Report a SPAM issue.

Hello,

Is there a way to report a spam issue?  We have noticed there are spammers out there trying to email our customers to make payment on behalf of us.  

for example, if our user's email is jsmith@xyz.com, spammers use jsmithxyz@dr.com.  Something like that.

I tried to sign up spamcop but it does not allow me.  

Someone who knows how to handle this please advise.  

Thanks...
nav2567Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Andrew LeniartEE Senior Editor & Independent IT ConsultantCommented:
Spammers will routinely fake your email address(es) on a regular basis (extremely easy to do) and there is no easy way to stop it on behalf of your customers.

The only real solution is to tell your customers to be vigilant and to always check twice before acting on any email. For example, when I send out invoices or emails of a sensitive nature, I include certain information that is known only to my client and myself. If they get an email that is purportedly from me, but it lacks that information, then they immediately know it's not genuine.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Andrew LeniartEE Senior Editor & Independent IT ConsultantCommented:
In so far as reporting, you can do a WhoIs on the domain (dr.com per your example above) and report the domain to the domain registrar. Though this is a good practice, you first need to be sure that the domain hasn't been spoofed (faked) as well and that the emails your customers are receiving aren't phishing emails with links for them to click to go to a fake or malicious website.

There is no easy answer to your question. Advising your customers to subscribe to a good anti-spam service is the only viable solution, and that's a sketchy one at best.
0
btanExec ConsultantCommented:
If I may add on, you have to report to the domain owner (or system that abuse originates) for further investigation because it may or may not be an malicious user but a compromised accounted, unknown to the victim. You can actually try seeking assistance from PublicDomainRegistry Abuse team

https://publicdomainregistry.com/process-for-handling-abuse/

For many domains the contact is postmaster@domain-name, for some it's abuse@domain-name, for some it's something else. But not necessarily request will always be entertained.

Most abusive mail has forged return address information, so the To:, From:, and Reply-To: addresses are not the actual source of the message. You'll need to

- Adjust your mail program to show you the header information on the mail, and

- Look at the first few Received: lines in each message to tell where the message actually came from.

But it is really best efforts and user education as expert shared is paramount. Vigilance can help avoid being next victim. It is not easy but with regularity, you eventually can achieve higher awareness standard even with many reported abuse.
0
The Five Tenets of the Most Secure Backup

Data loss can hit a business in any number of ways. In reality, companies should expect to lose data at some point. The challenge is having a plan to recover from such an event.

masnrockCommented:
Good luck on that one. A lot of the time hacked accounts or forged information is used. Your issue is pretty common, so it turns into an issue around being able to figure out what can truly be tracked and shutdown.

Spam filtering is going to be by far your best solution. We do occasionally take the time to report things in instances where the emails to be genuinely from hacked accounts, or when a service provider's service get leveraged. But note that can be very time consuming, hence why I reduced the practice of doing that. Sure, I got a bunch of domains shut down, including one that was a misspelling of our actual domain.
0
btanExec ConsultantCommented:
For author advice
0
btanExec ConsultantCommented:
No further inputs received.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.