View Full Version : My email address is being used by a spammer

David Tuson
18-02-2008, 3:51 AM
When I logged into my email today there was a message with the subject line –
[Fwd: **Message you sent blocked by our bulk email filter**]

I didn't send the message to the person that rejected it - never heard of him!

I contacted my ISP to see if they could find out where the message originated and got the following explanation

"A common technique used by spammers to stop people from tracking them is to use a random email address as the reply address when they are sending out spam. If you are receiving a huge amount of these failed delivery notifications, it would probably be as a result of this. What happens is that the spammer sends out an email to hundreds (or thousands) of email addresses that don't necessarily exist, and so each time an email is sent to an address that doesn't exist a return message is sent back to the reply address in the email. Because the spammer has, in this case, set your address as the reply address, the email will arrive to you.

This sort of thing usually passes with time over a period of a few days or so, but if it goes on for longer than that then it might be best to give us a call and we can look at other solutions such as changing your email address with us".

So, if anyone gets an email message from me with a subject line that has nothing to do with genealogy or family history – it isn’t from me!!


18-02-2008, 9:58 AM
As your ISP has mentioned, spammers never use their own email addresses (or indeed their own computers) to send out spam. There are a wide variety of techniques used by these scumbags, but one regular one is to send spam from a compromised PC and set a false return address - sometimes something obviously false, other times using an email address which is genuine (but not theirs of course) - either by accidentally picking a real address or, quite often, by simply using an address they already know about from their spamming activities.

It is quite easy to tell where a spam originates by examining the headers. You can see the original senders IP address (which can be used to report the fact that a machine at that address is sending spam - probably unaware because the spam is being sent by malware). I don't waste my time reporting spam with originating IP addresses in certain countries - it will not be dealt with - but UK ISPs in the main seem to take action.
In the headers you can also see the address being given as the "reply to" address which is where the recipients mail client or ISP may bounce any spam to.
Bouncing spam - as happened in your case - is actually a royal pain in the rear. As already mentioned, almost all spam has a fake "reply to" address, so bouncing it simply adds to the traffic and the bounced mails become annoying to the person whose email address has been picked at random by some scumbag.

I would simply ignore all bounced emails for a few days - you will most likely only get two or three as most decent mail servers no longer bounce these mails, knowing the addresses are faked. If it continues, then check your outgoing mail box - just to be certain you are not sending spam unwittingly due to malware. It is generally easy to tell - your machine will crawl really slowly as it is sending thousands of mails per hour!


18-02-2008, 10:18 PM
Hello, this has happened to me too. In the last week or so I've received about 8 or 10 bounced emails, I didn't know why until reading this.


David Tuson
19-02-2008, 1:25 AM
Thanks for the additional information Mark - I'll be keeping a close eye on my system's performance.


Clive Blackaby
19-02-2008, 2:03 AM
Whatever you do, don't reply to these emails, or log them on any of the various spam reporting sites.

And never set any form of "Away Message" which sends a reply to all of your emails. That goes to the bad guys as well as your buddies!

If they get a reply, or a report that indicates they've hit on a real email address, the spam will grow like fungus - my previous email address got up to 500 spam mails a day (all trapped by my ISP, but my ISP also trapped some genuine emails so I still had to go through the "motions", [and no that's not an accidental pun] to find mails trapped by accident.)

These guys trawl the text in websites and forums like this one trying to identify usable email addresses, so if your email address is clive@blackaby.fsnet.co.uk you should never do what I've just done (it's OK, because that is now a "dead box", so the spammers are welcome to it :) Enjoy,guys)

At least change it to clive at blackaby dot fsnet etc etc.

David Tuson
20-02-2008, 3:49 AM
Good advice Clive - I've never opened suspicious mail. I cannot believe that people are still being conned by the spammers. But then , the lure of a quick buck I suppose.

I changed my email address once before when I got inundated with junk, so will do it again if necessary. And I do not publish my email address on any frum - I use the PM facility.


PS I was born in Stretford - the Lancashire side of the Mersey!!

Clive Blackaby
25-02-2008, 2:29 AM
PS I was born in Stretford - the Lancashire side of the Mersey!!
I sort of blew in here on a south easterly breeze from Hertfordshire about 30 years ago and sort of stuck here like a Tesco bag caught up in a tree.