Wait a second....I didn't send that!

Have you been a victim of backscattering?

Have you ever received a 'return to sender' email that indicated your email message couldn't be delivered, but you never actually sent the original message? If so, you've been backscattered!! Depending on which study you look at, 80-90% of all email can be classified as spam. The defense against these unsolicited messages has increased, and in turn, so have the savvy methods of the spammers that send them.

In order for a spammer to get spam past the latest spam filters, they have found new ways to get their messages delivered. That's where backscatter happens. If your email address is published anywhere on the Internet, then you are a prime candidate for this rising trend. Since today's spam filters are very sophisticated and will reject messages sent from phony domains, spammers have started to find ways around this by sending from your legitimate email address, which they've harvested from the Internet.

Using your email address found on the web and sending spam "from" that return email address is how this all starts. Then, if the email is not deliverable, the bounce back message is delivered to you even though you didn't actually send the message. These return emails are often from automated "Out of Office reply messages", old email addresses that are no longer active, or email accounts that require verification prior to delivering a message.

It is estimated that backscatter is only 2-3% of all spam, but it can still cause major issues for businesses. At the very least, it's a few dozen emails in your inbox that causes a disruption and can cause a user to worry that their computer has been infected or hacked. But at its worst, if the attack is severe, backscatter can bring a server down from the high traffic it creates.

Though it is difficult to eliminate backscatter completely, there are steps that can be taken to minimize the risks involved. One proactive step you can take is to ensure that your mail server is configured to reject these spam messages rather than simply bounce them back. If you are unsure if your business is set up to appropriately to reduce your risk, contact Network-IT to learn more.