RE: question on spoofed email

From: Williams, Larry (Larry.Williams@fiserv.com)
Date: 04/26/02


Date: Fri, 26 Apr 2002 14:31:56 -0500
From: "Williams, Larry" <Larry.Williams@fiserv.com>
To: "'John P. Leonard'" <jleonard@laporte.com>, "security-basics@securityfocus.com" <security-basics@securityfocus.com>

First assumption is that your email address is in a spam list several times. Second, the message was sent before the author was finished.

Check the header of the message for any clues as to the originator. Use tools like Sam Spade, if necessary, to help decipher the header and locate the source.

-----Original Message-----
From: John P. Leonard
Sent: Friday, April 26, 2002 11:30
Subject: question on spoofed email

I have received several e-mails from my own email address with the subject line as follows:

Dear jleonard , as you reguested...

There is nothing in the body of the message and there are no attachments.

I did not originate these messages. Has anyone else seen this? Any suggestions?

Thanks,

John



Relevant Pages

  • Re: is it possible??
    ... whether the client chooses to use the "Reply" function in the ... news reader software. ... when two or more messages have the same header, ... originator of the thread. ...
    (microsoft.public.pocketpc)
  • Re: How do they blank out IP addresses etc?
    ... >I received this HTML mail from a hotmail user but I've changed my email ... and the originator to yyyy. ... This is not the full header. ...
    (comp.security.misc)
  • Re: Who am I?
    ... 2003/11/12, 21:57, Gregory L. Hansen: ... in trn source, I see: ... That's the only place where a "Originator:" header is written. ...
    (comp.unix.questions)
  • Re: Getting burned out working on a piece
    ... when I saw the originator and the header, I was sure it was going ... to be about sheep. ... Prev by Date: ...
    (rec.music.makers.guitar.acoustic)
  • Re: W32.Swen.A@mm worm
    ... clearly from a spoofed email contains this virus. ... The subject header is "Current Net Patch" ...
    (microsoft.public.security.virus)