got a mail from regarding my account being suspanded... intresting thing was the id i got it on doen't have a paypal account int resting thing is how can they send it from @paypal.com is there any hacking trick involved
it's very easy to spoof, anyone can do it.... there are dozens of other posts like this one already, we know...
off the top of my head mail("you@youremail.com", "PayPal Account Suspended", "Blah blah, go to this page and give me all your details", "From: PayPal <update@paypal.com>\n\n"); Will produce an email that seemingly comes from paypal, however a close look @ headers will reveal similar to : Return-path: <xxxx@host.7log3.net> Envelope-to: Delivery-date: Tue, 19 Dec 2006 18:25:26 +0900 Received: from xxxxxxx by host.7log3.net with local (Exim 4.52) id 1GwbDy-0002mv-3k for ; Tue, 19 Dec 2006 18:25:26 +0900 To: Subject: PayPal Account Suspended From: PayPal <update@paypal.com> Message-Id: <E1GwbDy-0002mv-3k@host.7log3.net> Date: Tue, 19 Dec 2006 18:25:26 +0900 However all email headers can also be spoofed
yeah it is, you'll normally find these emails are sent from poorly managed free hosting servers, experienced admin know how to stop people trying to spoof email headers and there are plenty of ways to stop it, but a lot of the time free webhosts consist of a guy with a reseller account and not a lot of anything else ( including any idea about what's going on ), and so phishing sites and spoof emails are born, when you open emails if it ever looks suspicious compare the headers to a mail you have recieved before, if you're still unsure, contact the company whoever they are and send them the message + headers to review, even if it says urgent, they'll be happy to wait while you verify they are who they claim to be......