Email Spoofing crime

[Razzy]

I live in Washington state. A spoofed email (faked). Was sent that had someone's real email address, not the person who actually sent it. The real person did not send the email. The email contained no threats, no attachments, no web links, it did not attempt to get personal or financial information. It was worded to make it look like the real addresser was complaining about the organization and telling people it was time for a change in leaders. It was signed with just a first name. The first name of the user that has the real email address that was used. The email was received by numerous folks that reside in Washington State. It has been suggested that this is criminal impersonation by the sender (if they ever figure out who did it). The header of the email shows it actually came from a European location. Has an actual crime been committed if not threats, phishing, or attempts at criminally gain access to people accounts?

 

[army judge]

I live in Washington state. A spoofed email (faked). Was sent that had someone's real email address, not the person who actually sent it. The real person did not send the email. The email contained no threats, no attachments, no web links, it did not attempt to get personal or financial information. It was worded to make it look like the real addresser was complaining about the organization and telling people it was time for a change in leaders. It was signed with just a first name. The first name of the user that has the real email address that was used. The email was received by numerous folks that reside in Washington State. It has been suggested that this is criminal impersonation by the sender (if they ever figure out who did it). The header of the email shows it actually came from a European location. Has an actual crime been committed if not threats, phishing, or attempts at criminally gain access to people accounts?

Crime or not, nothing will happen to the alleged miscreant if he or she resides on another continent.

That said, laws may have been broken.

Laws are broken everyday, and the miscreants never get caught.

If the incident concerns you, report it to the FBI, US Secret Service, your county sheriff, your local police agency, (perhaps your state police agency), your county district attorney, your state attorney general, the US Attorney General, your city, county, state, and federal elected officials.

If it is a crime, there's NOTHING that anyone can tell you (myself included) that you didn't already know.

There's no remedy here, assuming a remedy exists.

Good luck.

 

[Michael Wechsler]

Technically a crime has likely been committed but, as the army judge says, it is even more likely that nothing will happen. Jurisdiction is only one issue which may prevent anything from being done. In many cases, the smarter spoofers will use a proxy - a middleman - which will mask the true identity of the sender. So the IP address that you are seeing is the middleman, not the originator, which could be a legitimate business or an unsuspecting person's computer that has been breached and may have a virus on it. It's possible that by the time that anyone could even react to be able to serve notice, traces of the act are gone. The effort needed to be made to discover the sender's identity would be extraordinary, reserved only for those cases where significant abuse exists, e.g. multimillion dollar stock manipulation schemes, etc. I hope that things will change to make email senders more responsible but that would require a major change to infrastructure. Will take a while if that happens. For now, don't worry about it and pick the important battles to fight.