Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

I got a spam email from...myself?

G

GanChan

macrumors 6502a
Original poster
Jun 21, 2005
617
27
And yet there's nothing in my Sent box to indicate that it originated from my Yahoo email address...

So, does that mean my computer or my Yahoo email has been hacked into completely, or just that somebody figured out how to fake may email address? How does faking an email address work anyway? How screwed am I? Etc. :confused:
 
When an e-mail is sent it can pretty much put anything it wants to in the "From" field. It's not from you. Don't worry... your e-mail account hasn't been hacked (most likely).
 
GanChan said:
And yet there's nothing in my Sent box to indicate that it originated from my Yahoo email address...

So, does that mean my computer or my Yahoo email has been hacked into completely, or just that somebody figured out how to fake may email address? How does faking an email address work anyway? How screwed am I? Etc. :confused:
Click to expand...

Not at all. Any half decent programmer can write a program or script that spoofs the from address. Some friend of yours PC is likely infected by a spam bot that's using random To/From addresses from the PC's address book.

As an example, since I read your post, I sent myself an email from joe.soap@macrumors.com. It took that long.
 
Never mind any decent programmer, any 13 year old can do it. You can do it in Microsoft Outlook or even Apple Mail as easy as pie.
 
The email system as it currently stands practically operates on an honor system. SMTP ate my balls.
 
I've had to take advantage of the ease of forging FROM addreses, but not for evil purposes. I have an application in which users want to email information to someone, but the information is stored on a server and the message is to be sent later. My code verifies their identity, looks up their proper FROM information, and (essentially) forges it to send email from the server in their name.

But when spammers forge FROM fields, it serves two purposes: to hide their identity and to tempt you to open the email. If the message appears to be from a friend, or yourself, or a company you know (e.g., your bank), you are more likely to open it, so they forge them that way.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back