Caslon Analytics elephant logo title for Forgery profile
home | about | site use | resources | publications | timeline   spacer graphic   Ketupa







art forgery












Aust law

other law




related pages icon

Security &



& Trust


related pages icon



section heading icon     Email

This page considers email forgery.

It covers -

It supplements other pages on this site, in particular the more detailed discussion of spam, identity pollution, messaging and computer forensics.

section marker     introduction

Arguably the forgery most likely to be encountered by people in advanced economies on day by day basis is forgery of email addresses.

Some people have first encountered identity theft through appropriation of their email address or instant messaging service name, with a spammer for example using a name that appears on the web (on a personal or corporate site or in a web newsgroup archive) as a false identity in messages to people across the globe.

That theft is of concern because most of the online population has yet to recognise that email addresses are readily forged and thus assume that the owner of a stolen address has either authorised the message or has failed to maintain effective anti-virus protection and thereby allowed a spammer to propagate messages from a 'zombie' machine.

Appropriation of an address or online name is also of concern because it may result in blockage of legitimate communications from the owner of that name, in some instances forcing the unfortunate owner to acquire a new name. Some observers have criticised vigilante online spam filters for simply blocking names without proper investigation.

Name appropriation is not restricted to email addresses. Contacts in China have lamented that their online names in messaging services such as QQ and their avatars in gaming or other social networking spaces have been stolen, typically through surveillance while using a cybercafe. That theft poisons their online identity - the owner typically abandons the name/avatar - and can imperil online relationships.

     joe jobs

One of the more obscure forms of online identity theft is an update of traditional political, personal or corporate smears, which saw an opponent disseminate a letter or statement supposedly authored by an entity to be discredited. Such communications in paper formats included fictitious acknowledgements of sexual or financial impropriety (eg US presidential candidates 'confessing' to children out of wedlock or across the colour barrier), endorsement of unpopular causes such as the Communist Party or fake attacks on popular causes. They have been characterised as 'identity pollution' or as 'joe jobs'.

In the online environment 'joe jobs' as part of the digital intifada or US 'culture wars' have included email messages that purport to come from figures such as Noam Chomsky, Hillary Clinton and Arial Sharon or from entities such as the Israeli government, Procter & Gamble, the ACLU or World Bank. In 2005 a fake media release outing Scottish Executive minister Malcolm Chisholm (supposedly announcing that he wanted to end "speculation" about his sexuality and that he was "gay and in love") was emailed to the media.

The intention of such forgeries is generally to gain media attention (eg encourage journalists to report a "widely circulated rumour"), erode a reputation, reinforce negative perceptions of the subject and provoke email responses (eg counter messages that flood the real inbox or result in blacklisting of messages from the owner of the name).

section marker     responses

Responses to email forgery have taken several forms, depending on the expertise of stakeholders and the type of forgery.

Those responses include -

  • acceptance
  • scepticism
  • prohibition
  • a search for technological solutions

As noted above, it is clear that many recipients of email accept the genuineness of illicit messages, whether because they lack a frame of reference for determining authenticity or because the content of a message caters to their preconceptions. Uncritical acceptance of fake texts (and attachments) and message identifiers is likely to decline slowly in coming years but many people will presumably trust the message - or blame the supposed sender - unless there is something clearly very wrong with the email.

Other recipients are more sceptical, whether by nature or through awareness of some of the more egregious abuses. They will tend to seek confirmation of statements in the body of email and attachments, in some instances actively drawing attention to particular joe jobs and other frauds. Others will simply commiserate with those whose email address has been hijacked and whose good name is being eroded.

Governments have tended not to specifically prohibit email forgery, usually considered to be adequately addressed through the statute and common law highlighted in later pages of this note.

The main exception has been specific provisions in some spam and online censorship enactments, for example criminalisation of email address forgery in the US under the CAN SPAM Act and restrictions under the Australian Spam Act 2003. In discussing the US spam regulation regime we have noted cases such as the 2004 conviction in Virginia of Jeremy Jaynes for sending spam with forged headers via servers located in that state.

section marker     primers

For the technically inclined there is a valuable introduction at StopSpam regarding address forgery.

The messaging profile elsewhere on this site features pointers to works on the mechanics of email and webmail.

icon for link to next page   next page  (forensics)

this site
the web



version of February 2007
© Bruce Arnold | caslon analytics