Methods
Because many spammers now use special software to create random sender addresses, even if the user finds the origin of the email it is unlikely that the email address will be active.
The technique is now used ubiquitously by bulk email software as a means of concealing the origin of the propagation. On infection, worms such as ILOVEYOU, Klez and Sober will often try to perform searches for email addresses within the address book of a mail client, and use those addresses in the From field of emails that they send, so that these emails appear to have been sent by the third party. For example:
- Alice is sent an infected email and then the email is opened, triggering propagation.
- The worm finds the addresses of Bob and Charlie within Alice's address book.
- From Alice's computer, the worm sends an infected email to Bob, but the email appears to have been sent by Charlie.
This can be particularly problematic in a corporate setting, where email is sent to organisations with content filtering gateways in place. These gateways are often configured with default rules that send reply notices for messages that get blocked, so the example is often followed by:
- Bob doesn't receive the message, but instead gets a message telling him that a virus sent to him has been blocked. Charlie receives a message telling him that a virus sent by him has been blocked. This creates confusion for both Bob and Charlie, while Alice remains unaware of the actual infection.
Newer variants of these worms have built on this technique by randomising all or part of the email address. A worm can employ various methods to achieve this, including:
- Random letter generation
- Built-in wordlists
- Amalgamating addresses found in address books, for example:
- User1 triggers an email address spoofing worm, and the worm finds the addresses user2@efgh.com, user3@ijkl.com and user4@mnop.com within the users email address book
- The worm sends an infected message to user2@efgh.com, but the email appears to have been sent from user3@mnop.com
Read more about this topic: Email Spoofing
Famous quotes containing the word methods:
“The philosopher is in advance of his age even in the outward form of his life. He is not fed, sheltered, clothed, warmed, like his contemporaries. How can a man be a philosopher and not maintain his vital heat by better methods than other men?”
—Henry David Thoreau (1817–1862)
“We can best help you to prevent war not by repeating your words and following your methods but by finding new words and creating new methods.”
—Virginia Woolf (1882–1941)
“Parents ought, through their own behavior and the values by which they live, to provide direction for their children. But they need to rid themselves of the idea that there are surefire methods which, when well applied, will produce certain predictable results. Whatever we do with and for our children ought to flow from our understanding of and our feelings for the particular situation and the relation we wish to exist between us and our child.”
—Bruno Bettelheim (20th century)