next up previous contents
Next: PGP Up: Email (and News) Previous: Email (and News)


Like postal mail, email makes almost no effort to verify that email is coming from where it claims to come from. A computer on the Internet can connect to our computers and claim to be delivering email from any other computer on the Internet. Sending email which lies about its source is called ``forging'' email. The tools to forge email are readily available and don't require much technical sophistication to use.

This means that you must view email you receive with a sceptical eye. If the contents of email are inconsistent with what you would expect, consider the possibility that the email has been forged. If you suspect forgery, contact the sender and check if they really sent the note.

You can try to contact the sender via email. However one way to forge email from a specific person it to break into that person's account and then send it directly from that account. In this case, sending email to that account may not clarify the issue.

In general, it's better to use a non-computer mechanism to confirm questionable email. A simple phone call works well.

Another popular type of forgery is news forgery. As with email, it's very simple to post a news article which appears to come from someplace other than it's true source. Always keep in mind that news articles can be forged.

Del Armstrong
Fri Oct 25 16:31:41 EDT 1996