I do quite a bit of outbound emailing, with the majority of my emails focused on domain name acquisitions. I have tried to buy thousands of domain names, and there were emails sent to thousands of email addresses. I have also tried to sell many domain names, and I have emailed thousands of people over the years. One thing we need to be careful of is the outbound rebound with malware.
I was looking through my spam folder today, and I saw something that made me sit up a bit on my barstool. The email was a reply to an outbound purchase offer I sent a couple of years ago. These are always exciting because it often means the domain registrant has decided it is the time to sell the domain name, and he or she is letting all prior interested parties know.
As soon as I opened the email, though, I realize why my email provider had flagged the message as spam. The message implored me to see an attached file rather than letting me know the domain name is now available. The file was a .Zip file called “compensation” or something along those lines.
While the email and file attachment would have been suspicious to me even if my email provider did not market it as spam, it was helpful to be given this head’s up. If the email was a bit more nuanced – or if the file was more aptly named – it may have gotten through my spam filter. At that point, it would have been up to me to decide whether or not it was worth opening the file.
My spam filter is pretty strong, and I see emails like this all the time. More often than not, the email sent to me is a fresh email rather than a reply to an email I sent, so it is pretty clear the email is spam at best or malware at worse. Since most domain investors send and receive a lot of emails, I think we are all susceptible to receiving these types of rebound emails with malware. They can be especially tricky when it comes in reply to an interesting email chain. It is important to keep vigilant.
One of the great benefits of using Linux as the OS of choice is that, even if the filters fail to stop such an email from getting through (a rarity) there is no real threat to my PC. AV and malware resistance is built into the Linux kernel.
The only real risk would exist if I were stupid or malevolent enough to forward it on to a non-FOSS user.
Any emails with attachments that I don’t know, I just delete them and move on.
If it is important, I just email back to the recipient and request more info.
Plain and simple.