A woman I know received 4, harrassing type e-mailed letters and used my name and URL, showing it came from my computer. I did not send them and no one had access to my computer. How did they do it? Someone was trying to ruin my name with these e-mails and I think it was because I put the word out that a certain “House Party” type pyramid scam was illegal and I guess that helped shut it down and cost a few people a few bucks. But again, how did they get it to show coming from my computer?
What do you mean by “used your URL” and how can you tell it came from your computer? If it’s just the “From:” field, it’s trivial to change that. Most mail servers have no security measures which prevent you from putting a bogus or fake address in your “From:” field.
Forging a header in an e-mail is dirt simple. If I had my linux system up and running I could send you an e-mail that looked like it came from yourself (if I knew your e-mail address). All you need is any sort of e-mail program that has access to the headers, like elm on any unix system. Most windows e-mail programs don’t let you edit the headers (I don’t think).
The one thing you can’t forge is the path that the e-mail took to get from where it started to where you are, since that gets filled in en-route. Contact your sysadmin people. They can easily track the offending e-mail back to where it came from.
Maybe I’m using the wrong terminology here, URL as opposed to IP address or number. It showed, supposedly, my IP address coming from a Yahoo account under my name. They did not spend any money doing any traces that cost, and neither did I since they believed me when I denied it, but I would still like to know how they did it. Thanks to all for responding.
Getting a Yahoo (or any other free mail service) account with someone else’s name on it is ridiculously easy. Just fill in the blanks on the application form with the other person’s info. Asking Yahoo about it might not get you anything useful, though, unless the perpetrator was dumb enough to mention his/her “real” address (i.e. a traceable one) during the Yahoo application process.
Now, if the Yahoo account in question happeend to be one that you created for yourself, the logical first step is to change that password, stat, and be careful about who uses your computer (especially if you have the “save my username and password” option selected) and make sure you never walk away while your computer is logged in.
Fact is, there’s nothing special about the computer angle. Anyone can write a normal letter, sign it with your name and drop it in the nearest mailbox.