LDFerguson
Registered User
- Messages
- 4,695
Hi.
For the past week my ferga.com e-mail domains have been the subject of a fairly concentrated "spoofing" attack. In other words, some unknown entity has been sending out e-mails that appear to have come from info@ferga.com containing an attachment with a virus.
It's not harmful as the e-mails are being sent methodically to different variations of the "@ferga.com" domain, e.g. john@ferga.com, mary@ferga.com etc. Most of the recipient addresses used are non-existent, and as we don't have a catch-all set up, they simply get returned to sender. But as the sender is apparently info@ferga.com, we keep getting the "returned to sender" messages back here.
When they do chance on a valid @ferga.com e-mail address, it's a virus but our anti-virus protection picks it up.
I've contacted our hosting service but they advised to leave it for a week or so and it will go away.
I know it's a sadly common occurrence and being presumably done by some automated program, but it's very irritating. It's also rather worrying that someone can easily imitate any e-mail address they like, which has potentially serious implications. It's similar in principle to someone stealing a box of our business stationery and sending out letters that appear to be from us.
My question is - is there any way to identify the true source of an e-mail, when they have spoofed the e-mail address?
For the past week my ferga.com e-mail domains have been the subject of a fairly concentrated "spoofing" attack. In other words, some unknown entity has been sending out e-mails that appear to have come from info@ferga.com containing an attachment with a virus.
It's not harmful as the e-mails are being sent methodically to different variations of the "@ferga.com" domain, e.g. john@ferga.com, mary@ferga.com etc. Most of the recipient addresses used are non-existent, and as we don't have a catch-all set up, they simply get returned to sender. But as the sender is apparently info@ferga.com, we keep getting the "returned to sender" messages back here.
When they do chance on a valid @ferga.com e-mail address, it's a virus but our anti-virus protection picks it up.
I've contacted our hosting service but they advised to leave it for a week or so and it will go away.
I know it's a sadly common occurrence and being presumably done by some automated program, but it's very irritating. It's also rather worrying that someone can easily imitate any e-mail address they like, which has potentially serious implications. It's similar in principle to someone stealing a box of our business stationery and sending out letters that appear to be from us.
My question is - is there any way to identify the true source of an e-mail, when they have spoofed the e-mail address?