- May 27, 2020 at 6:31 pm #255949
first of all sorry if my english is bad and i hope im on the right subreddit.
so theres this spam email that is trending right now, that say they hacked to our email and have some videos of us masturbating and want some bitcoin in return. i know this is only a spam, but the thing that got me curious is on their “sender”, is our own email address. how do the sender fake this, and how do i check the authenticity of the sender email address?
a friend got sent this kind of email, and when i look at it, the sender is his own email and not someone else.
- May 27, 2020 at 6:32 pm #255950
They just set the e-mail address of your friend both in the `From:` and in the `To:` header. It’s as easy as that. Like you can send a letter and you can write just any return address you want on it.
There are possibilities to prevent these kind of attacks, but this widely depends on sender and recipient implementing those prevention techniques. Also, lot of admins are lazy or don’t understand it, so they’ll implement it less secure because it makes less problems. (Probably your friend or his provider, if it’s not his own domain, fucked up the configuration.)
Also spam detection is a shitty job, requires lots of configuration, monitoring and testing. If you blacklist the term ‘porn’ you have to keep in mind there are people called ‘VaPORNado’ (happened to me, when configuring a spam filter), so you have to make sure it’s not part of a word. But what if the spammers use ‘porno’ instead? This also has to be blacklisted, and so on.
Overall it’s more painful to have a false-positive spam (a regular mail falsely being deleted because it looks like spam) than a false negative (a genuine spam ending up in your inbox).
You must be logged in to reply to this topic.