Spammers use email 'from' field to evade filters

News by Dan Raywood

Spammers are evading filters by using email 'from' fields.

Spammers are evading filters by using email ‘from' fields.


Mary Ermitano, anti-spam research engineer at Trend Micro, has discovered a new technique being used by cybercriminals to get past anti-virus and anti-spam filters.


She revealed that the Trend Micro content security team had received samples of spammed email messages with typical spam email announcements: the recipient has won a huge amount of money in a lottery. Except the difference this time is that the scammers placed the fraudulent content in the ‘from' field and not in the ‘subject' or in the message body itself.


Ermitano said: “Scam messages that purport to be from banks, government institutions, or even from certain individuals circulate the web. Email messages where recipients are told that they have won a prize or are asked for donations would already be familiar to most web users. Scammers, however, show no signs of slowing down using this technique.


Trend Micro claimed that using the ‘from' field is a common content found in scam messages. Spam filters may already be blocking messages when similar content is detected in ‘subject' fields and in message bodies, but not in ‘from' fields.


Ermitano said: “Because it still is able to get the message across, these messages may still lure recipients into contacting the spammers through email addresses and phone numbers which are also given in the same email message. Rewards and cash prizes that seem too good to be true probably are.”


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews