This morning I’ve gotten three emails announcing that emails I sent have been returned. Except… I never sent these emails. Is someone doing something with my email address? Sending spam from it? Or just spoofing it?
Spoofing, most likely. Not really much you can do about it.
I got one the other day, too. I looked at the text of what I was alleged to have sent and it was all in Russian. I assumed some form of hacking or other devilment involving somebody’s mailing list on which my address happens to appear.
I trust my firewall enough not to panic over it.
I’ve been getting a ton of 'em lately, myself. The spammers must have stumbled upon my domain, and they’re using it to send tons of spam- and when they’re blocked, I get the bounce messages. Pisses me off, it does… but there’s nothing I can do about it.
I’m teaching Google to treat the bounces as spam, but that means that I’ll miss legitimate bounces. Spammers need to die.
Do you have DSL?
Is your computer on most of the time?
Do you not have anti- virus, spyware, and adware installed?
Do you use Windows?
The more yes answers the more likely someone else is using your computer to spam.
It sounds more like spoofing then his computer being a zombie.
I doubt the code that zombifies computers knows or cares the email addresses of the users.
I’ve gotten this type of spoofing mail on my Solaris system, which is not going to be either zombified or hacked by script kiddies.
I second Voyager and Joey P (does that mean I third?).
I’ve had that happen to me before and I am quite sure my computer wasn’t taken over (firstly I am diligent with AV and firewall updates, secondly I also had it happen to me on a different occasion at work and I’m quite confident of the talents of the IT department in question).
E-mail headers are so easily forged that the fact that it looks to a target server that e-mails came from you really doesn’t indicate much of anything.
Here’s how some badass programs work. On another machine (not yours necessarily), a rogue program works furiously to gather a list of email addresses from every possible source; from the computer, in address books, web sites, etc. and makes a humongous list of them.
Then it picks out two different email addys at random. It puts one in the TO field, and another in the FROM field, mails out some garbage, and repeats.
At the receiving end, the mail program, which is as trusting as an astrology victim, bounces the mail back to the address in the FROM field, which is you.
Never mind the FROM field doesn’t really describe where it came from. It’s where it SAYS it came from.
See how it works?
Most likely possibilities:
Spoofing – some spammer is sending emails, and forging them to look as if they come from your email address. Done because they obviously can’t use their own email address, and some anti-spam programs reject emails from a dead email address.
pfishing – the spammer is trying to sucker you – they want you to open that email and maybe click on a URL in it, which links to some evil site that downloads bad stuff to your computer. They hope the “returned mail” tag will fool you into doing so.
zombie – your computer really is infected with some malware program, and is being controlled remotely to send spam to lots of people. But even then, they usually don’t put your real email address in the ‘From’ spot – the bounce-backs would alert you to this infection in your computer, when they want you to be unaware.
These 3 are listed in declining order of likelihood. Especially the last one – if you have decent firewall and anti-virus protection, it’s quite unlikely.
In the last 2 years I have seen exactly 1 known zombie out of hundreds of virus problems. Norton was merrily scanning each email as it left…filling the screen with little "email scanned " notifications, …how thoughtful.