Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

This thread was archived. Please ask a new question if you need help.

Help with fake email (spoofed sender)

  • 1 reply
  • 1 has this problem
  • 2 views
  • Last reply by Toad-Hall

kaezon
kaezon
more options

Hello!

Recently I had some issues, because some email scammers was trying to fool my father (he is around 70) with a fake email, asking for bitcoins and saying that his computer has been hacked... usual stuff.

Thanks to this event, I realized that was pretty easy to fake the senders name in Thunderbird (I don't know if it is Google's fault from their servers, or the client itself), but I wanted a way to easy check this, without manually viewing the source code of the email (it literally say that doesn't designate the IP as permitted sender).

I replicated this situation with a quick google search. I found this site: https://emkei.cz/

And it can generate the situation above described.

My question is: There's a way to easily identify this type of emails? My first guess, was to look into the addons, and I found just one addon "MailHops" (https://addons.thunderbird.net/en-US/thunderbird/addon/mailhops) that do something like that (it shows the SPF/Sender Policy Framework from the source code).

There's another alternative to MailHops?

I'm using Thunderbird 60.6.1 (64-bit)

Any help will be appreciated.

PS: Sorry beforehand if I made some mistakes with my English, it isn't my mothertongue.

Hello! Recently I had some issues, because some email scammers was trying to fool my father (he is around 70) with a fake email, asking for bitcoins and saying that his computer has been hacked... usual stuff. Thanks to this event, I realized that was pretty easy to fake the senders name in Thunderbird (I don't know if it is Google's fault from their servers, or the client itself), but I wanted a way to easy check this, without manually viewing the source code of the email (it literally say that doesn't designate the IP as permitted sender). I replicated this situation with a quick google search. I found this site: https://emkei.cz/ And it can generate the situation above described. My question is: There's a way to easily identify this type of emails? My first guess, was to look into the addons, and I found just one addon "MailHops" (https://addons.thunderbird.net/en-US/thunderbird/addon/mailhops) that do something like that (it shows the SPF/Sender Policy Framework from the source code). There's another alternative to MailHops? I'm using Thunderbird 60.6.1 (64-bit) Any help will be appreciated. PS: Sorry beforehand if I made some mistakes with my English, it isn't my mothertongue.

All Replies (1)

Toad-Hall
Toad-Hall
  • Top 25 Contributor
more options

Yes, I've had those emails as well. No one has hacked anything. Some can insinuate you have been viewing webpages you would not view or perform certain acts in front of your computer and the camera recorded you. All a load of nonsense. Total hoax designed to extra monies.

You can locate where it comes from by using the info in the full headers. But it's not really going to help.

I've just trained my Junk Controls to put it in the Junk folder. then either 'empty Junk' manually or set it up to do it automatically. Remember to compact the Junk folder to fully remove all 'marked as deleted' and hidden emails. It also recovers space.

In Thunderbird, make sure you have set up the Junk Controls.

Train it by right click on spoof email in list and select 'Mark' > 'As Junk'. It soon learns and put it in Junk folder automatically.

Modified by Toad-Hall