Joe job
As Joe Job is called e-mails with fake sender that a person or institution refer to be discredited it. This is often so-called spam , but hate speech with racist or offensive content is just as effective .
It was named after Joe Doll . The American was one of the first victims of such a reputational campaign in March 1997. The story was that a user of his service had used a mail-forward on joes.com to send spam. Thereupon the forward was blocked. Out of anger, however, he sent spam using Joe Doll's sender. Because of the attack, Joe's Cyberpost was unavailable for ten days.
functionality
E-mails are the SMTP - protocol transfer all the information in which, as sender , subject stand and reply address in the header. This information is not checked, the developers assumed a cooperative environment and did not incorporate any security mechanisms. Any provision of incorrect data is therefore called email spoofing .
If the sender address of a bulk mailing is provided with a valid e-mail address, various protective mechanisms of the e-mail system - which are in themselves very useful - become a threat to the owner of the e-mail address. Mail servers usually send a reply mail ( bounce message ) if the recipient is unknown or if his mailbox is full. The flood of reply e-mails can put a heavy load on the person's internet connection and flood the mailbox, so that important e-mails are overlooked, accidentally deleted or rejected because the mailbox is overfilled. However, these problems have somewhat eased with broadband connections and large mailboxes with storage capacities in the gigabyte range.
In addition, spam defense systems recognize the flood of e-mails as spam, and so it can happen that the e-mail address and / or the domain are classified as a source of spam . However, as Joe jobs have become quite common, this is often no longer done.
A third important impact is the human factor: Most computer users are not aware of the fact that the sender entered in an e-mail can be replaced with anything. There is a flurry of angry responses that take time for both the sender and the recipient of the replies. In addition, the recipient's spam filter cannot filter these pointless personal emails as spam.
In exceptional cases, there are also acts of revenge, criminal charges and warnings . Advertising e-mails, for example, can represent unfair competition and receive warnings from competitors . Hate speech can violate applicable laws, the author is liable to prosecution and those wrongly entered as the sender are quickly confronted with a complaint. In the meantime, knowledge of such mechanisms has reached the German courts, so that a conviction is not to be expected. There remains the hassle and hassle of fending off such things.
The fax joe job is similar: faxes advertising a fake sender are sent anonymously. The apparently telefax advertiser is called, warned and reported by angry recipients. Each fax can be sent anonymously, so that the originator can only be identified using the interception circuit or the Malicious Call Identification (MCID) standard switching performance feature .
Related attacks
By definition, the Joe job has a vengeance component, in other words: It is used specifically to annoy someone. However, the same technique is also used by spammers to simply hide their identity. The primary purpose of the wrong address is to avoid falling victim to the many returns. For this, however, you could enter any fantasy sender, which is also done. However, after spam filters began to subject sender addresses to various tests such as correct syntax or the existence of the domain , the spammers had to enter valid addresses. To do this, they simply use valid addresses from their lists.
This form of sender spoofing is far more common and is also often referred to as the joe job.
Countermeasures
Administrators can provide their mail servers with a spam filter that sorts out and deletes spam e-mails before the automated response is generated via a nonexistent account or a full mailbox. However, spam filters are often fraught with residual errors, both false negative (spam passed through) and false positive , i.e. sorted out non-spam, which can be problematic for the user.
A mail server can use DNS to publish an SPF record that specifies the IP addresses from which legitimate mails from its domain may come. If a receiving mail server is configured in such a way that it checks SPF records, it can use this information to discard mails with falsified ( spoofed ) sender addresses.
One way to ward off such attacks is to use forwards. These are email addresses that forward to other addresses. If a forward is attacked, it is deactivated and replaced by a new one. The disadvantage, however, is that all acquaintances who know the old forward now have to be notified and have to change their address book.
Many methods of sender authentication , especially through the use of cryptography , but also the use of whitelists, are effective against Joe jobs. However, they are quite complex and often not suitable for private e-mails.