Are Spammers Spoofing Your Newsletter?

Posted by Neil Schwartzman on

Neil Schwartzman
By Neil Schwartzman
Senior Director, Security Strategy, Receiver Services

You may have heard recently about spammers sending out scads of their usual garbage with topical subject lines referring to the Chinese satellite issue, or the terrible storms taking place in Europe. These messages are actually Trojans intending to infect unwitting recipients. This is a typical social engineering trick to garner better open rates, a variance on subject lines like “About the meeting today” or “Dont understand, hope u can help.”

But now, spammers have discovered a new tactic that has serious implications for the sender community. According to Symantec, spammers are now forging email to look like it is coming from the publishers of legitimate newsletters and email streams. Just as phishing has hampered financial services move into email, this type of spam will have serious negative impact on legitimate senders caught up in this deception.

There are a few steps you can take to mitigate any damage:

  1. Set up SPF/Sender ID records for your mailing domains immediately. Sender Score Certified has just published a SPF/Sender ID Deployment Guide, with all the tools you need to do the job properly. Also, setting up DomainKeys — which is used by Yahoo! and Gmail — is advised.
  2. Make sure your bounce addresses are working perfectly, and that someone in your organization is tasked with monitoring the bounce queue and logs on a daily basis. Spammers like to do their mail blasts beginning at 5 p.m. on a Friday to take advantage of lower staffing.
  3. Make sure your desktop’s system software, anti-virus and anti-spyware applications are updated daily, and they scan your disk as often. For more tips on this, visit the Stop Spam Here Campaign.
  4. Review your subject lines and friendly sending addresses. Standardize them to be clear, and properly reflect your content.
  5. Make sure your network administrator has properly listed your sending IPs on the Spamhaus Policy Blocklist.
  6. Use tools like Sender Score Mailbox Monitor, Blacklist Monitor, and Reputation Monitor to keep abreast of how the receiving community regards your email. In particular, watch your complaint rates. A spike in complaint rates could be a sign that your newsletter has been spoofed.
  7. Apply for Sender Score Certified. If you qualify, your email will be accredited for over 240 million mailboxes.


Popular this Month

 3 Trends Impacting Email: Persistent Fraud, Part 2

3 Trends Impacting Email: Persistent Fraud, Part 2

In part one of this three-part series, I examined the evolving landscape of...

Read More

 The Top 16 Topics of 2016

The Top 16 Topics of 2016

2017 is finally here! But before we focus on the year ahead, we wanted to...

Read More

 Think Fighting Email Fraud is Someone Else’s Job? Here’s the Real Cost of Doing Nothing.

Think Fighting Email Fraud is Someone Else’s Job? Here’s the Real Cost of Doing Nothing.

Cyberattacks against your brand can be very damaging and costly to both your...

Read More

Author Image

About Neil Schwartzman

Author Archive

Stay up to date

Enter your name and email address below to subscribe to our mailing list.

Your browser is out of date.
For a better Return Path experience, click a link below to get the latest version.