E-Mail Spoofing is Downright Spooky

By Nancy Tamosaitis-Thompson, Vorticom, Inc.

As Published in BrandWeek

Has your email or Twitter account been hijacked?  Today I received an email on my business email account from my long term AOL address that invited me to “solve my erectile dysfunction problem now!”  A second email advised me to click on a link to purchase a product that would “flush my body of all toxins in less than two hours.”  I went into my sent box on AOL and found that an alternate AOL reality was sending hundreds of e-mails to trusted friends and associates touting the benefits of sexual health, weight loss and anti-anxiety drugs.

While the unlawful seizure of an aircraft, car or ship by a hijacker is certainly more treacherous than having your email account hijacked or spoofed, at least if you survive an encounter with a physical hijacker you have bragging rights that you managed to live another day.  When your primary or alternate email address becomes the digital playground for spammers selling illicit substances, one’s reputation runs the risk of being run through the mud.

As a veteran public relations professional and owner of my own PR consultancy, I often send and receive hundreds of e-mails daily where my clients are positioned for feature interviews.  I personally interact with producers at major broadcast outlets including CNBC, Bloomberg TV, CNN and thousands of print and online journalists in North America and internationally. Yesterday, while I was reaching out to a producer at a major business show regarding a publicly traded company CEO with a potential segment idea, she also received an email from my “spoof sister” telling her that “satisfaction is here” in the form of Viagra.  Yet another producer at another network received an email from my evil alter ego declaring that she’ll be “proud of the best sex” she’ll ever have.

Scammers who hijack or spoof an email address and use it as a “reply to: address” have created a new from of harassment in which fake or “boogie” messages are sent-out posing as the original owner of the email address.  These scammers could be pranksters, junk mailers or competitors seeking to sully a reputation.  Spoofed email can also be the result of one’s computer becoming infected with “spam zombies” or “spambots” with email addresses in the address book waiting to be sprung on unsuspecting friends, family and colleagues.

My Twitter account, where we generally send out news on client feature interviews, was hijacked a few weeks back with a twittering prankster sending my followers links to an IQ test.  Some Twitter followers angrily told me to cease and desist on my unlawful spamming.   The most sensitive of my Twitter community alerted me that my account had been hijacked and advised that my password be changed immediately.

What should we do when we realize we’ve become the victim of digital hijacking?  Changing passwords, that include a random assortment of letters and numbers, frequently is recommended.  Ensuring that one’s computer system has up-to-date security software is also vital.  However, even with all this protection, any committed e-mail spoofer can continue their digital misdeeds by entering in any random person’s email address as their “from” e-mail address into any bulk e-mail server product.  While the hijacker will not get the disgruntled and angry return e-mails asking why Aunt Charlotte is being sent weight loss drug recommendations, they’ll have the “fun” of messing with people’s reputations, one e-mail address at a time.

# # #

About the author: Nancy Tamosaitis-Thompson, president of Vorticom Inc., www.vorticom.com, is a best-selling author, former columnist and award-winning public relations professional.  She authored the best-selling net.talk for Ziff Davis Press in 1994.

Leave a Reply

Your email address will not be published.