MENU

Republic of the Philippines
National Police Commission
PHILIPPINE NATIONAL POLICE
ANTI-CYBERCRIME GROUP
Camp BGen Rafael T Crame, Quezon City
E-mail: This email address is being protected from spambots. You need JavaScript enabled to view it.

ACG-CYBER SECURITY BULLETIN NR 211: UNDERSTANDING THE RISK OF MAILER-DAEMON SPAM

Reference Number ACG-CSB 061521211

The following information was obtained from different cyber security sources for notification to all parties concerned pursuant to the mandate of the Philippine National Police Anti-Cybercrime Group (PNP ACG) and classified as “Restricted” pursuant to the PNP Regulation 200-012 on Document Security and Impact Rating as high based on PNP Information Communication Technology (ICT) Security Manual s.2010-01 p. 22 and p.129.

SUMMARY

           Email works like a virtual postal system. When you send a message, it first goes to a server called the mailer-daemon. That server passes the message on to other servers until the message is delivered to the recipient's inbox. When delivery fails, a mailer-daemon error message is generated and sent back to the original sender.

           Email works like a virtual postal system. When you send a message, it first goes to a server called the mailer-daemon. That server passes the message on to other servers until the message is delivered to the recipient's inbox. When delivery fails, a mailer-daemon error message is generated and sent back to the original sender.

         Mailer-daemons do not use the address in the From line to determine an email's sender. Instead, a mailer-daemon uses the email header, which includes a return path containing the sender's address. By forging your address in the email header, spammers can send messages that appear to be from you without having access to your account. If they send an email to an address that no longer exists, you receive mailer-daemon spam.

         Since every email needs to have a sender in the From line, and spammers do not want to use their email addresses, they often look up random addresses in people's contacts to use for phishing and other nefarious purposes.

          If you open an email containing a virus or worm, it can infect your computer and send infected messages to everyone in your address book. Receiving mailer-daemon spam does not necessarily mean you have malware, but there are some precautions you need to take.

RECOMMENDATION

          All PNP personnel as well as the public are advised to follow the tips in order to avoid the risk of MAILER-DAEMON SPAM:

          • Scan your computer and devices for malware. When you scan your computer for malware, make sure you're disconnected from the internet. Then, change all your account passwords when you are done.

         • Report the mailer-daemon spam as junk mail. Most email programs have an option to flag emails as spam. For example, when you report spam in Gmail, Gmail uses the information in the email to block similar messages in the future.

         • Tell your contacts. If you receive mailer-daemon spam, it is possible that some of your contacts received infected emails from you. Let everyone know what happened and tell them to ignore any suspicious messages from your address.

         For additional information, please refer to the following websites:

         • https://www.lifewire.com/mailer-daemon-spam-4135595

POINT OF CONTACT

          Please contact PMAJ ROVELITA ROBIÑOS AGLIPAY Police Community Relations Officer thru e-mail address This email address is being protected from spambots. You need JavaScript enabled to view it. or contact us on telephone number (632)7230401 local 7483 for any inquiries related to this CYBER SECURITY BULLETIN.