Email Spoofing

I run a startup web hosting reseller company with a sizeable number of premium and free accounts.

Running a web hosting business can be challenging but interesting too. You get to hear varied complaints.

About 3 weeks ago, a client called me up, complaining about mails that were being sent from addresses purportedly from his domain. A quick check on his account revealed nothing. However, what makes his case a little interesting is that his cPanel account was not hacked into, so these email addresses do not exist. A closer study showed that the spammer’s intent was to use a legitimate account with a whitelisted IP address to spread “the word”, mostly selling or advertising one thing or the other.

This is not very different from what our ever so ingenious 419 crew used to do way back, claiming a mail was sent from, say, CBN or from the widow of Thomas Sankara or something. However, our 419 guys usually leave a different “reply to” address, making the whole thing a joke.

My client’s case is different because these mails that are puportedly sent from his domain name are sent out with no expectation of a reply and they are sent out in thousands. Chances are, the only mail the domain owner would ever get would be from his hosting company and that he did. His account eventually got suspended.

It really was not his fault but unfortunately, nothing much can be done about it. The sad thing too is that it can happen to any email account, even in the public domain.

Thankfully, we Nigerians are the praying type. We can only pray the spammer will tire out and go elsewhere.

The following two tabs change content below.
Wale Falade is Nigerian. A Business Systems Analyst, Technology Enthusiast and a Linux Server Administrator. He engages actively in improving online visibility of Nigerian brands. Follow him on twitter @diaryofageek
Posted in: Hack
%d bloggers like this: