Computer Related > An Email from me to me Computing Issues
Thread Author: zippy Replies: 5
View Threaded 

New Wed 18 Sep 24 21:04 
 An Email from me to me - zippy
I have received an email to my hotmail account which is from me (well the same email address anyway).

It's a rather nasty scam email but I was wondering how they get it to look like it was from me?
Reply to this message | Report message
       
New Wed 18 Sep 24 22:01 
 An Email from me to me - Zero
Its called "spoofing", if you try to reply you will see it goes to another address.
Reply to this message | Report message
       
New Wed 18 Sep 24 22:03 
 An Email from me to me - Kevin
Because some email clients allow you to put anything you want into the 'From' and 'Reply to' fields in an email and they're easy to script with a list of email addresses.

If you look at the email headers (there should be an option in your email client to show the headers) you will see a sequence of 'Received from some-host-name (xxx.xxx.xxx.xxx)' where the xxx is an IP address. Follow the 'Received From's' backwards until you get to the first in sequence (there may only be 1 or 2) and do 'whois xxx.xxx.xxx.xxx' either from a Powershell command line or Google 'whois lookup' and enter the originating IP address. 99% of the time that will tell you where the email originated and who is the registered owner of that IP address. There should be an email address where you can send 'Abuse' to. Forward the dodgy email to the Abuse address. Alternatively just report it to:

www.ncsc.gov.uk/collection/phishing-scams/report-scam-email
Reply to this message | Report message
       
New Thu 19 Sep 24 12:55 
 An Email from me to me - smokie
I think in some scams they originate from the users own PC (and thus IP) - some virus just causes the machine to send emails to everyone in your address book. Often looks more authentic :-)
Reply to this message | Report message
       
New Thu 19 Sep 24 19:54 
 An Email from me to me - Kevin
>I think in some scams they originate from the users own PC (and thus IP)..

If it's a local virus which avoided his malware software then spammy emails are probably the least of his worries. Check the headers, usually easy enough to see.

Zippy's case is typical of amateur script kiddies who have got hold of a list of email addresses and open email relays to send out their spam. Using the recipients own email address as the source is easy and helps to bypass some basic filters and adds a bit of confusion for the 99% who aren't aware of the header trail. The poorly configured email relay is invariably hosted by a foreign educational establishment or low tier ISP.

Forwarding the spam email to the Abuse contact is a heads-up to whoever is responsible for their email configuration that they need to tighten up. It's just a bit of courtesy to what may be unsuspecting admins because continued abuse can result in their IP address range being blacklisted by the major network operators.
Reply to this message | Report message
       
New Thu 19 Sep 24 20:55 
 An Email from me to me - Bromptonaut
The Quango was abolished in 2013. Afterwards there was a group of ex staff and appointed Members using their personal or successor work emails to exchange seasonal greetings, organise get togethers and, occasionally, discuss matters of interest.

Some outfit, c2018, got the email address list.

Ever since we're periodically bombarded with emails linking to purported albums of pictures from folks who were in that cohort.

It's no more than a PItA but every now and then there'll be a burst of messages.
Reply to this message | Report message
       
Latest Forum Posts