In my email box this morning was a message from…myself. It looked like this:
I quickly hit “forward” and sent it to spoof@paypal.com, their designated mailbox for issues like this.
Obviously, it was sent from someone other than me. Let’s take a look at the most obvious clues, and one way to stop those messages from showing up in your mailbox.
The first sentence is fraught with spelling and grammatical errors.
If that’s not enough of a clue, the message is entirely vague and almost nonsensical.
They give you a link to click to “verify” your account. Don’t ever do that! If you click it, you will be taken to a ghosted PayPal site – a fraudulent site that looks like, but is not, PayPal. When you enter your account information on that fraudulent site, you are handing your PayPal account over to the criminals.
Sadly, you can’t stop these creeps from obtaining your email address and spoofing, but you can stop them from filling up your email box.
Check the Source Code
Every email program has an option to view the source code. In my program it is at the top right of the email screen and looks like this:
Sometimes you have to hunt to find the “view source” option. Don’t give up! I have to scroll all the way to the bottom of the list to click on the “View Source” option.
Once you do that, you will see the email message in its raw state, and you can determine where it originated.
In line three of the source code for this message, it was clear that it originated from “masterhost.ru.” Yup, it came from somewhere inside Russia. The actual account from which it was generated is masked, but now you know one place to start in order to block the spoofers.
Block the Domain
Every email program I’ve ever used has the option to block senders and block domains. You’ll have to hunt around in your email program to find it, but once you do, simply add “*@masterhost.ru” to the blocked list and you will no longer receive emails from any accounts related to that server. The “*@” is shorthand for “any name at.” This means that if the sender is “Spoofer1” or “spoofer45” it won’t matter. All that counts is the “masterhost.ru” part.
It is up to each of us, individually, to keep the spoofers at bay, so that we can all enjoy email, social media, and electronic business without fear. It can be time consuming to dig into the code and add email addresses to our blocked list, but the peace of mind it brings is worth the while.