Subscribe to the Oldie and get a free cartoon book

Subscribe

Matthew Webster - If it tastes like spam, it probably is

Pursuits | By Matthew Webster

Sridhar Rao / CC BY-SA (https://creativecommons.org/licenses/by-sa/4.0)

Don't be a hacker slacker

Who is sending you emails? It’s obvious, isn’t it? The address is at the top – so you know who it’s from, surely?

If only it were that simple. Making an email look as if it comes from an address that is not your own is one of the simplest ruses on the internet.

Sometimes there are good reasons for doing so; perhaps a club uses a third party to manage memberships. In those cases, if you look into the guts of the email, you can see who actually sent it; but it’s not important, because the club that instructed it to be sent is plain to see.

However, that’s also exactly what the spamming scoundrels do, and they are also devious enough to alter the code inside the email and hide who they really are, or at least muddy the trail.

That’s unnerving enough; but how did they get my email address? Have I been ‘hacked’?

Relax; you probably haven’t been. Email addresses come from all over the place. It might be because your email is public; mine is on the Oldie website, from which it is easily harvested by internet robots that scour the web. Or it might be from one of the many data breaches caused by a company that has, so to speak, left its customer list in the pub.

Well over ten billion email addresses have been revealed this way. You can see whether yours might be one of them at haveibeenpwned.com, which tracks breaches and has a gigantic database of the emails that have been exposed. It seems that mine has been involved in six such breaches.

But, you say, can’t the owner of an email address that’s used to send spam be traced and prosecuted? Not really, at least not if they take steps to hide.

I’ve no doubt that behaving deceitfully like this is against the terms and conditions, and you shouldn’t do it, but spammers don’t care about that sort of subtlety.

It’s all to do with privacy, which is often a double-edged sword. I doubt you would want anyone who knows your email address to be able to discover where you live by asking your email provider. Even if they know it, they won’t reveal it.

The trouble is that this cuts both ways: the privacy that protects you is exactly what protects the spammers. A court order might help but, as we’ve seen, the provider may not have the information anyway.

Do not despair. First, remember that you are not alone in this fight. Your email service is just as keen to stop spammers as you are – probably more so – and will have sophisticated techniques to spot the rubbish and consign it to your junk folder. Most of the time, they are pretty good at this, but it’s a cat-and-mouse game; each time they refine their filters, the spammers refine their efforts.

Your best defence, by far, is cynicism; happily, that’s something I know Oldie readers have in good quantity. If it looks odd, it probably is. If it’s unexpected, tread carefully. If money is involved, tread very carefully indeed.

The delete key is always your friend.


This story was from October 2020 issue. Subscribe Now