Go Back  DVD Talk Forum > General Discussions > Tech Talk
Reload this Page >

Trying to figure out how this originated

Tech Talk Discuss PC Hardware, Software, Internet and Other Technology

Trying to figure out how this originated

Old 08-16-19, 01:15 PM
  #1  
Senior Member
Thread Starter
 
Join Date: Feb 2002
Location: Albuquerque, NM
Posts: 549
Received 4 Likes on 3 Posts
Trying to figure out how this originated

Received an email the other day that appeared to be from a Friend/acquaintance. I rarely receive any emails fromt his person but possibly are "Friends" on Facebook and have them ion my Contacts list. I immediately see it didn't originate from him so I looked at the source of the message in my browser (pasted below). I guess my question is how did the message show his name, one I know? Did they "hack" his contacts/information and see my email address or did they do the same my address and see his name. I have scanned my machine and checked haveibeenpwned.com and Good news no pwnage found! More curious than anything. FYI, I did not click on link in body of message but I did look at the wiatel.net domain it shows as origination.I did change my address and his last name in the paste below.

Return-Path: <[email protected]>
Delivered-To: [email protected]
Received: from dovdir4-hoa-06o.email.comcast.net ([96.114.154.173])
by dovback4-hoa-16o.email.comcast.net with LMTP id 2NrgIERDVF3COAAA3SSTEg
for <[email protected]>; Wed, 14 Aug 2019 17:22:12 +0000
Received: from dovpxy-hob-17o.email.comcast.net ([96.114.154.173])
by dovdir4-hoa-06o.email.comcast.net with LMTP id uKayIERDVF1nfgAAqCJjAg
; Wed, 14 Aug 2019 17:22:12 +0000
Received: from resimta-po-26v.sys.comcast.net ([96.114.154.173])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
by dovpxy-hob-17o.email.comcast.net with LMTP id yO1sD0FDVF0mGQAAT8qbuw
; Wed, 14 Aug 2019 17:22:12 +0000
Received: from wiatel.net ([173.215.43.130])
by resimta-po-26v.sys.comcast.net with ESMTP
id xwyRhHnIaVHVdxwyRhvALn; Wed, 14 Aug 2019 17:22:12 +0000
X-CAA-SPAM: 00000
X-Xfinity-VAAS: gggruggvucftvghtrhhoucdtuddrgeduvddruddvledggeelucetufdoteggodetrfdotffvucfrrhhofhhilhgvmecuvehomhgt rghsthdqtfgvshhinecuuegrihhlohhuthemuceftddtnecunecujfgurhephffvufffkfestddtredttddttdenucfhrhhomhep lfhohhhnucfjrghllhhisghurhhtohhnuceoshgrmhhsrghmseifihgrthgvlhdrnhgvtheqnecuffhomhgrihhnpegrihhgtggu nhhtrdhinhhfohenucfkphepudejfedrvdduhedrgeefrddufedtnecurfgrrhgrmhephhgvlhhopeifihgrthgvlhdrnhgvthdp ihhnvghtpedujeefrddvudehrdegfedrudeftddpmhgrihhlfhhrohhmpehsrghmshgrmhesfihirghtvghlrdhnvghtpdhrtghp thhtoheprhhitghkhedtheestghomhgtrghsthdrnhgvthenucevlhhushhtvghrufhiiigvpedt
X-Xfinity-VMeta: sc=0;st=legit
X-Xfinity-Message-Heuristics: IPv6:N;TLS=0;SPF=1;DMARC=
X-Default-Received-SPF: pass (skip=loggedin (res=PASS)) x-ip-name=46.174.211.195;
From: John MyFriendName <[email protected]>
To: all <[email protected]>
Subject: Fwd: for all
Date: Wed, 14 Aug 2019 12:22:09 -0500
Message-ID: <[email protected]>
X-Authenticated-User: [email protected]
X-Info: aspam skipped due to (g_smite_skip_auth)
X-Encryption: SSL encrypted
X-IP-stats: Incoming Last 0, First 0, in=195, out=0, spam=0 ip=46.174.211.195

On Wednesday, August 14, 2019 11:15 AM, John wrote:

Hope you're having a great day. I thought you might appreciate this http://www.3btx.aigcdnt.info/
Old 08-16-19, 01:53 PM
  #2  
DVD Talk Hero
 
Join Date: May 2001
Posts: 40,390
Received 129 Likes on 102 Posts
Re: Trying to figure out how this originated

Spoofing e-mails is easy, do you have your e-mail address visible on Facebook?

But from the look of it, it just looks like your buddy had his contact list compromised.

Last edited by RichC2; 08-16-19 at 02:07 PM.
Old 08-17-19, 02:46 PM
  #3  
Senior Member
Thread Starter
 
Join Date: Feb 2002
Location: Albuquerque, NM
Posts: 549
Received 4 Likes on 3 Posts
Re: Trying to figure out how this originated

Originally Posted by RichC2 View Post
Spoofing e-mails is easy, do you have your e-mail address visible on Facebook?

But from the look of it, it just looks like your buddy had his contact list compromised.
I understand spoofing is somewhat easy but your second comment basically answered my question. I was primarily wondering how they associated his name with my email and having his contact list compromised would do it. Thanks.
Old 08-18-19, 01:08 PM
  #4  
DVD Talk Gold Edition
 
Join Date: Sep 2012
Posts: 2,316
Received 32 Likes on 27 Posts
Re: Trying to figure out how this originated

The times I get an email on my main non-junk accounts, I just phone the person back on the telephone (using a number I have written down on paper). I prefer to not answer emails.

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Thread Tools
Search this Thread

Archive - Advertising - Cookie Policy - Privacy Statement - Terms of Service - Do Not Sell My Personal Information -

Copyright 2018 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.