Why do they do it begs belief.
There should be a system that can locate and take down these criminals who spoof email addresses of legitimate businesses.
Here is one which was sent. DO NOT OPEN ANY OF THE LINKS. The IP address is located in Kazahkstan yet their email is registed in Switzerland and they pretend to a support email from a UK business, which the support email is a spoof email address.
Received: (qmail 3164 invoked from network); 20 Jan 2012 05:46:27 -0500
Received: from unknown (HELO ?2.133.185.73?) (2.133.185.73)
xxxx with SMTP; 20 Jan 2012 05:46:26 -0500
Received: from [47.41.22.90] (account JaedaIshibashi@bluwin.ch HELO rkmrgnzwrbhltkl.ebppkp.bd) by (CommuniGate Pro SMTP 5.0.3) with ESMTPA id 689258944 for xxxxxxx; Fri, 19 Jan 2012 11:46:25 +0600
From: “IDELLA PHELPS”
To: xxxxxx
Subject: Need your help!
Date: Fri, 19 Jan 2012 11:46:25 +0600
Message-ID: <d9bc01ccd6c9$e1b94dd0$49b98502@ircmbDPIDELLA>
MIME-Version: 1.0
Content-Language: en
email content. BE AWARE THIS IS A SPOOF EMAIL. IF YOU RECEIVE ANYTHING LIKE THIS DO NOT OPEN, REPORT IT.
Hello! Look, I’ve received an unfamiliar bill, have you ordered anything?
Here is the bill
Please reply as soon as possible, because the amount is large and they demand the payment urgently.
MAILNR : MD5 check sum: 633338c410af29e941ceba5fd633807d
