Spam email sender addy same as mine?

[LauraR]

Here's my question...

Just recently, I have gotten spam email on how to enlarge things from, um, myself. :D

The sender email address is my own, in two different accounts. I did open one up and it stated the sender actual address, but I'm concerned.

Is that just some sort of java scripting or something?

Thx

[Mada_Milty]

Quote:

Originally Posted by LauraR

Is that just some sort of java scripting or something?

Thx

It's called address spoofing, and is an old spammers trick. They do it ALL the time. (Hence how you can get spam from legitimate domains, like ebay.com)

They've either just gotten lucky in guessing at your exact address, or they've harvested it from somewhere on the internet.

[LauraR]

Is it something to be concerned about from a security thing?

[Bill_Marsden]

I've had the problem for decades. Think of it as minor identity theft. Where it is a real problem is your legitimate email address gets blacklisted, and all of a sudden you have problems writing legit email. I had a lawyer's secretary who didn't get it, wound up giving up on my lawyer.

Other than that I wouldn't worry too much about it.

[LauraR]

So it's being used to send to other people? Not just me?


jeez

[Bill_Marsden]

What can I say, another way spammers are scum of the earth.

Being hard headed and owning my email address since the early 90's I'm not giving it up.

[Mada_Milty]

Quote:

Originally Posted by LauraR

Is it something to be concerned about from a security thing?

Unless you are careless in giving out your email address on the internet, no.

You do need to be cautious about putting it in plain text where others can see. (addresses you don't want spam at, anyway). For example, don't put it in a thread on Majorgeeks, any bot can load the page, find it, and start spamming it.

The fact that they are doing it from your own address is probably just a coincidence, IF your address wasn't found out as per the above.

[Mada_Milty]

Not trying to say that changing the password is a bad idea, it can never hurt, but fail to see the relevance???

The account likely isn't compromised, only the address is being spoofed. With the right commands, any mail server can send messages from any address on any domain.

[LauraR]

Quote:

Originally Posted by Mada_Milty

Not trying to say that changing the password is a bad idea, it can never hurt, but fail to see the relevance???

The account likely isn't compromised, only the address is being spoofed. With the right commands, any mail server can send messages from any address on any domain.

When you open up the email, the sender address is not mine. I would think that that gets taken into account, plus the fact that they are being sent from another domain?

[Mada_Milty]

Quote:

Originally Posted by LauraR

When you open up the email, the sender address is not mine. I would think that that gets taken into account, plus the fact that they are being sent from another domain?

Alright, perhaps I've misread the OP.
The address isn't yours, but the name associated with the address is yours?

Ie. you have messages from LauraR which was sent from whatever account?

That's more-or-less the same story. Another spammer trick, this one a little more indicative of the spammer having harvested information somehow.

[LauraR]

When I go into my inbox, there is a message from me (or so it looks).

When I open it up, it says from admin@phizer (or something)

(PM for you mada)

Thanks.

[Mada_Milty]

Quote:

Originally Posted by Steve_East9

It is the first thing to do whenever the remotest possibility of email hijacking arises. One is a symptom of another possible problem.
It is the most basic and standard form of precaution in this situation. Though as that email address is now compromised and is quite likely to start suffering blocking, even if only a tiny number of recipients report it, it should be shut down.

Nah, the email headers, (which Laura just PM'd to me) contain enough information for them to know that it isn't really HER sending the messages. (Turns out they're not even using her address, anyway, just her name)

It's the server in most cases that should be shut down. Turns out this message was sent from a server in Amsterdam, that is likely improperly secured. Spam protection really isn't the onus of the end user. Why should her account get locked because some jerk is pretending to be her?

My point is that I regularly change my email password, and it doesn't stop me from getting emails from myself. I really shouldn't have made an issue of it, it wasn't bad advice, really. My apologies.

[Adrynalyne]

The second post in the thread indicated it was spam.

[Adrynalyne]

Just as useful as you are, repeating what was already said

Quote:

So in fact, Laura is getting spam.

[LauraR]

Thanks for all the imput. (Thanks for taking a look at the source info, mada) I'm fairly certain my computer has not been compromised.

I'm changing passwords, which I do anyway from time to time, as a precaution.