Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Spoof Emails


  • Please log in to reply
4 replies to this topic

#1 flyingbowtie

flyingbowtie

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:11:01 AM

Posted 22 August 2006 - 11:12 AM

A friend of mine has asked me about this before and I'm not sure what to tell him, so I'm hoping someone here can answer it for us.
If you have a "hotmail' account and you have set the junk mail filter to "Exclusive" so that only emails from your "contacts list" make it to your inbox and yet you still get "spoof emails", what else can you do??
Let me explain what I mean.
Me buddy is an Ebay seller. He started getting spoof emails that appeared to be from Ebay and/or Paypal. I advised him to set his email account to "Exclusive" in an attempt to stop the spoofs. And to NOT click any links inside of the emails. I also advised him to contact Ebay and Paypal to find out what he should and should not do. Which he did. And he has been forwarding the spoofs to Ebay/paypal. But it keeps happening and has him worried about losing money from his Paypal account as well as losing his ID. He says he wants to know who is doing it and how to tell if an email "Header" is forged? (whatever that means)
Thanks for any input!

BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,010 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:12:01 PM

Posted 22 August 2006 - 03:27 PM

Excellent advice to tell him not to click on links in the e-mail :thumbsup: .

If ID theft is a concern, I would suggest that he change his user name and password for his e-mail account, or create a new e-mail account and close the old. Second, he should never have his e-mail visible on a website so that spam-bots cannot get ahold of it. I would also have him contact his bank and account holders to alert them to a possible identity theft if he thinks this has occurred.

In regard to 'forging the header:" hackers and phishers can replace identification information in the header so it appears it is coming from one person when it is actually coming from another. Unfortunately, I have forgotten how to display the full header information, and I never did understand all the numbers etc. The full header contains the information about the paths the mail traveled, so that someone knowledgeable can often figure out the true source of the message. Additionally, some malware programs will target the address books of the infected computer and send spam or spoof mails from that computer. This is a different kind of forgery. And what's worse, that mail will be infected.

For what it is worth, I received a spoof PayPal e-mail, and I didn't even have a PayPal account! I also received a spoof from the I.U. Credit Union: again I have never had an account from them. I think in this case, the spoofer got a hold of a university address book. Some spoofers use the e-mail addresses on a list-serve. That happened in the department I was a student in.

Orange Blossom :flowers:

Edited by Orange Blossom, 22 August 2006 - 03:28 PM.

Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#3 flyingbowtie

flyingbowtie
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:11:01 AM

Posted 22 August 2006 - 10:24 PM

Thanks for the great info. I had read something about not clicking on the links in emails. Well I guess that's all that he can do. BTW, I've also advised him to visit BleepingComputer and become a member of the forums. Thanks again. :thumbsup:

#4 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,010 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:12:01 PM

Posted 23 August 2006 - 12:36 AM

You're welcome and :thumbsup: to BC.

I hope that your friend's identity hasn't been compromised, but it is better to play it safe.

Orange Blossom :flowers:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#5 jgweed

jgweed

  • Members
  • 28,473 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago, Il.
  • Local time:11:01 AM

Posted 23 August 2006 - 11:01 AM

Any filtre cannot recognise the spoofed from the true address. Allowing "Ebay" is therefore allowing anything that appears in the header to come from Ebay, and that includes spam.
With the many "throw-away" free E-mail accounts available, he would be best served by creating one ONLY to be used for his E-bay/Palpal transactions and correspondence, and then filtre out E-bay from his other E-mail account.
Regards,
John
Whereof one cannot speak, thereof one should be silent.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users