Someone is using my email to pass VIRUS? 4

[danielh68]

Hi,

I have a website with an email link that reads "info@blitzdesign.net".

Occasionally, I receive emails from this account where the recepient is either asking me to take them of my mailing list or stop sending them viruses. The only problem is (a) I don't have a mailing list (b) I don't have a virus, nor to I pass them out to strangers. It's as if someone is using my domain to do this stuff.

Can someone explain to me what's happening and what steps I can take to prevent this?

Thanks in advance,
Dan

 

[cmeagan656]

Spammers harvest email addresses from web sites. Virii and spammers also spoof the "from" field of email they send.

First off, never use a raw email address on a web site. Instead of info@blizdesign.net have contact Blitz Design or Contact Us. When someone wants to send you an email via your web site they can click on the link and their email client will pop up with your correct email addy in the from field.

As far as the spoofing of your address by virus writers and spammers, there's not much you can do. The spammers probably got the addy from the web site and the virii picked it up from someone with an infected computer who had your email address in their address book.

Cheers.

 

[danielh68]

cmeagan656, thanks for the advice...much appreciated. Especially in regards to the raw email address info.

Thanks,
Dan

 

[manarth]

Actually, the raw email address makes no difference: the html code is

<a href="mailto:[COLOR=red]joe@example.com[/color]">Contact Example</a>

As you can see, the email address is visible to all - and the spamming scripts harvest this as easily as text on the screen.

You can either accept the hassle that comes from a publicly visible email address, or use an online contact form (users types their name, email address and comments into a form, hits submit, yoiur script then emails this data to you).

As for the occasional emails - ignore them. Any knowledgable sysadmin will know that most viruses / spammers now spoof the from address. A quick check against the IP address would rule you out as the sender.

<marc> i wonder what will happen if i press this...[ul][li]please tell us if our suggestion has helped[/li][li]need some help? faq581-3339[/li][/ul]

 

[N0ktar]

... or you can create an image of your email address in Corel of Photoshop and put it on your website.
safe and sound )

 

[ftechguy]

You can also use a simple javascript code on your webpage to prevent spambots from harvesting addresses. Here's an example:

<SCRIPT LANGUAGE="JavaScript">
<!-- Begin
userid = "username";
domain = "domain.com";

document.write('<a href=\"mailto:' + userid + '@' + domain +'\">');
document.write('E-mail me' + '</a>');
// End -->
</SCRIPT>

This is an old trick, so maybe spambots can account for something like this now. Not sure really.
For added security, you can even change the variable names above to say, "firstpart" and "secondpart", instead of "userid" and "domain".

 

[danielh68]

Some excellent advice, everyone. Thanks a bunch.

 

[billcmh]

Once out there even taking it off the website won't help, you will continue to see messages for years to come in all likely hood.

Some spammers and viruses are now using randomly generated usernames and attaching known domain names to them in their from field. I have two domain names that anything@mydomain.com gets forwarded to me. I see up to 100 messages a day telling me I have sent a virus to someone or that I email an non-existent address.

 

[dbMark]

NOktar, These days those malicious web crawlers can also read graphics. They pick take the graphic and run it through an OCR routine. That's why some sites now display the email address in a graphic with italics, assorted fonts, grayed and with junk static in the pix in an attempt to foil the harvesters. Our eyes can ignore the meaningless garble and pick out the address, but hopefully not the harvesters (yet).