Methods
Because many spammers now use special software to create random sender addresses, even if the user finds the origin of the email it is unlikely that the email address will be active.
The technique is now used ubiquitously by bulk email software as a means of concealing the origin of the propagation. On infection, worms such as ILOVEYOU, Klez and Sober will often try to perform searches for email addresses within the address book of a mail client, and use those addresses in the From field of emails that they send, so that these emails appear to have been sent by the third party. For example:
- Alice is sent an infected email and then the email is opened, triggering propagation.
- The worm finds the addresses of Bob and Charlie within Alice's address book.
- From Alice's computer, the worm sends an infected email to Bob, but the email appears to have been sent by Charlie.
This can be particularly problematic in a corporate setting, where email is sent to organisations with content filtering gateways in place. These gateways are often configured with default rules that send reply notices for messages that get blocked, so the example is often followed by:
- Bob doesn't receive the message, but instead gets a message telling him that a virus sent to him has been blocked. Charlie receives a message telling him that a virus sent by him has been blocked. This creates confusion for both Bob and Charlie, while Alice remains unaware of the actual infection.
Newer variants of these worms have built on this technique by randomising all or part of the email address. A worm can employ various methods to achieve this, including:
- Random letter generation
- Built-in wordlists
- Amalgamating addresses found in address books, for example:
- User1 triggers an email address spoofing worm, and the worm finds the addresses user2@efgh.com, user3@ijkl.com and user4@mnop.com within the users email address book
- The worm sends an infected message to user2@efgh.com, but the email appears to have been sent from user3@mnop.com
Read more about this topic: Email Spoofing
Famous quotes containing the word methods:
“All good conversation, manners, and action, come from a spontaneity which forgets usages, and makes the moment great. Nature hates calculators; her methods are saltatory and impulsive.”
—Ralph Waldo Emerson (1803–1882)
“I think it is a wise course for laborers to unite to defend their interests.... I think the employer who declines to deal with organized labor and to recognize it as a proper element in the settlement of wage controversies is behind the times.... Of course, when organized labor permits itself to sympathize with violent methods or undue duress, it is not entitled to our sympathy.”
—William Howard Taft (1857–1930)
“Crime is terribly revealing. Try and vary your methods as you will, your tastes, your habits, your attitude of mind, and your soul is revealed by your actions.”
—Agatha Christie (1891–1976)