A friend recently asked me a question about email messages. He wanted to know why he was receiving notifications that his email was “undeliverable” to person “xyz” when he doesn’t even know “xyz” and insists he never sent the message. So what happened? Did his computer get hacked? Did he get a virus? Probably not. This is a symptom of a clever trick used by spammers.
Getting “undeliverable” messages from your email provider that reference people you don’t know can usually be explained in a couple of ways.
Someone who has your email address in their address book has been infected with a virus or malware.
Having been infected, their computer will run a program in the background to send out email to anyone and everyone @anywhere.com. These machines are often called “zombies” because they are at the command of malware servers and are waiting for instructions to send out spam while running undetected on your computer. These “zombied” computers choose a random address from the infected machine’s address book and use it as the spam messages’ “From:” address. The virus or malware is basically making it look like all these messages were being sent by you. When the messages can’t be delivered, either because the “To:” address was bogus, or the user’s mailbox is full, or whatever, the bounce messages go back to the “From:” address.
Spammers do this in hopes that an email from a “real”, valid address will get through the spam filters. In reality it is the “domain name” that is fooling the spam filters. An email address like firstname.lastname@example.org is more likely to evade the filters. Really good spam filters will check the IP address the mail came from and determine whether the “From:” address domain name resides at that IP address (if you are interested about what IP addresses are, see my post entitled “What is DNS?” where I have give brief explanation).
Your email address was sold to a spammer and your name was randomly chooses as the “From:” address for the spam.
Spammers can get your “valid” email address in numerous ways (see my “9 Tips to Less Spam” post for more info on this). You are not being singled out or targeted. It is simply the luck of the draw that your name was chosen.
Why do spammers use these methods?
Spammers like to send email, but don’t want anybody knowing who they are. If we could easily find out who they were, we could complain to ISPs and other organizations to get the spamming operation shut down. The dumb spammers don’t do enough to obscure the origination of their messages and indeed some have been caught and prosecuted. But this is not the norm. Spammers are becoming increasingly more sophisticated and have found clever ways of avoiding detection.
How do they not get caught?
They send mail from foreign countries where the US laws do not apply and local law looks the other way. This is pretty self explanatory. You can’t get caught if nobody cares.
They take advantage of flawed, or out of date computers or servers on the Internet.
An infected or compromised home computer is turned into a mail relay. The messages come from random computers on the Internet and are more or less undetectable. A few thousand emails from a few thousand machines does not necessarily raise suspicions.
Servers owned by companies and organizations that are out on the Internet for legitimate purposes can also be used maliciously. Something called an “Open Mail Relay” is often used to distribute spam. An “Open Mail Relay” is a server on the Internet that allows anybody to connect to send mail. Most “Open Mail Relays” are the result of a misconfigured, un-patched or out-of-date server. A majority of US based companies and ISPs take measures to ensure their internet servers are secure and so you will see less and less of these relays as time goes on. If an “Open Relay” is found, with just a few automated commands, spammers can send thousands of mail messages. By the time someone notices and shuts down the relay, thousands of mails could have been sent. If this happens when your email address was chosen at random as the “From:” address, you more than likely would get a few “undeliverable” messages.
If you find yourself getting a number of these messages, don’t worry. It happens to lots of us. Just delete the messages. You don’t need to spend time tracking down the source or trying to notify people that you didn’t do it. The Internet is vast and you will most likely just be spinning your wheels. They will usually come in spurts and after a week or so, they will start to decline or go way entirely (at least for a little while).