The emails I didn’t send you: Spam, Spoofing & Protection

I am writing this post in case you received a strange, unsolicited email seemingly from this domain. It wasn’t me who sent the email, and it didn’t really come from this website.

The spoofing does not affect anyone browsing this website, commenting or contacting me. So there’s no need to worry on that account

What is Spoofing

Spoofing is when (innocent, legit) domain names are used as a cover for spam, hiding the real sender’s identity, without the domain owner’s knowledge or approval.

I have taken steps to secure my domain name from these attackers (listed below), but unfortunately there isn’t a whole lot I can do, and I know of no way to stop it completely. I deeply regret the harassment, and am embarrassed to be exploited like this. It’s a horrible feeling knowing people associate me and my studio with these attacks. I truly hope my integrity and reputation will not be hurt.

Spoofing featured

Don’t click the link! Don’t open the file!

I have been getting these emails myself, they could be job offers, “hi I’d like to be your friend”, fake receipts, invoices, etc.

The fake email will usually have a link in it, or a file attached. If you do not open the file, and do not click the link, you cannot be harmed (as far as I know!).

If the message has a link, a good way to tell the message is not real, is to hover over the link – then you can see the address it leads to isn’t the same as the sender’s domain

What can be done if your domain is used?

I am far from being an expert in the field, but had to learn about it, unfortunately. As far as I know, there is no way to stop the spamming 100%. I am listing here steps I understand to be important for protection, hopefully it can save someone hours of searching and mind-boggling confusion.

SPF + DKIM

These are both email authentication codes, easy to configure in cPanel.
In cPanel > Email section > Authentication > Enable both DKIM and SPF
If you scroll down, under All Entry (All) > check the checkbox.
I cannot find the specific article which helped me, but I understood it’s important to check the “All” box.

DMARC

DMARC records are (in my understanding and layman terms) lists of safe, registered domains. The hope is that one day all “safe” domains will be recorded in this method. All explanations of DMARC are very technical and include frightening diagrams (IMHO). Try this article:
https://blog.returnpath.com/how-to-explain-dmarc-in-plain-english/

Understanding how to configure it was very confusing as well. This article was the most useful for me:
http://www.inmotionhosting.com/support/email/fighting-spam/dmarc-setup
Please note: in the comments, it is suggested not to use the quotation marks, so I excluded them, and it worked for me.

There are 3 possibilities: Quarantine, Reject, None. I couldn’t find a good explanation of what they mean, I went with Reject.

Check that your DMARC record is registered: List of links and tools: https://dmarc.org/resources/deployment-tools/

Check blacklists

Just to make sure your domain isn’t blacklisted. I used this site: http://www.blacklistalert.org/

WordPress – Comments & Contact forms

I also took some further steps to filter spam coming from my contact form and spam comments to the website

Akismet

Akismet is a WordPress plugin which filters spam from comments and contact forms. I still have no idea what it does exactly, but I know it’s good to have: https://akismet.com/

ReCaptcha

ReCaptcha is Google’s new Captcha tool, I’m sure you’ve seen it by now, the “I’m not a robot” checkbox. It uses some kind of smart algorithm to make sure you are not a spam/hacker bot, but a real living breathing human: https://www.google.com/recaptcha/intro/index.html

Style-wise, it isn’t very customizable. It only has big/small, light/dark configurable features.

** Update: April 3rd, 2017 – SSL **

SSL Certificate

SSL = Secure Sockets Layer

Also TLS = Transport Layer Security

SSL is what adds the S to the https prefix in addresses, meaning they are secure sites, often times with a green bar, or green lock icon. (Look up at the address bar, see the green lock?).
Basically, to my understanding, when you go to a website, your browser and the server which hosts the website, talk to each other, exchanging information. SSL creates an encrypted connection between them, so the info they exchange (like a credit card number, home address, phone number) remains private.

It’s a certificate you can purchase to secure your site. There are different levels, at different prices. I got mine at Namecheap, where I have my domain name. They offer Comodo SSL certificates: https://www.namecheap.com/security/ssl-certificates/comodo.aspx

I chose what is called Essential SSL. Since there is no online shop on this site, and I do not handle sensitive credit card information or any other personal information (just email addresses for the newsletter).

**

That’s it, this should all help. If you have any information to contribute, or any comment or correction on what I wrote, please let me know.
Good luck & stay safe!

Leave a Reply

Your email address will not be published. Required fields are marked *