amount of spam they can get through the mail system without being blocked.

How do they Choose Email Addresses to Spoof?

Usually they just choose random email addresses off the list of email addresses that they send the spam to. Sometimes they randomly generate email addresses from real domains.

Does it Mean my Account Has Been Hacked?

No. The spammers do not need to access your account to spoof your email address. They do not have access to the server or the account.

Will My Real Emails Get Blocked as Spam?

Not likely. Most spam administrators understand that spoofing occurs, and do not rely solely on the From line to filter spam.

How Do I Stop It?

Unfortunately, there isn’t much you can do to stop spammers. The spammers use their own servers and the backscatter comes from legitimate servers, so neither can be successfully blocked permanently.

The good news is, the backscatter will most likely stop on its own. Spammers need to continually change email addresses so they can avoid being blocked. They will move on from using your email address within hours or days, and you will stop receiving backscatter.

It is possible to use a mail filter to stop the bounces. The bounces are the undeliverable mail messages. You can set your mail filter to remove these type of messages so that you do not receive them in your inbox; however, this will also filter out legitimate bounce messages from email you have sent.

Leave a Reply