All the TOs, FROMs, who the address is registered to, his/her country of origin etc can be faked. But one thing is for sure - the codes embedded in the email itself, the message the emails takes with it so that it can communicate with the servers in the WWW can NEVER be faked. So if you're suspicious about any emails, open up the message header. There are a lot of information inside but there are only 1 or 2 which you should know.
This is how an email message header looks like (I'm going to comment in RED what to look out for):
Delivered-To:
Received: by 10.204.99.70 with SMTP id t6cs85196bkn;
Wed, 23 Dec 2009 08:11:06 -0800 (PST)
Received: by 10.224.63.219 with SMTP id c27mr5354621qai.168.1261584665242;
Wed, 23 Dec 2009 08:11:05 -0800 (PST)
Return-Path: Return path means reply-to. So the owner of this fake onlinetrackpost@in.com is a Linda Cox
Received: from snt0-omc1-s24.snt0.hotmail.com (snt0-omc1-s24.snt0.hotmail.com [65.55.90.35]) This email was received from Hotmail's server.....what is paypal doing with a Hotmail server??
by mx.google.com with ESMTP id 8si12162417qyk.56.2009.12.23.08.11.04;
Wed, 23 Dec 2009 08:11:05 -0800 (PST)
Received-SPF: pass (google.com: domain of lindacox1957@hotmail.com designates 65.55.90.35 as permitted sender) client-ip=65.55.90.35;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of lindacox1957@hotmail.com designates 65.55.90.35 as permitted sender) smtp.mail=lindacox1957@hotmail.com
Received: from SNT105-W47 ([65.55.90.8]) by snt0-omc1-s24.snt0.hotmail.com with Microsoft SMTPSVC(6.0.3790.3959);
Wed, 23 Dec 2009 08:10:48 -0800
Message-ID:
Return-Path: lindacox1957@hotmail.com
Content-Type: multipart/alternative;
boundary="_a85adced-9f6e-43a3-bea7-96852d6a2f6a_"
X-Originating-IP: [82.128.68.207] Finally to know where this fella is sending his emails from, search for an IP tracker online and put in these numbers. I use www.trustedsource.org and this fella is actually sending me emails from Lagos, Nigeria. Hmmm...such a coincidence - just where the parcel is supposed to go!
From: payPal Service
Sender:
To:
Subject: =?windows-1256?Q?******Noti?= =?windows-1256?Q?fication_O?=
=?windows-1256?Q?f_An_Insta?= =?windows-1256?Q?nt_Payment?=
=?windows-1256?Q?_From_Loga?= =?windows-1256?Q?n_Smith_(l?=
=?windows-1256?Q?ogansmith@?= =?windows-1256?Q?operamail.?=
=?windows-1256?Q?com)=FE=FE=FE?=
Date: Wed, 23 Dec 2009 16:10:47 +0000
Importance: Normal
MIME-Version: 1.0
X-OriginalArrivalTime: 23 Dec 2009 16:10:48.0126 (UTC) FILETIME=[7D4CEDE0:01CA83EA]
--_a85adced-9f6e-43a3-bea7-96852d6a2f6a_
Content-Type: text/plain; charset="windows-1256"
Content-Transfer-Encoding: 8bit
The last few email correspondences between myself and Mr Smith:
okay..thanks ..i mailed paypal and they said your account will be credited in 7-8 day beacuse they are verifying the tracking number.. i have been scammed like this before i don't want to be scammed so i need to be careful..okay get back to me if thats is okay
Thanks
I actually did a check on logansmith@operamail.com - it is registered in California. This could again be either fake or maybe the real Logan Smith's email account has just been hacked. I do not know Opera so I can't say.
So people, be safe! There are too many of them out there! I just receive ANOTHER email today from a Mr Philip Chu (philipchu63@yahoo.com). Exactly the same message I received in my Facebook inbox BUT this time - it's damn funny. It's Christmas eve today and Mr Chu is looking for a Christmas gift for his step brother in Africa! Too many step brothers in Africa man.
Thanks
----- Original Message -----
From: Ann
To: "logan smith"
Subject: Re: very very urgent
Date: Wed, 23 Dec 2009 23:38:53 +0300
Isn't UPS better and more secure? It is a courier company as is DHL. USPS once arrive in Nigeria will be in the care of local post office. I don't want it to go missing and then the trouble later. Mails to Nigeria do go missing you know.
Sent from my iPhone
thanks for the mail... but i said USPS EXPRESS MAIL...why didnt you send it there let me know
----- Original Message -----
From: Ann
To: "logan smith"
Subject: Re: urgent
Date: Thu, 24 Dec 2009 00:23:44 +0800
yes, it is insured and i have mention item as gift. however i need to ensure the money is in my paypal account before i will release the tracking number. i hope you'll understand.
thanks
Ann
On Thu, Dec 24, 2009 at 12:17 AM, logan smith<logansmith@operamail.com> wrote:
thanks but did you insure the item and please get back to me with the tracking number..
thanks
I actually did a check on logansmith@operamail.com - it is registered in California. This could again be either fake or maybe the real Logan Smith's email account has just been hacked. I do not know Opera so I can't say.
So people, be safe! There are too many of them out there! I just receive ANOTHER email today from a Mr Philip Chu (philipchu63@yahoo.com). Exactly the same message I received in my Facebook inbox BUT this time - it's damn funny. It's Christmas eve today and Mr Chu is looking for a Christmas gift for his step brother in Africa! Too many step brothers in Africa man.
| Hi, was guessing for a gift to buy for stept brother of mine who is based in Africa i wiill like to buy a chrismas gift for him , and while browsing , i saw what you have for sale and found it quite nice as a Christmas Gift. Would like to know if its till for sale... hope to hear from you soon.. thanks Can you tell the similarities between Mr Chu and Mr Smith's email?? The subject of Mr Chu's email is electronics. He did not mention where he was browsing and what electronics. And I believe, after seeing this email, that Mr Smith and Mr Chu's email account has been compromised. That's all folks! Merry Christmas again! PS: I'm finally gonna see my MBP tomorrow! :) |
0 comments:
Post a Comment