When you get junk email, you should never trust the from field to be accurate. It is easy to fake the from field making the email appear to come from anyone, even people you know. Spammers will use this to fool people into opening their email. If someone gets spam that appears to come from you, most likely it is not because your computer or email account have been compromised, but simply that your email address is being spoofed.
Comments: 14 Responses to “How Spammers Spoof Your Email Address”
Dinorah
9 years ago
Thanks for this post! Two questions, why do spammers do this( What do they gain)? Also, i don't have a password for email. Do you recommend even if your computer has a password, or is it the same thing? THANKS!
Dinah: Why do they do this? As I mention in the video, you are more likely to read the email if you think it is coming from someone you know. As for a password, I'm not sure what you mean. You MUST have a password for your email. Every email service I know of requires a password. But once you set up the Mail app on your Mac with the ID and password, then you don't need to enter it again. Having a password for your user account on your Mac is very very important, yes. No one should go without one.
John Spencer
9 years ago
I cannot seem to block email from russia (.ru) or in russian script addressed to me and also sent by me? I am using Apple mail. I have made rules to try to force this into junk mail. I even junk my own name!
John: Not much you can do. Just delete those -- takes a second.
Joan M
9 years ago
Hi Gary. Thanks for the post, this just happened to a friend today. Is there a risk to simply opening a spoofed email, or do you usually have to click on a link in the message to have a bad consequence?
Joan: In most cases you don't "open" an email anymore -- it just displays if it is the currently selected message. There's no known danger for Macs at the moment to viewing it. Just delete it and move on.
André
9 years ago
Hi Gary
Thanks for the information.
Recently I get emails from and to myself. As I heard is that the from address is faked and not really my email address.
Can I mark them as spam for example with Spamsieve so that they go directly to my spam folder without effecting the real emails coming from me or from the same @companyname.com?
André: Marking them as spam typically won't help you and in this case may hurt as it may then think that all email from you is spam. I'm just not familiar with "Spamsieve" so I don't know what it would do exactly -- you should ask support for that product to find out for sure. Or, save yourself time and just press delete and move on.
John Atkinson
9 years ago
Gary, great job of explaining email address spoofing. As an I.T. consultant, I field this question, or a related one, all the time. I'm just going to link my clients to this page on your site. Yet another superb video, sir.
The "related" question I mentioned is, "why am I receiving all these bounce messages from people I've never heard of?" Non-delivery messages, of course. That's just part of the wave of messages a From:-spoofed victim may encounter, when they use old addresses.
Linda Lyn
9 years ago
Thank Gary
Good to be warned. Now aday there are so many crocks trying everything they can to set traps in our computers to do harm and to take advantage from each of us. Thank you for warning.
Jerry Spencer
9 years ago
What happens if you reply to one of these? Does it go to the one you think sent it or does it go off some where else?
Jerry: In some cases, the email will go to you or whatever spoofed address is in the From field. In other cases, the Reply-To field, which is different than the From field, will be used when you hit the reply button. That could be spoofed, it could be an invalid email address, or it could be the spammer's real address. Whichever one it is, you should never reply to these. Either you are replying to an innocent party, no one, or a spammer. In most cases of spam the goal is to get you to click on a link to some offer (or worse) and not to reply.
Carol
9 years ago
Good explanation--thanks. But is it also useful to post something on Facebook warning my more gullible friends that I did not send such-and-such (invitation to download files, for example), and if they received it, do not open the link, and do not send their password to the file-sharing service, as requested, but change it instead?
Carol: Only if you have reason to believe that they got spam email that looks like it is from you. If you got spam "from" yourself, then it is likely if they got the same spam that it looks like it came from them, not you. Or, it could come from another person entirely. If you want to warn them, give them a general warning that spam can appear to come from anyone at all, even a friend or themselves. Just always be skeptical.
Thanks for this post! Two questions, why do spammers do this( What do they gain)? Also, i don't have a password for email. Do you recommend even if your computer has a password, or is it the same thing? THANKS!
Dinah: Why do they do this? As I mention in the video, you are more likely to read the email if you think it is coming from someone you know. As for a password, I'm not sure what you mean. You MUST have a password for your email. Every email service I know of requires a password. But once you set up the Mail app on your Mac with the ID and password, then you don't need to enter it again. Having a password for your user account on your Mac is very very important, yes. No one should go without one.
I cannot seem to block email from russia (.ru) or in russian script addressed to me and also sent by me? I am using Apple mail. I have made rules to try to force this into junk mail. I even junk my own name!
John: Not much you can do. Just delete those -- takes a second.
Hi Gary. Thanks for the post, this just happened to a friend today. Is there a risk to simply opening a spoofed email, or do you usually have to click on a link in the message to have a bad consequence?
Joan: In most cases you don't "open" an email anymore -- it just displays if it is the currently selected message. There's no known danger for Macs at the moment to viewing it. Just delete it and move on.
Hi Gary
Thanks for the information.
Recently I get emails from and to myself. As I heard is that the from address is faked and not really my email address.
Can I mark them as spam for example with Spamsieve so that they go directly to my spam folder without effecting the real emails coming from me or from the same @companyname.com?
Thanks
André
André: Marking them as spam typically won't help you and in this case may hurt as it may then think that all email from you is spam. I'm just not familiar with "Spamsieve" so I don't know what it would do exactly -- you should ask support for that product to find out for sure. Or, save yourself time and just press delete and move on.
Gary, great job of explaining email address spoofing. As an I.T. consultant, I field this question, or a related one, all the time. I'm just going to link my clients to this page on your site. Yet another superb video, sir.
The "related" question I mentioned is, "why am I receiving all these bounce messages from people I've never heard of?" Non-delivery messages, of course. That's just part of the wave of messages a From:-spoofed victim may encounter, when they use old addresses.
Thank Gary
Good to be warned. Now aday there are so many crocks trying everything they can to set traps in our computers to do harm and to take advantage from each of us. Thank you for warning.
What happens if you reply to one of these? Does it go to the one you think sent it or does it go off some where else?
Jerry: In some cases, the email will go to you or whatever spoofed address is in the From field. In other cases, the Reply-To field, which is different than the From field, will be used when you hit the reply button. That could be spoofed, it could be an invalid email address, or it could be the spammer's real address. Whichever one it is, you should never reply to these. Either you are replying to an innocent party, no one, or a spammer. In most cases of spam the goal is to get you to click on a link to some offer (or worse) and not to reply.
Good explanation--thanks. But is it also useful to post something on Facebook warning my more gullible friends that I did not send such-and-such (invitation to download files, for example), and if they received it, do not open the link, and do not send their password to the file-sharing service, as requested, but change it instead?
Carol: Only if you have reason to believe that they got spam email that looks like it is from you. If you got spam "from" yourself, then it is likely if they got the same spam that it looks like it came from them, not you. Or, it could come from another person entirely. If you want to warn them, give them a general warning that spam can appear to come from anyone at all, even a friend or themselves. Just always be skeptical.