I just received a spam email and when I added it to the block sender file,
my email address came up. What’s going on here?
It’s very frustrating, but you’re experiencing one of the many ways that
spammers try to force their way into your inbox.
Here’s what’s going on:
Become a Patron of Ask Leo! and go ad-free!
The spammer is “spoofing” the “From:” address. By that I mean that they’re
not using their real address, but making one up. Or using some other random
address as the “From:” address. Or yours.
In fact, they often get creative: you’ll often see some other name,
but the email address is completely different and unrelated. So often you’ll
see a unfamiliar name in the “From:” line, but if you look at the email address
that’s associated with that name, you’ll see it’s completely different, and
possibly even your own:
From: Leo A. Notenboom <email@example.com>
It looks like someone, but has the email address of someone else. Just
another way to hide what’s really happening in spam.
your email address there’s literally nothing you can do.”
So why do spammers go through all these steps? Two reasons: first, they
naturally want to hide where they’re sending from specifically so you
can’t block them. Second, by setting the “From” address to be yours,
if the mail bounces you’ll still get it as the mail system attempts return the
mail to the sender identified by the “From:” address.
How did they get your email address? There are so many ways. Two of the
biggest ways are harvesting them from web pages or forums where you’ve provided
your email address, and viruses that steal address books.
What can you do about it?
If spammers are constructing “From:” addresses with your email address
there’s literally nothing you can do. You wouldn’t want to block it because as
you’ve seen, you’d be blocking yourself.
The best you can do is hope that your other spam-fighting techniques such as
content filtering catch the spam before you see it. Beyond that, I find the
delete key exceptionally valuable.