E-mail address spoofing
E-mail address spoofing involves using an e-mail address that is not your own. When your e-mail address is spoofed, e-mails are sent that appear to be from you — but you did not send them. Aggressive “spoofers” like to spoof BCIT addresses.
E-mail spoofing is the forgery of an e-mail header or “From” section of an e-mail so that the message appears to have come from someone or somewhere other than the actual source. To send spoofed e-mail, senders insert commands in headers. These alter the message information so that, for example, “junk” or virus-bearing contents — which you didn’t write — nonetheless appear to be from you. Usually such commands to alter messages are inserted as a result of a virus on someone else’s PC.
Client Services periodically receives reports of e-mail coming onto our campus with viruses. Some appear to be sent from valid BCIT e-mail addresses (e.g., john_smith@BCIT.CA). In fact, these items are sent from other e-mail services and are spoofing the BCIT domain (BCIT.CA).
Unfortunately, there is no direct remedy if you are receiving e-mail with spoofed addresses attached, or if a colleague reports receiving junk e-mail seemingly from you because of your spoofed e-mail address in the From field. One option for the recipient of spoofed e-mail is to create an incoming mail filter that filters out e-mail from the spoofed source. If you normally receive legitimate mail from the suspect address, you must ask its owner to alert you in a particular way to any real messages. For example, the writer might put a particular word into the subject line. Then you can use a rule to have the rest automatically deleted.
Indirectly, you certainly can stem the flow of spoofed e-mail by keeping both your office and home PC virus-free.