CDROM-Guide forums  
PDA

View Full Version : Can an email address be masked to make it appear like it's come from another one?

   
Highway Robber
Mar 11, 2002, 03:58 PM
Is this possible? :alert: :alert:

I received an email from a bank confirming that payment had been made into my account. Now it turns out that the payment wasn't made. The bank says that that email address isn't one of theirs e.g. xxx@ybank.com. However, when I look at the message source it definately states that the "From" is @ybank.com.

The @ybank.com is definately their address and when I hit reply it comes up with xxx@ybank.com as the return address, so what I need to know is this

Is there a programme that can be used to disguise an email as coming from a different address than it actually is?

:alert: :alert:
zack371
Mar 11, 2002, 08:31 PM
It is not too difficult to fake an email address. I mean, In OUtlook or whatever, you just manually type in the your email address. It can be anything you want, so long as you are going through valid SMTP servers. That is the key. Look in the email's header and see if you can get the IP address or server (ie, mail1-23.mindspring.com or something). If you can get that, then you can see where the email went through, unless they were really clever. . . Anyways, to answer your question, it is not difficult to fake an email address at all. But, the servers it passes through will often give it away. Many times it will even have the sender's ip address, but if they have a clue what they are doing, it would not. If you need more info, please reply. But please do not post any IP's here if you find them. It is against the rules. :)

Hope this helps.

-Zack

http://www.mindshatter.com/zack/smanback1.gif
Sgt. Dan
Mar 12, 2002, 02:43 AM
There are stacks of GUI 'Anonymous Mailers' out there...

Many of them are not anonymous, as they still reveal your IP but as long as you can input the valid SMTP server then you can send emails, for example, 'From: Bill Gates (BGates@Microsoft.Com)'.
uk_trader
Mar 24, 2002, 08:05 PM
If the banks servers are configured to allow connections to the smptp port then somebody could send the mail to you through the banks smtp server and change the email address to make it look legitimate, and im not 100% on this but maybe untraceble to.
zack371
Mar 25, 2002, 10:34 PM
uk_trader is right -

But, any bank that is that careless with their network security, well, I don't know if I would want them handling my money! :D

I mean, disallowing SMTP relaying is a very basic security precaution. I doubt they allow that, but if they actually do . . . Well, their admin doesn't have a clue in that case.

-Zack
Sgt. Dan
Mar 26, 2002, 04:11 AM
LOL :D
cyanide_3
Apr 22, 2002, 08:20 AM
They could have used a fake emailer bomber (or something like that do do it)