Have you received an email advertising a cybersecurity subscription or smart ring that appears to come from GSMArena.com? We didn’t send that email – it came from a spam service pretending to be us.
Several T-online.de users reached out to us to report spam emails, which prompted us to address the issue. To be clear, we have nothing to do with the email or cyber security thing they advertise. Some spam emails look like this:
This is what some spam emails look like
If you have received a spam email like the one seen above, you should contact your email provider’s support team and let them know about the problem.
Spammers are copying our email addresses – this means they are falsely setting GSMArena.com as the email sender. In particular, the email looks like it comes from tpjdlgcj@gsmarena.com, but it is not an active account on our servers (the random jumble of letters is apparently generated at random). Instead the emails are coming from IP addresses belonging to Microsoft and Oracle’s cloud networks (52.103.140.27 and 92.5.13.127), and neither are part of our infrastructure. These are probably cloud hosts used by spammers.
This is an old trick and modern spam filters should generally block emails like this. We tried to contact the provider to explain the situation, but we have not yet received an adequate response. There isn’t much we can do on our end to stop this spam, as it is enabled by the inadequate policies of email providers.
There are established tools in place to fight domain spoofing that spammers are using. Without going into too many technical details, a reverse DNS check will reveal that the sender’s IP address is not authorized to send emails on behalf of GSMArena.com, which is a major red flag. Additional tools such as SPF, DKIM, and DMARC can similarly identify spam emails that use spoofing. For our part, we have set our SPF policy to “hardfail”, which signals to email providers that any email not sent from our servers should be considered fraudulent.