Welcome to WebmasterWorld Guest from

Forum Moderators: LifeinAsia

Message Too Old, No Replies

Spoofed Email Addresses

Just how much brand damage is being caused?

10:10 pm on Jul 2, 2008 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member pageoneresults is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Apr 27, 2001
posts: 12172
votes: 61

Arrrggghhh, if I get one more spoofed spam message from Example.com!

Unfortunately it is not Example.com sending me the email. But, a rather subtle and effective email sabotage campaign launched against them I'd say over a year ago. It could be longer, time flies these days.

I've received so many of these that I no longer would trust the Example.com domain if I were the "average consumer". Many are going to think that they've just jumped on the email spamming bandwagon and go elsewhere.

Much of this "spoofed email" is going to get filtered. But, some of it does get through. That percentage that makes it through may have a drastic impact on your brand.

So, what do you do? Consumer education is all that we can do at this point with the current email protocols. Anyone can spoof the visible "From" address. What they usually cannot spoof is the header information which most consumers are not aware of. All they see is the From: You@Example.com and boom, your labeled. If they get enough of them over an extended period of time, that would probably have the same effect as if you were running a magazine ad for six (06) publications, the suggested run for maximum impact. But in this case, it has the opposite effect.

The biggest issue with Spoofed From Addresses? Anyone can do it, anyone. And many fall for it. :(

Do you get reports of this? Do you receive email from yourself? When you receive email like this from someone you know, do you alert them to the issue? I try to and will send the entire header information cut and pasted into the email so they can see where it originated from and follow the path. In most instances it leads to nowhere but they can see the methods used and exactly what their potential audience may be receiving.

I've seen some "high quality" emails coming from Spoofed Email Addresses. That first impression is a lasting one. When you get an HTML email that has the same look and feel of your website and it wasn't sent by you, there should be concern. PayPal is a prime example of this. So is your bank.

3:27 am on July 4, 2008 (gmt 0)

Junior Member

10+ Year Member

joined:Aug 19, 2006
votes: 0

example.com needs to set up SPF. Quite easy for most domains, and bigger, more complex organizations should spend the effort. There are online tools at openspf.org.

It may not cure spam, but it helps protect the domain.

4:51 am on July 4, 2008 (gmt 0)

Senior Member

WebmasterWorld Senior Member marcia is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Sept 29, 2000
posts: 12095
votes: 0

I just saw a reputable site listed/flagged in red at Yahoo! Search as being a domain that sends out unsolicited spam email.

No offense intended, but I do suspect that it's their affiliate "partners" causing it, since they do have an active affiliate program and they've got very marketable products for that particular niche.

That would cause a LOT of brand damage, no doubt about it.

8:44 am on July 22, 2008 (gmt 0)

Senior Member from GB 

WebmasterWorld Senior Member piatkow is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Apr 5, 2006
votes: 45

I would have thought that most users get to understand about spoofed addresses pretty quickly these days.
3:39 am on July 23, 2008 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:June 4, 2002
votes: 3

I saw one this morning from UPS saying "the package you sent cannot be delivered. Click the following link for more info". It was a zip file_ probably with a virus in it. I'm smart enough to not click on those things due to a bogus email (my email program shows when the email is not valid) but newbies probably wouldn't know any better.

The good thing is you only click on one of those once.

6:15 pm on July 30, 2008 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Apr 26, 2004
votes: 1

my email program shows when the email is not valid

What program do you use and how does it show you that it is valid or not? I am usually pretty sharp about these things, but if my email client had a way of doing it even better I would be game.


Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members