Here’s a request i’ve been seeing a lot lately:
I came in this morning and found a large number of bounced messages that were all set from me that were sent to lots of random people, but I didn’t send them! My computer even was unplugged/off/in a wheat thresher – do I have a virus?
Quick answer: No, you aren’t infected, you didn’t do anything wrong, nothing to see here – just delete them and move on.
Detailed answer: You have just become another example of Spam Backscatter. When you get a spam message, it usually comes from some random email address, most likely completely unrelated to the topic of the spam. (If it were a real sender and/or related to the message, it wouldn’t be spam, then, would it? ). Well, those email addresses are usually picked out of the millions of ‘good’ email addresses that the spammers have in their database, and since they send out millions of emails, the probability is that every once in a long while, that ‘from’ address they use is going to be you.
UPDATE 4/23/08: It seems that the backscatter spam is actually a tactic chosen by spammers – since bounced emails don’t get read, and the entire contents of the spam are often included in the bounce message, they are more likely to have their messages delivered to a human being, bypassing filters.
Its very easy to spoof (fake) the sender of an email (remember this the next time you get an email from [email protected] telling you to forward this letter to all your friends and you’ll get money). Since the spammers want to make sure their email gets thru the filters, they don’t use the same email address in the From: field every time. So they randomly pick out an email address from their database and use that one.
Also, the spammers really don’t care how many bounce messages they get from rejected emails, or from non-existant addresses, so why should they be bothered with all the bounce messages? Better for someone else to get them.
So fast-forward to today, when you got 127 bounce messages in your inbox from random addresses around the world, saying your email was rejected, or so-and-so is over quota, etc. If you look at the body of the message and see that it is all a spam message, then you can simply delete the bounce messages and go about your day. Since spammers switch email addresses often within the same ‘batch’, most likely you’ll get one group of bounces over a 4-6 hour period, and then nothing else.
It isn’t very likely these days, but if you do get someone writing back to you telling you to ‘take me off your list’ or using not-so-nice words to describe their attitude, you can safely ignore them, or to explain to them that you’re an unrelated victim as well, point them to this article for more information.