Joe-Job

When Joe Job is referred emails with fake sender addresses that refer to a person or institution that is supposed to discredit it. Frequently, these are so -called spam but equally effective are most inflammatory racist or offensive content.

The name derives was Joe Doll. The American was established in March 1997 as one of the first victims of such Rufschädigungskampagne. The history was that a recipient of his service had a mail forward on joes.com used for sending spam. Then, the forward has been blocked. However, from anger he sent spam to the sender of Joe Doll. Because of the attack Joe's Cyber ​​Post was not reachable for ten days.

Operation

E -mails are transmitted to the SMTP protocol in which all information such as sender, subject and reply address are in the header. This information is not verified, the developer had assumed a cooperative environment and have no security mechanisms are installed. Any indication of bad data is therefore referred to as e- mail spoofing.

If the sender address of a mass mailing accompanied by a valid email address are diverse - in itself very meaningful - protection mechanisms of the e -mail system to a threat of the owner of the e- mail address. So mail server usually send a reply e-mail if the recipient is unknown or his mailbox is full. The flood of response messages, the Internet connection of the person concerned a heavy burden and mailbox flooding, overlooked so that important e -mail, is also provided from deleted or rejected due to overcrowding of the mailbox. These problems, however, have defused with broadband connections and large mailboxes with storage capacities in the gigabyte range somewhat.

Furthermore detect anti-spam systems, the flood of e- mails as spam, and it may happen that the e -mail address and / or domain are classified as spam source. Since Joe jobs have become quite common, but this is often not done.

A third important effect is the human factor: most computer users are not aware of the fact that the sender who is registered in an e -mail, can be replaced by any entries. There will be a flood of angry reactions, which deceives both the sender and the receiver of the answers to life. In addition, the spam filter of the receiver can not filter spam these senseless personal e -mails.

In addition, in exceptional cases, revenge, criminal complaints and warnings. Thus, for example, promotional e- mails constitute unfair competition and be warned of competitors. Diatribes may violate applicable law, the copyright will be prosecuted and falsely registered as the sender sees quickly confronted with a display. Meanwhile, the knowledge of such mechanisms is advanced into the German courts, so no need to expect a conviction. It remains the trouble and effort to ward off such things.

When fax Joejob it behaves similarly. It creates supposed Werbefaxe and sent anonymously. The seemingly by fax advertiser is called, was cited and displayed by angry recipients. Each fax can be sent anonymously, so that the author can only be determined by grabber.

Related attacks

The Joe Job is defined as having a revenge component, in other words, it is used specifically to annoy someone. The same technique is, however, also used by spammers to easily hide their identity. The incorrect address is primarily used to not be a victim of the many returns. To do this, however, could enter any nonsense, what has been done and is. However, since spam filters began to undergo sender addresses various tests ( correct syntax, existence of the domain ), the spammers had to enter valid addresses. To this end, they just use valid addresses from their address lists.

This form of sender spoofing is far more common and is also often referred to as Joe - job.

Countermeasures

The easiest and safest way to ward off such attacks is the use of forwards. These are e- mail addresses that forward to other addresses. If an attack on a forward, it will be deactivated and replaced by a new one. Disadvantage is that all acquaintances who know the old forward, now need to be notified and have to change their address.

You can also sit out an assault course. If you have a DSL connection, the download of hundreds of emails is bearable, and an adaptive spam filter that come these days with all mail clients helps in filtering the returns.

Many methods for sender authentication, in particular through the use of cryptography, but also the use of whitelists pry Joe - jobs out. However, they are quite expensive and often not suitable for a private e -mail.

Administrators should provide their mail server with a spam filter, spam e -mails sorted out and extinguished before the automated response over a nonexistent account or a full mailbox is created. However, this is often not the case.