A coworker received a phishing email linking to some site that was sent from a company email. However, this email is not an actual email, but rather a group (so send the email to the group and it forwards to members of the group). I know that this is easily done by masking your email or creating an email that looks the same but is a character off..however how does one spoof an exact email clone from an account that isn't really an account? I know for Gmail for instance you have to verify you own that account before you can mask yourself for it, and I would assume it is like that for other email accounts on the web as well.
-
Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.
Phishing Question
- Thread starter Guitar
- Start date
Kreij
Senior Monkey Moderator
- Joined
- Feb 6, 2007
- Messages
- 13,817 (2.20/day)
- Location
- Cheeseland (Wisconsin, USA)
Most spoofed e-mail is just done by changing the From: and Reply To: fields.
If you look at the message headers you can see where it really came from.
Unfortunately, most mail servers look at these fields and send you (the one being spoofed) the error response (ie. no such user, etc.)
Thankfully, ISPs have gotten a lot better about not blacklisting domains based on those fields and instead look at the originating IP address(es).
If you look at the message headers you can see where it really came from.
Unfortunately, most mail servers look at these fields and send you (the one being spoofed) the error response (ie. no such user, etc.)
Thankfully, ISPs have gotten a lot better about not blacklisting domains based on those fields and instead look at the originating IP address(es).