[TriLUG] Semi OT - phishing emails and spoofed domain links
ac via TriLUG
trilug at trilug.org
Thu Jul 20 01:46:12 EDT 2017
On Wed, 19 Jul 2017 18:12:48 -0400 (EDT)
Dewey Hylton via TriLUG <trilug at trilug.org> wrote:
> you really need to look at the source; a hover link can
You always need to look at the email source/headers :)
> > Yesterday I received a phishing email, one of a pattern where
> > someone is trying to gain credentials and possibly other
Depending on the IP number, your network and a number of things,
spoofing an IP number is not that easy anymore - and is semi easy to see.
The main thing you need to focus on is - where is the email being sent
from. (Which IP number - this is where you need to file a complaint at...)
Not the domain name, as the number of domain names are infinite.
The amount of IPv4 numbers are limited, even the amount of ipv6 number
are limited (is a huge number though)
You can check the reputation of the sending ip number, here:
http://multirbl.valli.org/
hth
Andre
More information about the TriLUG
mailing list