Spoof email - need advice!


#1

I received a message submitted on my website email form from someone containing the following:

[begin quote]

From: [XXXXXXXXXX] removed for security
To: toates@pompanolaw.com
Sent: Monday, April 26, 2004 12:13 PM
Subject: Madelaine Chatha

[quote]Carolyn (xxxxxxx@msn.xom) on Monday, April 26, 2004 at 09:13:38

message: i received and email message from the above mentioned person claiming to be from your law firm and under the email address "MadelaineChatha@pompanolaw.com" which was disguised with a Citi bank address. The text of the email actually requested my atm # and pin #. Can you verify that this person works with your law firm?
---------------------------------------------------------->
REMOTE_ADDR: 24.94.127.108
HTTP_USER_AGENT: Mozilla/4.0 (compatible; MSIE 6.0; Windows 98; Win 9x 4.90; FunWebProducts; Roadrunner)"

[/quote]

[end quote]

That email address (MadelaineChatha@pompanolaw.com) does not exist on my domain and would be bounced.

It concerns me that someone claims they received an email like that. My response was to request they send me a copy of the email with the headers intact. Are there any other measures I can take other than forwarding the headers to the proper authorities? Is this a spam email itself that is a vein attempt at personal information? Any advice?


#2

It’s called ‘phishing’, sounds like fishing, which is what it is - baiting the victims with offical-looking e-mail or web pages hoping some unsuspecting recipient will blindly hand over their financial and personal information. The victim that falls prey may very well end up with having their bank account wiped out, credit card maxed out, etc. And of course you may not be aware that the criminal running the scam is claming to be associated with your business until someone is smart enough to ask questions first or has already been victimized and wondering what the hell happened.

:cool: Perl / MySQL / HTML+CSS