I often get spam emails where there are a couple of personalizations that
just intrigue me. For example, I received a spam email from a real friend. I’ll
call him “Leo,” but the email address of the sender is actually someone else.
Someone else that I don’t know, an email address that I’ve never seen. Now, I
know “Leo,” but have not emailed him for years and I don’t see him in my current
email address book although I may be in his address book. The spam is one of
those that contains a clickable link and nothing else. Of course, I did not
click on it.
In this excerpt from
Answercast #50, I look at the sophisticated strategies spammers use to send
their malicious emails. Bottom line is to recognize it and not click on the
Become a Patron of Ask Leo! and go ad-free!
Spam from friends
Now… the original question goes on quite long – but the bottom line for a
scenario like this (the telltale sign for me) is that:
The email contained only a clickable link.
The email account that it came from was hacked.
Now, what email account did it come from? Well, that’s really hard to say.
Since this is someone you know, the display name that was used was someone you
know. My guess is someone you know (perhaps, “Leo,”) had his email account
Now, why then are you seeing email addresses that you don’t know?
My belief is that account hackers and spammers are getting more
sophisticated. What their intent is… what they’re trying to do when they
attack these accounts, when they hack into them and use their contact lists to
send email, is:
They’re trying to use names that are familiar to you;
Names that will cause you, as the recipient of this spam, to maybe think
To open it up and maybe click this link because it’s from a name you
Now normally, they’ll do this by using the actual email address of the person
in addition to their name. Why they’re mixing it up, I’m not sure. Clearly, it
feels like they’ve set up some database that says:
You know or recognize these names (in other words, you’re in this person’s
email address book);
Let’s send you email.
OK, now let’s send you email at least with a display name that you’ll
Why they’re using other email addresses in association with that display
name, I honestly can’t say. It doesn’t really make a whole lot of sense, but
these are spammers. These are scammers and they are trying to get you to do
things that ultimately you don’t want to do.
Friends email hacked
So, the bottom line here is that fundamentally I believe that your friend,
“Leo,” (pseudonym of course) had his email account hacked at some point. As
part of that, your email address became known to the spammers. They are now
sending you “run of the mill spam from hacked accounts” that are trying to get
you to click on that link – and do things that you don’t want to do.
So, bottom line is, yea, this happens. This kind of weird mix-up of name and
email address happens. It’s almost always a sign of spam. You should almost
always just mark it as spam in your email program or email service and move
Next from Answercast 50 – Why is my audio choppy?