Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Web & Email Web & Email
Search Search
Search for:
Tech Support Guy > > >

Email spoofing and spamming - what it can do to a business.


(!)

jamie1949's Avatar
jamie1949 jamie1949 is offline
Computer Specs
Member with 87 posts.
THREAD STARTER
 
Join Date: Feb 2007
Location: UK
Experience: Intermediate
01-Jan-2009, 11:09 AM #1
Email spoofing and spamming - what it can do to a business.
Your forum has been very valuable to us over the years and the help members have given us has been greatly appreciated. I return, I have written this thread as a warning to owners of online businesses, sharing some of our latest experiences as victims of spoof email attacks:

My company has now become a victim of spoof/fraudulent emails originating from China. Emails appear legitimately to come from sales@"ourdomain".com. from "support" or personally from our managing director and the originators use a line of code in the "From" address to mimic our legitimate mail box addresses. Examining the email header code will give you no clue as to the true origin of the fake email; they can pass the email through your service provider as if it came from you. We are still talking to our service provider about how the fraudsters can do this and believe me, it is causing them real alarm. It has taken hours of phone calls to our service provider's security department to even get them to take it seriously and at first we were met with a flat denial that this could happen. We proved our point and believe me, now our service provider realises they potentially have a huge problem on their hands.

We found out about the spoof emails when various postmasters returned "our mail" with warning to stop spamming. It took many man-hours of work to establish that the originators were operating out of China and were only able to do this with the help of our service provider.

The emails they send appears to come from legitimate business (not ours), with phone number, street address usually in Canada, Honolulu or the UK. It seems fairly innocuous with a couple of links which allow the recipient to unsubscribe from the mailing list or to get help with unsubscribing. Clicking these links opens up a can of worms. If anyone does this they are showered with malware. Another trick is to direct the link to porn sites in Russia (presumably the Communists are still working with each other!). Email from our MD asks recipients to confirm banking details as they "have been over-charged and can expect a refund."

Our web hosting company are not able to do anything to stop this and nor are we and our service provider have their top people working on the issue. We have put up warnings on our websites advising people not to open mail proportion to come from our sales and support departments and have closed these mail boxes. We have written to all past customers who paid us online by credit card warning them not to send banking details by email as we would never communicate this way regarding refunds, etc.

The code used by the spoofers means they can easily fish for legit email addresses such as sales@... support@... our MD's name, etc., so we have had to change all our email addresses to less obvious ones and notify customers and suppliers that the old mail boxes are closed. A lot of time, trouble and expense!

How did they select us as a victim? Last year we contacted a company in the US who organise for books to be printed in China. It looked like a good deal and we went that route because the cost of printing books in full colour in the US and Europe is very high, even taking the freight costs into account we could produce full-colour books at a low cost per unit by printing them in China. However, certain things did not add up and we backed out of the deal. One reason was that our accounts department picked up that a phone call to the Chinese agent was charged at a premium rate and we thought that was shabby business practise, so we didn't pursue the deal. The Chinese agent obviously sold our details to fraudsters and that is another story and we had a lot problems that took a lot of sorting out. We know the agent sold our details because the spoof emails that are now circulating sometimes refer to book titles that we have not yet published and they use these book titles in the spoof email subject line.

Of course, this sort of thing is very damaging to a business such as ours and we are now discussing closing down our websites and trading only as a "Bricks and Mortar" business again. It seems there is no control or hep available for businesses who are attacked by internet fraudsters and scammers and the cost to our business of maintaining an on-line presence is disproportionate to the returns. Yes, it has come to this, so after 6 years of trading online we most likely will stop.

We have only just begun to recover from an attack in 2006, where a forum for new writers was hacked by porn merchants operating out of Eastern Europe and our website was closed down by Google for 3 months. We had to close down a very popular forum and if anyone is interested in the damage this sort of attack causes a business, our average hits/month fell from 4,325 to 4! It took months for traffic to start to build up again and it has not fully recovered yet. If we are blacklisted again we would not recover. If Google blacklists you, your reputation is permanently damaged, whatever Google may say to the contrary!

I wanted to share these experiences on the Forum to make people aware of the very real risks to legit business when you have an online presence, and not to be complacent when it comes to all aspects of internet security and protecting your business communications. The questions you have to ask are: Is it worthwhile investing in an online presence, do the risks outweigh the potential returns? You have to give this serious thought.
The Villan's Avatar
Member with 2,226 posts.
 
Join Date: Feb 2006
Location: Lincolnshire UK
01-Jan-2009, 12:40 PM #2
I am wondering if this is something similar.
I received this from a friend yesterday. As it was a freind, I e-mailed back and wished him and his wife a Happy new year.
Today I got an e-mail from the person that it was a scam and that he had not sent it. So presumably they are piggy backing off his machine?

----- Original Message -----
From: John xxxxxxx
Sent: Wednesday, December 31, 2008 11:43 PM
Subject: Dear friend,


Dear friend,
The 2009 is coming and all will be perfect in our life -- Studying,working ,loving & shopping .HereYou can do brilliant business also. I would like to introduce you a very good company which i knew.Their website is www.doublewin-trade.com .They can offer you all kinds of electronical products which you need like laptops ,gps ,TV LCD,cell phones,ps3,MP3/4, etc... Please take some time to have a check ,there must be somethings you 'd like to purchase or you can do business with them to ean much money.
Their contact email: doublewin_trade@vip.188.com . MSN: doublewin-trade@hotmail.com
Hope you have a good starting of the new year !
Regards



--------------------------------------------------------------------------------
Read amazing stories to your kids on Messenger. Try it Now!
jamie1949's Avatar
jamie1949 jamie1949 is offline
Computer Specs
Member with 87 posts.
THREAD STARTER
 
Join Date: Feb 2007
Location: UK
Experience: Intermediate
02-Jan-2009, 04:37 AM #3
Could be! I think we are witnessing the start of a new problem
SoftwareGeek2's Avatar
SoftwareGeek2 SoftwareGeek2 is offline
Junior Member with 2 posts.
 
Join Date: Jan 2009
Location: US
Experience: Advanced
09-Jan-2009, 01:33 AM #4
It turns out my hotmail account was somehow used to send this exact email message to people in my address book - event happened today Jan 8th 2009. I've notified Microsoft and since changed the password on my hotmail account. I'm posting my reply here in hopes I can learn what happened. I found this posting by searching Google for the email address doublewin-trade@hotmail.com - this discussion group posting was the one and only search result.
Goku's Avatar
Computer Specs
Senior Member with 1,408 posts.
 
Join Date: May 2007
Location: India
Experience: Intermediate
09-Jan-2009, 01:53 AM #5
Sorry to know that you were affected with this Jamie.

Let your post sound the warning bell for other unaware users.

-- Goku
ndref's Avatar
ndref ndref is offline
Junior Member with 1 posts.
 
Join Date: Jan 2009
Experience: Intermediate
09-Jan-2009, 05:32 PM #6
I had the same email go through my account and send to my entire address book. I have no idea where to start to get rid of it??? Can someone help me out?
SoftwareGeek2's Avatar
SoftwareGeek2 SoftwareGeek2 is offline
Junior Member with 2 posts.
 
Join Date: Jan 2009
Location: US
Experience: Advanced
11-Jan-2009, 06:05 PM #7
ndref - was your affected account a hotmail or msn account? I'm trying to figure out if my hotmail account was compromised from a trojan running on one of my computers or if hotmail was hacked. My outbox shows the mails were sent from my account so I don't think this was my email address being spoofed.
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑