September 2007 – Vol. IV, Issue8
On a Personal Note: We’ve Been Spoofed!
I’ve been dealing with a small cyber-headache the last couple of weeks. A couple of my domains suffered an email “spoof attack.” I guess it’s pretty common–basically, what that means is that spammers take domain names and create fictitious email addresses that they then use to send spam emails. The process is automated on the spammers’ end, and no customer information for that specific domain is compromised; the spammers are just pretending to send email from legitimate domains. Domain owners who have a catch-all email address set up (all @[domainname] emails are sent to that address) are first notified of this suspicious activity when they start to get tons of bounced, out-of-office, and spam alert emails. In my case, spammers used a fake email at wahmcoach.com and at keywaystrategies.com to try to get people to buy pharmaceutical products, software, and other things. I got bounced emails from all over the world!
I contacted my domain registrar to see what I could do, and they set me up with a simple authentication (called an SPF record) that would only allow outbound emails for that domain to go through their servers. Hopefully that will prevent the same thing from happening in the future. However, because any changes like that to a domain have to go through a period of “propagation” across the internet, the change takes a couple of days to become active. And normally spammers will use domains for a few days or a week and then move on to someone else. Some internet experts even say that just “weathering the storm” and waiting for the spammers to move on is the best strategy. Hopefully my domains won’t be blacklisted (blocked as spam), but from what I understand, reputable blacklists use IP addresses instead of domain names. Because my IP address was not used, hopefully I won’t notice any long-term impact.
However, if you notice any deliverability issues with my emails, please let me know. I appreciate it!