Email Phishing Scams and Spoofing Scam emails are not from

Have you received strange emails that claim to be from me (Frank), but they actually come from

different and non-sensical places – e.g., from ‘lyashevych.s (at)’ (in the Ukraine),

and ‘utrillo.okada (at)', another 'fly-by-night' site with a PO Box in Panama).

As you may have already realized, these 'spoofed' email messages are not actually coming

from me. Some third-party 'bad actor(s)’ are sending scam emails and phishing messages to you,

and putting my name in the 'from' field shown on the screen (without my permission, of course).

Sometimes, when a message looks ‘odd’, a close examination of the 'full message source' and

the 'email headers' will reveal the true origin and message-forwarding trail around the world.

Your email program can show you the complete headers (e.g. Google gmail ‘Show Original’).

'Third-party spoofing' of emails is an ongoing problem, and you are wise and correct to just

DELETE anything that doesn't look right. My system has not been hacked, but some 'bad actor(s)'

are sending this trash to you. Unfortunately, it is really easy to make emails look like they are

coming from someone else, and the only thing that anyone can do is to run a 'Who Is' query [1]

on the actual 'sent from' address (that is in the email headers of every message), which might be

in the Ukraine, or somewhere in South America, or Florida, or, could be anywhere in the world.

Of course, a 'Who Is' query will tell you where that bad email really came from (not from me),

there is still nothing you can do about it except to delete the spoofed junk mail, and tell your ISP.

Since these messages are not coming from me, there does not seem to be anything that we could

do to prevent this mis-use of my name and email address. Even if we changed to a different email

address, our user names are still 'out there' from various sources, including some big data breaches.

So . . . 1. you are right to be careful, do not click on the links, delete the junk messages, and

2. you should report the actual originating IP addresses to your email provider and to your ISP,

    since their systems should be catching and filtering these junk and scam SPAM messages.

[1] ‘Who Is’, > 'Enter Domain or IP’ and click the ‘WHOIS' button

  (it is completely safe for you to look at the whois data yourself, if you want to, and, FYI,

  running a WhoIs '' query will show Registrar eNom, LLC, site registered in 2000).

[2] What Google learned from 1 billion evil email scams - Google teamed up with researchers

  from Stanford University to analyze 5 months’ worth of emails. This is what they found.

  New research reveals who’s targeted by email attacks


McAninch Family History NL v.XXIX (29) n.1  May 2021  Copyright Frank McAninch  p2021-02

      Table of Contents for this Year      First Page of this Issue      Previous Page      Next Page