1

The email message looks like this. This person used a church member's name and used a totally different email address. It went like this:

Hi!

How are you? (then gives a bad web address)

Gary Mecham

Then, below that in the bottom left corner it says "Sent from my iPhone, with a fraudulent web address"

The email domain is totally different from the church member's actual domain.

I sent an email to the people (that I knew) that this imposter sent this to to warn them that it is NOT who they think it is. I work at a church. That's where I received the email, on the church's computer. I did click on the link, but we have McAfee Internet Security software on our computer and, quickly, it gave a warning message not to go to that website. So, of course, I didn't.

Can I report this to the FCC? Or who? It's not really a consumer spam, but I think it's an email to get people to click on a website that probably has a virus in it that will attack their computer.

schroeder
  • 123,438
  • 55
  • 284
  • 319
DRgn83
  • 11
  • 2

2 Answers2

2

This is classic spam/phishing. The person being impersonated likely had their contacts scraped and the attacker is sending emails to each of the contacts.

No need to report to FCC. Inform the person being impersonated to change their email passwords (and possibly any other passwords) and to possibly email their contacts to let them know of the impersonation.

schroeder
  • 123,438
  • 55
  • 284
  • 319
2

Spammer use fake sender's addresses, and have done it for about as long as spam exists. They were already doing it twenty years ago. There is no security whatsoever in the basic email protocol, in particular with regards to the sender's true identity.

Among the sources of email addresses that spammers harvest are the contents of the "address books" of people who were unlucky enough to run malware on their computer. If such a malware finds, for instances, addresses for Alice and Bob in such an address book, then the spammer will think that there is some non-negligible probability that Alice and Bob know each other (since their names were found in the same address book) and will send a spam to Bob claiming to come from Alice, under the assumption that Bob will say: "this is from Alice, I trust her, I'll click on the link". Though the spammer will reuse names, he may change addresses (or not) in order to evade some antispam countermeasures.

The only realistic way to fight against such practices is to educate other people to make them aware that email senders can be easily framed, and that they should use their brain and common sense even when a computer is involved.

Community
  • 1
Tom Leek
  • 168,808
  • 28
  • 337
  • 475