Why spammers send “from” your email address

Someone asked me recently why spammers often use other people’s addresses in the “From:” field of their spams. They asked “what’s the payoff for the spammer in doing that?” Here’s the answer.

Spammers like to use real email addresses (but not their own!) for several reasons.

  • Emails apparently from a real address are less likely to be identified as spammy. Obviously if the spammer used his or her own address, it would quickly cause emails from that address to be blocked. Made-up sender addresses are fairly easy for humans to spot; a recipient is more likely to read an email from an apparently real sender.
  • The backscatter (such as bounce messages or angry responses from spam recipients) will go to the apparent sender, not to the spammer. From the spammer’s point of view this is good, because the spammer has no interest at all in the backscatter.
  • The backscatter is distributed amongst all the fake senders. That’s good for the spammer for two reasons: If all the back scatter were going back to the spammer, it would be an easy thing to follow it and identify the spamming account and act against it. If all the backscatter were going to anyone else, that person would be more likely to take action against the spammer.
  • Most bounce messages include the entire original message, so the spammer gets two bites at the cherry – the spam may have failed to reach the intended recipient, but the bounce message has gone to a real address where maybe it will be read and acted upon.

Because spammers now routinely use other people’s addresses as the sending addresses, getting mad at the apparent sender is pointless. The apparent sender is almost certainly not the actual sender. If you send emails to the apparent senders (or worse, set up automated replies to them!) you are just making the problem worse, especially for the almost certainly innocent apparent sender.

Leave a Reply

Your email address will not be published. Required fields are marked *