Quote:
Originally Posted by KunoK
I got the following from "My BEBOOK shopmanager"
|
No.
You got that email from someone
purporting to be BeBook. I could send out email purporting to be from you, too, if I had your email address (or, if I didn't care if they contacted you, even without it) and it would never have to go within a thousand miles of your mailserver.
As I explained in the other thread on this subject, I routinely get phishing attempts for my Aion password ... despite the fact I've never in my life played Aion. The spammers cracked the email list of a specific forum (I know which one because I give out unique email addresses) and have randomly spammed those addresses on the theory that maybe someone who uses that forum plays Aion ... if I don't, they've lost nothing; if I'm smarter than a small zucchini, they've lost nothing; if I'm stupid enough to respond, they win. Before I disabled a particular public address, it was getting hit with "fraud" notices from banks I didn't have accounts or credit cards with; again, the phishers had nothing to lose and everything to win, so why not try and see if that address goes to a sucker who actually does have an account with a well-known bank which just doesn't happen to be mine?
Unless you give everyone you do business with a unique email address, so you know where the leaks are, all you know is that
somehow, that address got into the hands of phishers, and those particular phishers are using that particular stunt to get you to install their trojans.
So, it's not BeBook's fault; they're at least as much of a victim as you are (or more; talk to someone on the receiving end of a "Joe job" sometime). If you read headers, you could find out what zombie computer sent the email, but that's unlikely to tell you anything useful. The bottom line is the same as always: Don't run executables. Don't use Outlook. Don't let your OS hide extensions. And don't muck around in things you don't expect, like "receipts" from companies you haven't bought from in the past hour.