iPedia Free Information Center

Information about E Mail Hoax

E-mail spoofing is a term used to describe fraudulent email activity in which the sender address and other parts of the email header are altered to appear as though the email originated from a different source. E-mail spoofing is a technique commonly used for spam e-mail and phishing to hide the origin of an e-mail message. By changing certain properties of the e-mail, such as the From, Return-Path and Reply-To fields (which can be found in the message header), ill-intentioned users can make the e-mail appear to be from someone other than the actual sender. It is often associated with website spoofing which mimic an actual, well-known website but are run by another party either with fraudulent intentions or as a means of criticism of the organization's activities. The result is that, although the e-mail appears to come from the email indicated in the "From" field (found in the email headers) it actually comes from another e-mail address, probably the same one indicated in the "Reply To" field; if the initial e-mail is replied to, the delivery will be sent to the "Reply To" e-mail, that is, to the spammer's email.

Methods

As many spammers now use special software to create random sender addresses, even if the user finds the origin of the e-mail it is unlikely that the e-mail address will be active.

The technique is now used ubiquitously by mass-mailing worms as a means of concealing the origin of the propagation. On infection, worms such as ILOVEYOU, Klez and Sober will often try to perform searches for e-mail addresses within the address book of a mail client, and use those addresses in the From field of e-mails that they send, so that these e-mails appear to have been sent by the third party. For example:

User1 is sent an infected e-mail and then the e-mail is opened, triggering propagation
The worm finds the addresses of User2 and User3 within the address book of User1
From the computer of User1, the worm sends an infected e-mail to User2, but the e-mail appears to have been sent from User3


This can be particularly problematic in a corporate setting, where e-mail is sent to organisations with content filtering gateways in place. These gateways are often configured with default rules that send reply notices for messages that get blocked, so the example is often followed by:

User2 doesn't receive the message, but instead gets a message telling him that a virus sent to them has been blocked. User3 receives a message telling him that a virus sent by them has been blocked. This creates confusion for both User2 and User3, while User1 remains unaware of the actual infection.


Newer variants of these worms have built on this technique by randomising all or part of the e-mail address. A worm can employ various methods to achieve this, including:
  • Random letter generation
  • Built-in wordlists
  • Amalgamating addresses found in address books, for example:
  • User1 triggers an e-mail address spoofing worm, and the worm finds the addresses user2@efgh.com, user3@ijkl.com and user4@mnop.com within the users Outlook address book
  • The worm sends an infected message to user2@efgh.com, but the e-mail appears to have been sent from user3@mnop.com

E-mail Spoofing used as Advance Fee Fraud means

Spammers use a new form of Advance Fee Fraud by utilizing the E-mail spoofing. By fraudulently using companies addresses, the spammers design e-mail recruitment campaigns by spoofing the e-mails and pretending to be recruiting for those respective companies, which is not true. In other words, the spammers use e-mail spoofing as means for Employment Scams probably run by the very same people: E-mail Spoofing for Employment Scam

See also

External links

Spamming is the abuse of electronic messaging systems to indiscriminately send unsolicited bulk messages. While the most widely recognized form of spam is e-mail spam, the term is applied to similar abuses in other media: instant messaging spam, Usenet newsgroup spam, Web search
..... Click the link for more information.
phishing is an attempt to criminally and fraudulently acquire sensitive information, such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. eBay, PayPal and online banks are common targets.
..... Click the link for more information.
E-mail (short for electronic mail; often also abbreviated as e-mail, email or simply mail) is a store and forward method of composing, sending, storing, and receiving messages over electronic communication systems.
..... Click the link for more information.
Website spoofing is the act of creating a website, as a hoax, with the intention of misleading readers that the website has been created by a different person or organisation. Normally, the website will adopt the design of the target website and sometimes has a similar URL.
..... Click the link for more information.
A website (alternatively, Web site or web site) is a collection of Web pages, images, videos or other digital assets that is hosted on one or several Web server(s), usually accessible via the Internet, cell phone or a LAN.
..... Click the link for more information.
review.
The word critic comes from the Greek κριτικός, kritikós - one who discerns, which itself arises from the Ancient Greek word κριτής, krités
..... Click the link for more information.
Spamming is the abuse of electronic messaging systems to indiscriminately send unsolicited bulk messages. While the most widely recognized form of spam is e-mail spam, the term is applied to similar abuses in other media: instant messaging spam, Usenet newsgroup spam, Web search
..... Click the link for more information.
The ILOVEYOU worm, also known as VBS/Loveletter and Love Bug worm, is a computer worm written in VBScript.

Description

The worm, first discovered in Hong Kong, first arrived in e-mail boxes on May 4, 2000 with the simple subject of "ILOVEYOU" with an
..... Click the link for more information.
Klez is a computer worm that propagates via E-mail. It first appeared in the end of 2001. A number of variants of the worm exist.

Klez infects Microsoft Windows systems, exploiting a vulnerability in Internet Explorer's Trident layout engine, used by both Microsoft Outlook
..... Click the link for more information.
The Sober worm is a family of computer worms that was discovered on October 24, 2003. Like many worms, Sober sends itself as an e-mail attachment.

The Sober worms must be unpacked and run by the user.
..... Click the link for more information.
Content-control software, also known as censorware or web filtering software, is a term for software designed and optimized for controlling what content is permitted to a reader, especially when it is used to restrict material delivered over the Web.
..... Click the link for more information.
advance fee fraud is a confidence trick in which the target is persuaded to advance relatively small sums of money in the hope of realizing a much larger gain. Among the variations on this type of scam are the Nigerian Letter (or 419 fraud) and "The Spanish Prisoner.
..... Click the link for more information.
E-mail (short for electronic mail; often also abbreviated as e-mail, email or simply mail) is a store and forward method of composing, sending, storing, and receiving messages over electronic communication systems.
..... Click the link for more information.
See also, Recruiter and Recruiting (athletics)
Recruitment refers to the process of finding right people for the right job or function, usually undertaken by recruiters.
..... Click the link for more information.
Employment scams, also know as job scams, are a form of advance fee fraud scamming where certain unscrupulous persons posing as recruiters and/or employers offer attractive employment opportunities which require the job seeker to pay them money in advance, usually under the
..... Click the link for more information.
A computer virus is a computer program that can copy itself and infect a computer without permission or knowledge of the user. The original virus may modify the copies, or the copies may modify themselves, as occurs in a metamorphic virus.
..... Click the link for more information.
A computer worm is a self-replicating computer program. It uses a network to send copies of itself to other nodes (computer terminals on the network) and it may do so without any user intervention. Unlike a virus, it does not need to attach itself to an existing program.
..... Click the link for more information.
hoax is an attempt to trick an audience into believing that something false is real. There is often some material object (e.g., snake oil) involved which is actually a forgery; however, it is possible to perpetrate a hoax by making only true statements using unfamiliar wording or
..... Click the link for more information.
A typical chain letter consists of a message that attempts to induce the recipient to make a number of copies of the letter and then pass them on to one or more new recipients. A chain letter can be considered a type of meme.
..... Click the link for more information.


This article is copied from an article on Wikipedia.org - the free encyclopedia created and edited by online user community. The text was not checked or edited by anyone on our staff. Although the vast majority of the wikipedia encyclopedia articles provide accurate and timely information please do not assume the accuracy of any particular article. This article is distributed under the terms of GNU Free Documentation License.
Herod_Archelaus


page counter