Ask the Expert

How can 419 scam emails and backscatter spam be stopped?

I am a victim of a 419 scammer who is forging my private email address in the return path, and I am receiving all of the rejection messages. Every time that I get that address blocked, though, the spammers change it. Is there really nothing that I can do about this? I have the spammer's IP address and have given it to my email service provider.

    Requires Free Membership to View

This type of attack is called backscatter spam, which occurs when email servers receiving spam send bounce messages to an innocent party. Unfortunately there is no simple or easy way to deal with the problem.

For the short term, set up a filter to move any bounce messages to another folder, like your spam folder or possibly trash. Filtering out phrases like "failed delivery" or "Delivery Status Notification" should help reduce the unwanted clutter in your inbox. Usually backscatter drops off quickly. However, it is possible for the spam to go on for quite some time.

For long-term solutions, consider using another email address. Specifically, look into setting up an email service with Sender Policy Framework (SPF), an open standard that offers a technical method to ensure that incoming messages have originated from the proper domain. That verification can drastically reduce the amount of backscatter you receive.

As a final bit of advice, and I know this is obvious, don't fall victim to 419 fraud. Many times people feel violated when they do. It helps to know, though, that there are people who turn the tables on 419 scammers. Check out 419 eater for a good cathartic laugh.

More information:

  • A SearchSecurity.com reader asks Michael Cobb, "Why is backscatter spam so difficult to block?"
  • Learn how to block instant messaging spam.
  • This was first published in January 2009

    There are Comments. Add yours.

     
    TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

    REGISTER or login:

    Forgot Password?
    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
    Sort by: OldestNewest

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to: