My first thought is "you can telephone if you want, but email's ok too. But if you email, send a ~fresh~ email, addressing it from your own address book". Don't use the Reply function, because the spoofer can set the reply-to option.
I once got a plea for emergency funds from an aunt, supposedly vacationing in Portugal and needing money for a friend's operation there. Unlike so many spoofs, this one was fairly literate. I didn't really believe it, though, because it lacked the personal endearments I would have expected from her, and (always a solid clue) the text included no dates. I almost replied, asking "is this you?". Instead I started a fresh email, and only then noticed that it came not from [email protected] but [email protected] - a single transposed pair of letters that I didn't notice at first glance. (That's not the actual address, but done like that.) I guess if there's a real fear that the friend's account has been hijacked, an email to that account may not prove anything. ("Nobody here but us chickens!") But in many cases, as others here have pointed out, the account wasn't hijacked, it was merely spoofed. --- Bob Bridges, [email protected], cell 336 382-7313 /* I much prefer life under the U.S. Government to life under the brutal Chinese regime, because many of our freedoms have, after all, survived the U.S. Government's efforts to whittle them away. But this is not to say that we owe those freedoms to our government.... -Joseph Sobran, 2001-04-03 */ -----Original Message----- From: IBM Mainframe Discussion List [mailto:[email protected]] On Behalf Of Charles Mills Sent: Sunday, September 20, 2020 14:13 The general rule is "don't open attachments that you were not expecting." If in doubt, telephone -- do not e-mail -- the sender and ask if he or she actually sent it. -----Original Message----- From: Tony Brown Sent: Sunday, September 20, 2020 8:00 AM Please be advised: My email account was hacked while I was on vacation last week. Generated from my email address were two variations of emails with subjects of "Proof of Payment" or "Receipt of Payment" each containing an "html" attachment. If you receive either of these emails, please delete without opening the attachment. Apparently, there are a number of variations of this "hack" being circulated with some type of reference to "payment" and/or "invoice"; please be cautious with any similar emails that you receive. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
