SOLUTIONS   WORK   PARTNERS   COMPANY   MEDIA   FAQ'S   CONTACT   
 
What can be done if my e-mail has been forged? 
Contact Us
  
t. (246) 436-0444
f. (246) 431-0412
 
 
What can be done if my e-mail has been forged?

What is an e-mail forgery?

If the name and address that appear in the From, To or CC fields of an e-mail message do not correspond to the sender or recipient of the message, the message may be forged. The Internet e-mail system does not enforce any kind of security or authentication on the From, To or CC field. These fields are set arbitrarily by the computer that generated the e-mail message. Unsolicited e-mail (spam), viruses and malicious pranks routinely use forged From, To or CC addresses.

In general, the addresses in the From, To or CC fields are no more reliable than the handwritten return address on a postal envelope.

It is possible for a legitimate e-mail message to use a false From or To address. For example, if a computer sends out status messages about itself, the system administrator will often configure the outgoing messages so that the From address is the system administrator's personal e-mail address. Similarly, someone may use the BCC field to send e-mail to a recipient without explicitly putting that recipient in the To or CC field. These messages are not forgeries, but they may appear similar to forged messages.

Can the Internet e-mail system prevent forgery?

Unfortunately, the Internet e-mail system has no defense against deception. Academic and government researchers developed Internet e-mail protocols in the early 1980s. Commercial and criminal organizations were not part of the early Internet, and the first Internet-capable malicious software (the Morris Internet Worm) was still six years in the future. The first successful e-mail virus appeared in 1999.

These protocols have not changed substantially in the last 20 years. With the wide acceptance of Internet e-mail in the academic, commercial and private world, the protocols will not change in the foreseeable future.

Why do I receive delivery errors or virus warnings regarding e-mail that I never sent?

If you receive e-mail warnings about delivery errors or virus-infected e-mail to addresses you have never heard of, it is likely that a computer somewhere is using your e-mail address in the From field of a forged e-mail message. The computers that route Internet e-mail have no way to know that the From address is forged, so they send helpful warnings indicating failed delivery or virus problems back to the forged address. There is no way to prevent this forgery, since the original messages and the warning messages usually originate on computers outside the Insite Inc. network.

Did they break in to my e-mail account?

For routine cases of forged e-mail, there is no threat to your e-mail password or the contents of your mail INBOX. As long as you know your secret password and keep it secret, a malicious e-mail forger cannot gain access to your INBOX.

How did they get my e-mail address?

The answer depends on the source of the forged mail. Computer viruses scavenge e-mail addresses from files on the infected computer. They will scan address books, word processing documents, web pages, and mailboxes to look for addresses. They use these addresses to both send and forge e-mail.

Spammers (senders of unsolicited bulk e-mail) may purchase large lists of e-mail addresses, then generate e-mail with both the From and To address pulled from the list. They also use web searches to find e-mail addresses, or they may get e-mail addresses from USENET news system searches.

Viruses and spammers often try to confuse you by using e-mail addresses from the same domain. For example, if they generate fraudulent e-mail to an address at insiteinc.com, they will put an insiteinc.com address in the From field.

How can you tell forged e-mail from legitimate mail?

In some cases, you can identify forged e-mail by comparing the From address to the IP numbers listed in the full Received headers. This analysis requires some technical knowledge of the Internet domain name system, and it is possible for clever forger to produce very authentic-looking Received e-mail headers. There are also some special cases of legitimate e-mail where the From address and Received headers might not match. The method is not completely reliable.

Can Insite IT prevent forged e-mail? Can anyone?

Unfortunately, the answer is no. Any computer on the Internet can generate e-mail with arbitrary From, To or CC addresses. In the vast majority of forged e-mail cases, the e-mail did not originate on an Insite computer or within the Insite network. Consequently, Insite IT cannot stop these forgeries.

Is there any way for me to know who produced an e-mail?

If the sender takes no special measures, then the answer is no. Based on e-mail headers alone, there is no way to know if an e-mail with a particular From address was actually typed by that person. By looking at the detailed Received headers, it is sometimes possible to determine if the message came from a particular computer. In this respect, electronic mail is very much like paper mail.

 
Terms Of Use · Privacy Policy · Contact Us · © 2010 Insite Interactive.