A not so new kind of scam – email spoof
So, the following arrived in my inbox today, allegedly sent from me, to me.
Further down in that longwinded text, they demand a payment in Bitcoin to release my email domain from the hack. I immediately checked the header to see whether my account has indeed been hacked. Of course it hasn’t, they just spoofed my email address, quite elaborately I might add.
Google has a pretty nifty tool to analyze email headers, so that you don’t have to wade through a bunch of code. You simply copy the header in its entirety, as shown below, and let Google do the analysis.
The originating IP address, 18.104.22.168, is apparently in Bangladesh, in the Dhaka region, as one can find out via https://www.iplocation.net, for example.
I sent a complaint to the original service provider to report the abuse. Let’s see what happens.