Email spammers

So, it looks like someone on the internet has decided to spoof my email address, and is sending hundreds of spam emails an hour to random email addresses and making them look like they’ve come from my account (by putting my email address in the From: field).

My account hasn’t been hacked; it’s just being faked. The prevailing wisdom on the interweb is that there’s nothing I can do, except just delete the account.

Welcome to the interwebulations.

This happens to me multiple times a year. The normal causals

  1. Someone who has my email in their contacts list got malware’d
  2. I put a real address on a public place like LinkedIn or Facecrack.
  3. A vendor/business unit was hacked
  4. A vendor/business unit sold my address.

The easiest solution is to use a global redirect for all emails @domain then give each org a unique “contact me at” address. For example facecrack at domain dot com is what I list in facecrack. amazon at domain dot com. I actually switch my from address when dealing with these guys so they never get my real address. Then, if they are bad people, I contact them and do the IT threat. So far I’ve not had any company press me on the threats.

The only one that is tough is #1. People are a loose cannon. You can’t manage aliases for everyone. But you also need to protect yourself. I have 2 domains for this. One is personal the other business. I use real addresses in personal domain for person to person comms. most business transactions are in the business domain.

This is sounds a lot more complicated than it really is. Google fronts all my domains and I only have 1 real address that no one ever sees (not really true there are real addressed for my family too). Aliases spring into existence as needed and I use google filters to reduce the noise.

This is just one what to deal with the problem. It works for me and requires little effort. Let me know if you need any ideas or have questions.