What to do if you get spoofed

BlogHer Original Post

Spoofed or forged email is a common problem these days. Here's how it works. The spoofer changes the settings in his or her email program to a fake name and "return to" address. When mail from the spoofer lands in your inbox, you see the fake name and email address. It may look legitimate, for example, it might be something like imablogger@blogher.org or imacrook@paypal.com. It might seem to be from your bank or some company where you have an account.

If it looks at all strange, delete it without opening it. This is because some spoofed emails contain worms that send more spamming emails to everyone in your address book once you open them.

If you do open the mail, you may be asked to click a link to a bogus website and supply some sort of sensitive information such as a PIN number, account number, social security number, or password. Don't do it! If it's a request for you to send money somewhere in order to receive big bucks in return, don't do it. Hit delete.

As for BlogHer, there are very few people who could send you email from blogher.org, and I think you know who they are. Even if it's a name you know, if the request sounds fishy, it IS fishy. No one at BlogHer is going to ask you to reveal anything like an account number, threaten you with suspension if you don't supply some sensitive bit of information, or do anything even slightly off kilter.

You can report these spoofing violations to the real organization that is being spoofed in hopes that they can figure out who the culprit is. If you do that, you need to include the Internet headers. The headers give every single hop the mail made along the way from the spoofer to you. Sometimes it can be traced back to where it originated.

Different email applications have different ways of revealing the headers to you. Some have it in the View menu as View > Headers. Some have an option like View Source that will show them. You'll know you found it if you see a bunch of odd looking text like that in this image.

an example of an email header

That's from a real email, so I greyed out a few bits of it, but you get the idea.

In addition to letting the real organization know what's going on and providing them with the Internet headers, there are some pretty technical preventative measures. These measures should be taken by a mail system administrator, not by you individually. You can see some preventative steps at The CERT Coordination Center at Carnegie Mellon University. A Windows Security article on email spoofing supplies similar technological solution ideas. If you're getting a lot of fake email, you might check with the account administrators to see if these technical measures are in place for your system.

A habit of mine is to look over my inbox each time mail arrives and delete everything that doesn't look right before I start reading anything. Then I don't accidentally open something because it was the next piece of mail in my inbox once I start reading mail.

Yahoo!, Gmail, Comcast, Roadrunner and all the other mail service providers out there are doing their utmost to catch spam and keep it out of your inbox. But sometimes things get through. You are the last line of defense. Be ready.


In order to comment on BlogHer.com, you'll need to be logged in. You'll be given the option to log in or create an account when you publish your comment. If you do not log in or create an account, your comment will not be displayed.