[kwlug-disc] Trace spam email back to source
Khalid Baheyeldin
kb at 2bits.com
Tue Jun 30 12:05:13 EDT 2020
It was better if you removed your friend's name and email account from the
headers, for privacy reasons.
The only email address in the headers is 74.6.132.219, and says ....
mail.bf2.yahoo.com
Whois shows that this email address is indeed owned by Oath which owns
Yahoo now
https://www.whois.com/whois/74.6.132.219
At some point Rogers were using Yahoo Mail, and maybe that is still the
case.
There is a Reply-To address which is Gmail. Not sure if that is indeed your
friend's other email address, or something a hacker created just to get the
reply back.
So it is inconclusive as to whether your friend's Rogers account was hacked
or not.
You should call him and let him know, so that he checks at his end.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20200630/73472ad4/attachment.htm>
More information about the kwlug-disc
mailing list