(TNS)—Q: Lately I’ve been receiving spam (unwanted junk) emails that come from invalid email addresses. As a result, my security software won’t let me add the addresses to its spam list for future blocking. What are the spammers trying to pull now, and what can I do about it?
A: Unfortunately, there’s not much you can do about it. You’ve encountered an old hacking trick called “spoofing,” which means faking the originating address in an email. Spam senders use spoofing either to hide their real email addresses (so you can’t add them to a spam-blocking list), or to fool you into clicking on an email link because it appears to have been sent by a friend or a company that you trust. Spoofing is widespread because it’s easy; there are even online tutorials explaining how to do it.
The only real defense against spoofing is the screening done by email providers before they send mail to your inbox, but that detection is hit or miss. For example, an email service provider can identify a spoofed email that originated within its own service. But, due to a lack widely accepted email security standards, it’s harder to identify spoofed email from an outside source.
Readers who use such email providers as Gmail, Outlook.com, AOL or Yahoo can try a technical trick that may temporarily block spam. By reading the email’s accompanying “source code” they can learn the “IP (Internet Protocol) address” of the spam sender’s computer. All online computers have this identifying number, and most security programs can be set to block a specific IP address. But after enough blocked emails bounce back, the spam sender will just use another PC with a different IP address.
Although you can’t stop spoofed email, you can avoid it. If an email address has misspellings or is quite long and contains blank spaces, it’s probably spam. If a sender appears to be someone you know, ask yourself if that sender would email you a message with links to click on.
©2015 Star Tribune
Distributed by Tribune Content Agency, LLC