Caslon Analytics elephant logo title for Spam Regulation note
home | about | site use | resources | publications | timeline   spacer graphic   Ketupa

overview

industry

offers

attention

fraud

statistics

blacklists

EU cases

US cases













related pages icon
related
Guides:

Governance

Information
Economy

Security
& Crime

Identity
Crimes







related pages icon
related
Profiles:

Spam
regulation in Australia

Email &
Messaging

Do Not Call
Registries

Wireless
access

Forgery &
Forensics

Surveillance

section heading icon     address fraud

This page highlights fraudulent use of email addresses by spammers, potentially including your email address. 

It covers -

It is supplemented by a note on the forgery of email addresses and a broader discussion of address fraud as an aspect of identity pollution.

subsection heading icon     introduction

Much of the literature regarding regulation of spam centres on inconvenience to recipients of electronic junk mail: the exasperation, if not disgust, associated with maintaining filters and deleting the day's barrage of unwanted offers.

For some people, including the operators of this site, spam's real impact is fraudulent use by a spammer of someone else's email address. If that hijacking is sufficiently extensive it can result in blacklisting of the specific address or even the overall domain, given that automated blacklists do not differentiate between forged and legitimate email headers. Blacklisting can mean that an address is no longer usable, as legitimate mail from that address will be automatically excluded by many ISPs along with the spam sent under the forged header.

Some spammers, in making unauthorised use of someone else's email address, demonstrate a high degree of chutzpah.

One example is broadcastemailcorporation.org, which in purporting to send mail from one of our domains, disingenuously offers to

email advertise your web site to 8,000,000 people for free

this non-commercial offer is solely intended for non-commercial charities only.

this email offer is not a commercial service for sale/lease/trade.

Others display their ingenuity or ineptitude in the supposed names of authors: Doolittle C Acetone, Miranda BongoBongo, Increments M Fortnight, Seymour Acquaintance, Magisterial D Subdivision, Nightgowns J Rapidity, Insert Name, Iced M Prudishly, Obtained Q Brewery, Sweatlips Mcgraw, Misinterpretation R Calligraphy, Algonquain H Alleged, Layover G Cogency, Immaculate D Mermaid and so forth.

subsection heading icon     responses

Responses to 'address fraud' vary considerably.

Some recipients assume that spam does indeed emanate from the supposed address.

Others, often more net savvy, recognise that an address may be forged or that email may come from a 'zombie' personal computer.

Most apparently rely on filtering provided by their ISPs (or the operator of their corporate network) or on personal filters (on a desktop or laptop machine) to exclude junk mail. The effect of that exclusion may be that a particular address is no longer usable, because major ISPs will restrict both legitimate messages and the illegitimate.

There have been few prosecutions for spam-related forgery of email addresses. That is partly because of the difficulty of identifying offenders and proving meaningful damage to a court's satisfaction. It is partly because of lack of support from government agencies, which understandably concentrate their resources on more heinous offences such as child pornography or terrorism.

Arguably it is also because victims feel powerless, lacking the skills to successfully chase someone who has appropriated their name or instead questioning whether the costs (in legal fees and time) outweigh the likely benefits of prosecution - particularly prosecution in another jurisdiction.



icon for link to next page    next page  (spam statistics)



this site
the web

Google
version of May 2006
© Bruce Arnold
caslon.com.au | caslon analytics