Ring! Ring!
Me: I.T. Department, this is Daniel. How can I help you, this morning?
Caller: I’ve been hacked, again.
Me: Again? Can you be a bit more specific?
Caller: Yeah. I’m getting about 30 messages an hour. My previous tech guy called them ‘bounce backs’?
Me: And you did not send those messages, in the first place, right?
Caller: Yeah. You know what I’m talking about.
Me: OK, let’s start with a couple of administrative things, first. What is your name?
Caller: OK. I’m Trey.
Me: Great, Trey. I’m Daniel. So, let’s move on to the next item. How long have you been using this particular e-mail address?
Trey: Like forever. At least 10 years.
Me: And you have used it, everywhere, right? Mailing lists? Login accounts on discussion boards?
Trey: Yeah, I guess so.
Me: OK. MOST LIKELY, you have not been ‘hacked’. You have been ‘spoofed’.
Trey: OK. My previous computer guy used that word, too. He said there is nothing I can do about it.
Me: I understand how frustrating it is. I get those kinds of messages, all the time. Because I’ve got accounts I have been using for decades, as well.
Trey: So, what is a ‘spoof’ and how do I stop it? I’m getting so many e-mails I can’t find the actual messages I need to.
Me: Well a ‘spoof’ is an impersonation. With a few clicks we can reconfigure your e-mail program to say that you are the President of some major corporation. Then you send an e-mail out to a mailing list you have collected for a while. Impersonating that President. So, now anyone who gets that message is likely to open it. And that is when a virus may be installed on your computer. Or, it may be a link to a website filled with malware. Or, it may just be a marketing message to purchase Viagra or something else. It is very hard to stop someone from introducing themselves to a group of strangers as you. Handing out your business cards. That is what this is. Follow?
Trey: OK. But what are these bounce back messages?
Me: That list I mentioned? Those bounce backs are mailboxes that no longer exist. Someone may have hacked a mailing list or a discussion platform and downloaded the list of addresses. Or, they may have purchased a list on the ‘dark web’. These bounce backs are part of why legitimate e-mail lists are so expensive and valuable. The lists get scrubbed, frequently, for dead accounts or mailboxes. Whoever sent the message is probably using an old list.
Trey: Yeah. Alright. So what can I do about it?
Me: Nothing, really, because there is no way to stop people form impersonating you. But you CAN set up two new accounts. Use one for important e-mails from like your bank, your customers, your vendors and partners. Then use the other for signing up for potential spam content, like newsletters, freebies, etc. At the very least, use an alias for those things on the same e-mail account. That way you can filter based upon the ‘sent-to’ address for what is valid and then take your time finding the diamonds amongst the coal in the filtered messages. As for what you have, now? Look at those messages, find a phrase that is common in them. Then search for that phrase and delete those that have that phrase in groups. Most e-mail programs have this ability.
Trey: That sounds complicated.
Me: Then call your computer guy in to help set this up for you.
Trey: Can’t you do it for me?
Me: I can. But let me ask you this … did your computer guy do anything wrong? Did he give you bad advice? Or partial advice just to get a service call out of you?
Trey: No. I don’t think so.
Me: Did he tell you to any of the things I’ve told you?
Trey: I think he said some of the same thing.
Me: Then why punish him by taking your business elsewhere?
Trey: Because he did not take the time to explain it the way you did.
Me: OK. That I can appreciate. Let’s start by getting the rest of your information in my system …