On Wed, 2014-07-09 at 16:04 +1000, Jan Whitaker wrote: > I've had two email returned advisories where my address has been > spoofed (see below). > I can't figure out the the motivation for this. There was an embedded > link in the message (no I didn't click on it), but the whole email > aspect is fake. > What is the payoff to the sender?
WRT to actual email body, if you click on the embedded link the destination address of the email is flagged as working and accepting email, and the recipient is identified as an idiot, so definitely someone to keep spamming, and definitely an address to keep using as a fake sender. At the website itself, any of three things may happen: - the site fools you into leaving valuable data behind - the site exploits your browser to drop malware on you - the site sells you something If you are asking why the sender address used was yours, it is for several reasons: Spammers like to use real sender addresses, because they are less likely to be identified as spammy senders. Also, the backscatter (such as the bounces you received, or the ire of the recipient) goes to someone else; the spammer isn't interested in seeing backscatter. And by distributing the backscatter the spammer obfuscates his/her location (otherwise the stream of backscatter returning to a single sender would help identify the spammer). And finally, most bounces include the original message, so the spammer gets two for the price of one - a shot at the original recipient, and a shot at the recipient of the bounce message. It's because spammers now routinely use other people's addresses as the sending addresses that getting mad at the apparent sender is pointless. The apparent sender is almost certainly not the actual sender. Regards, K. -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Karl Auer (ka...@biplane.com.au) http://www.biplane.com.au/kauer http://twitter.com/kauer389 GPG fingerprint: EC67 61E2 C2F6 EB55 884B E129 072B 0AF0 72AA 9882 Old fingerprint: B862 FB15 FE96 4961 BC62 1A40 6239 1208 9865 5F9A _______________________________________________ Link mailing list Link@mailman.anu.edu.au http://mailman.anu.edu.au/mailman/listinfo/link
