Attention visitors to A1 Classic Car Parts Finder!  Like us, you may be the victim of a Spammer. Last year (2003), someone began forging our domain name (classiccarpartsfinder.com). The spammer forged the From: and Reply-To: fields of his/her spam messages. The spam in question advertises a variety of products like adult web sites and Viagra.
 
Attention system administrators/spammer victims:  I assure you, and the administrators of your ISP/domain, that we did not send you any spam email. It is very likely that the email in question was spam sent by someone who forged our email address/domain. These messages did not come from us. Someone else is forging our email address and URL to send their SPAM. I first learned about this spammer, and the domain forgery in the fall of 2003.  If you've received a spam message with our domain name in the From: or Reply-To: field, I'd appreciate it if you would file a complaint with the IFCC at:  http://www1.ifccfbi.gov/cf1.asp.  Refer to our IFCC Complaint number:  Complaint number:  I03091721294867.   The Internet Fraud Complaint Center (IFCC) is a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C).  IFCC's mission is to address fraud committed over the Internet. For victims of Internet fraud, IFCC provides a convenient and easy-to-use reporting mechanism that alerts authorities of a suspected criminal or civil violation. For law enforcement and regulatory agencies at all levels, IFCC offers a central repository for complaints related to Internet fraud, works to quantify fraud patterns, and provides timely statistical data of current fraud trends.  Please include a copy of the spam email with the full header intact. The message content and headers are essential in tracking down the individual (s) responsible for forging my email address/domain. We do not want anyone sending SPAM with our name on the message. 
 
Why would a spammer forge header data?: Spammers forge email header data like the From: and Reply-To: lines because they do not want to receive complaints (or complaints to their ISP). They just want your money, and in many cases do not provide the goods or services that are paid for.  Unfortunately email forgery is simple and commonplace. Forgery of email header data makes it nearly impossible for the average email recipient to complain or report spam effectively. If you can't figure out who really sent you the spam, you can't get them shut down. 
 
What we are doing about it: We can't prevent spammers from forging our email address/domain or the spam that they send. We can't conceal our email addresses and only reveal them to trustworthy individuals. Our customers, visitors, and friends need to be able to contact us. All we can do is react when a spammer forges our name/domain on a piece of spam, and try to track them down by reporting them to the IFCC (FBI).   We are doing our best to figure out who is forging our domain/email address and have contacted several ISP's, and system administrators in an effort to find out who was forging my domain/email address. We know how to detect header forgery, how to de-obfuscate encoded URL's, and how to track ISP/web host contact information. We used all the skills at our disposal, to track down the guilty party, and in the end, hope to determine who is responsible for this forgery and identity theft and turn the information over to the IFCC (FBI). 
 
How can you be sure I wasn't responsible for the spam?: Every email sent over the internet contains information called header data. Some of that header data can be forged, some of it cannot. Spammers typically forge a large percentage of their header data. If you receive/have received an email (allegedly from us), I encourage you to examine the full headers. Most email clients (Software) have a 'show full headers' feature/capability. Examine the IP addresses in the header, you will likely find that much of the data is forged, and you will also find that the header data does not point back to us or our mail server (s) (Not our IP address). If you are unsure how to read/interpret the header data, I encourage you to do a little research. You can start by reading a brief tutorial on header data.
 
So what should you do with this spam?: If you've received some of this spammers email. I'd ask you to do two things. First, send an abuse report via email, to the Internet Service Provider (ISP) that relayed the email to your email server/service. I guarantee it's not my email server/service. Secondly, send a copy to the IFCC by filing a complaint at http://www1.ifccfbi.gov/cf1.asp. Please be sure to include the full header. As I stated earlier; the message content and headers are essential in tracking down the individual (s) responsible for forging my email address/domain, and sending the spam.  

What should you do about spam in general?: The simplest thing to do is just delete it. Replying directly to the forged From: or Reply-To: address is ineffective, as either (a) the From: or Reply-To: addresses are forged, or (b) your email address will be used to harvest a list of 'Working email addresses', which the spammer can use to optimize his or her operations, or sell to other spammers.  What else?; Try to avoid loading spam in an HTML capable email client which automatically loads images. Spammers often encode your email address in the URL used to retrieve those images. By examining their web server logs, they can determine if you received the email, and whether you read it. For the same reason, don't click on any links in the email. Doing so will only confirm your email address as 'Live prey'!  If you want to do some detective work, look at SamSpade.org ( who have a very good downloadable tool) or the UNIX Spam combat page, both of which have a collection of online tools for deciphering URLs, tracing website ownership, and researching ISP contact information. But be careful! It's all too easy to point the finger at the wrong person. Spammers try to cover their tracks, and more than one of the email headers will typically be forged.
And obviously, never buy anything from a spammer. You don't really think your credit information is safe with somebody who forges emails for a living, do you? 
 
Authentication and Identification: How do you know we are who we say we are? When communicating via email, we take several measures to authenticate and identify myself. These measures can easily be detected in my email headers, and are extremely difficult to forge. I doubt any spammer would go through the trouble of trying. If you receive an email which is allegedly from us, but doubt it's authenticity, I urge you to forward a copy to us. For information on how to contact A1 Classic Car Parts Finder, Inc. please see our "Contact Us" web page. 
 

The content of this page is both original and parts borrowed from non- copyright web page sources who have had similar problems with Spammers.