Who is sending you emails?
October 2020
Who is sending you emails? It’s obvious, isn’t it – the address is at the top, so you know who it’s from, surely?
If only it were that simple. Making an email look as if it comes from an address that is not your own is one of the simplest ruses on the internet.
There is nothing sacrosanct about the ‘From’ address in an email, it can be set to anything the sender wants. By default, it is set to your genuine address, as it should be, but you can change that. Sometimes there are good reasons for doing so; perhaps a club uses a third party to manage memberships. In those cases, if you look into the guts of the email you can see who actually sent it; but it’s not important, because the club that instructed it to be sent is plain to see.
However, that’s also exactly what the spamming scoundrels do, and they are also devious enough to alter the code inside the email and hide who they really are, or at least muddy the trail.
That’s unnerving enough; but how did they get my email address? Have I been ‘hacked’?
Relax; you probably haven’t been. Email addresses come from all over the place. It might be because your email is public; mine is on The Oldie website, from which it is easily harvested by internet robots that tirelessly scour the web. Or it might be from one of the many data breaches caused by a company that has, so to speak, left its customer list in the pub.
Well over ten billion email addresses have been revealed this way; you can see if yours might be one of them at haveibeenpwned.com, which tracks breaches and has a gigantic database of the emails that have been exposed. It seems that mine has been involved in six such breaches.
But, you say, can’t the owner of an email address that’s used to send spam be traced and prosecuted? Not really, at least not if they take steps to hide.
This is how easy it is: create an account at Outlook.com, Microsoft’s free email service. All they’ll ask you for is your name, your country and your date of birth. That’s it. You could put anything you want, and spammers do. So, even if Microsoft did want to give the authorities information about you, they haven’t got any. I’ve no doubt that behaving deceitfully like this is against the Terms and Conditions, and you shouldn’t do it, but spammers don’t care about that sort of subtlety.
It’s all to do with privacy, which is often a double edged sword. I doubt that you want anyone who knows your email address to be able to discover where you live by asking your email provider; even if they know it they won’t reveal it. The trouble is, this cuts both ways; the privacy that protects you is exactly what protects the spammers. A Court Order might help, but as we’ve seen, the provider may not have the information anyway.
Do not despair. First remember that you are not alone in this fight; your email service is just as keen to stop spammers as you are, probably more so, and will have sophisticated techniques to spot the rubbish and consign it to your junk folder. Most of the time they are pretty good at this, but it’s a cat and mouse game; each time they refine their filters, the spammers refine their efforts.
Your best defence, by far, is cynicism; happily, that’s something I know that Oldie readers have in good quantity. If it looks odd, it probably is. If it’s unexpected, tread carefully. If money is involved, tread very carefully indeed.
The Delete key is always your friend.
A few relevant links:
The Money Advice Service advice on spotting fake emails and scam:
CLICK HERE
Two Simple Rules That Can Spot Nearly Every Email Phishing Scam
Published by Digital Check Corp, an American financial company. It’s excellent.
CLICK HERE
The alternative:
James Veitch is a comedian who has been making an Act about replying to spam emails – very funny indeed. CLICK HERE
