locked
Microsoft spoof email somehow sent from me to me ????? RRS feed

  • Question

  • I received the following message from myself. How is this possible. Has someone co-opted my email address and using it to send spoof Microsoft messages?

     

    Bad for me and bad for Microsoft--I have one care updating daily and doing full scan weekly and firewall enabled.

     Following is message I received "from myself"

     

    [deleted]
    Monday, July 21, 2008 1:49 PM

Answers

  • No, a spammer *has* placed your email address in the "from" line of the message. It has nothing to do with OneCare. The references to Microsoft inside the message body is another trick from the spammers, they take bocks of legitimate email communications and insert them into the junk in order to fool the junk email filters by having legitimate content in the message.

    Basically, nothing has been compromised other than the fact that your email address is public. The address I post here and in the newsgroups for people to contact me through receives hundreds of junk messages daily. There's not much you can do other than get a new email address and never share it publicly in any way.

    -steve

     

    Monday, July 21, 2008 3:42 PM
    Moderator

All replies

  • No, a spammer *has* placed your email address in the "from" line of the message. It has nothing to do with OneCare. The references to Microsoft inside the message body is another trick from the spammers, they take bocks of legitimate email communications and insert them into the junk in order to fool the junk email filters by having legitimate content in the message.

    Basically, nothing has been compromised other than the fact that your email address is public. The address I post here and in the newsgroups for people to contact me through receives hundreds of junk messages daily. There's not much you can do other than get a new email address and never share it publicly in any way.

    -steve

     

    Monday, July 21, 2008 3:42 PM
    Moderator
  • Hello, i'm sorry to break in here on your thread, but i received an email supposably from Microsoft.  However, i do not believe it is.  Is there a place to report such an email so that Microsoft can disable the people making these???

     

    Thanks for your time,  April S.

    Friday, October 17, 2008 1:09 AM
  • I'm quite sure that Microsoft is already aware of this and pursuing it, but the malware distributors are always a step ahead, unfortunately.

    I'm not aware of any reporting facility, but you can review the Microsoft Security site here:

    http://www.microsoft.com/protect/default.mspx

    -steve

     

    Friday, October 17, 2008 5:02 PM
    Moderator
  • abuse@msn.com goes to MSN.

    abuse@microsoft.com goes to Microsoft.

     

    Those are difficult to find @ Microsoft.com

    Thursday, December 4, 2008 8:58 PM
  • MaryJStephens,

     

    You misunderstand the purpose of these addresses. An abuse@ address is intended for reporting abuse of email actually from an address at the domain following the '@' symbol. Since in this case the message is actually coming from a spammer who's address is unknown [faked], there's nothing that Microsoft can really do about it, so sending it to them serves no purpose.

     

    This is why spammers use fake messages appearing to come from such organizations, since the highly confused public really has no clue how to tell where the messages really originated and even the experts often can't tell anymore since most spam is now sent by 'BOT' networks of infected client PCs.

     

    The best thing an individual can do is limit who they provide their primary email address to and ask them to treat it with care. Sending jokes and other trash email to huge lists of friends may sound like fun, but it distributes your email address to dozens of people you might never otherwise communicate with. Though on the surface this seems OK, if only one of those other people's PC gets a virus which collects email addresses, you're now on a spammers list.

     

    My own primary email address has only been provided to a handful of individuals and reputable organizations that I do  business with, and after over 5 years still hasn't received one true piece of spam. This is partly luck, but in large part it's also due to this policy. As Steve mentioned, you can get a second 'sacrificial' email address that you use for any public posting or for less trusted individuals and organizations.

     

    Spam will never be stopped by reporting it to the wrong organization, but if your ISP provided email client (usually web) provides a way to report spam, you should learn how to use it. What you report will be submitted together with those from others and will work like a voting system to help identify and at least tag, move to a spam folder or block similar messages sent to others. The more who do this, the more likely that everyone will receive less spam.

     

    OneCareBear

    Friday, December 5, 2008 6:12 AM
    Moderator