1. Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Phishing Question

Discussion in 'Networking & Security' started by Guitarrassdeamor, Oct 26, 2012.

  1. Guitarrassdeamor

    Guitarrassdeamor

    Joined:
    Oct 12, 2008
    Messages:
    1,029 (0.47/day)
    Thanks Received:
    293
    Location:
    NC
    A coworker received a phishing email linking to some site that was sent from a company email. However, this email is not an actual email, but rather a group (so send the email to the group and it forwards to members of the group). I know that this is easily done by masking your email or creating an email that looks the same but is a character off..however how does one spoof an exact email clone from an account that isn't really an account? I know for Gmail for instance you have to verify you own that account before you can mask yourself for it, and I would assume it is like that for other email accounts on the web as well.
     
  2. Kreij

    Kreij Senior Monkey Moderator Staff Member

    Joined:
    Feb 6, 2007
    Messages:
    13,881 (4.97/day)
    Thanks Received:
    5,616
    Location:
    Cheeseland (Wisconsin, USA)
    Most spoofed e-mail is just done by changing the From: and Reply To: fields.
    If you look at the message headers you can see where it really came from.

    Unfortunately, most mail servers look at these fields and send you (the one being spoofed) the error response (ie. no such user, etc.)

    Thankfully, ISPs have gotten a lot better about not blacklisting domains based on those fields and instead look at the originating IP address(es).
     
  3. Guitarrassdeamor

    Guitarrassdeamor

    Joined:
    Oct 12, 2008
    Messages:
    1,029 (0.47/day)
    Thanks Received:
    293
    Location:
    NC
    Well see, when I looked at it, it didn't say it came from anywhere else which is what got me.
     

Currently Active Users Viewing This Thread: 1 (0 members and 1 guest)

Share This Page