Archives March 2019

A not so new kind of scam – email spoof

So, the following arrived in my inbox today, allegedly sent from me, to me.

Email spoof scam

Further down in that longwinded text, they demand a payment in Bitcoin to release my email domain from the hack. I immediately checked the header to see whether my account has indeed been hacked. Of course it hasn’t, they just spoofed my email address, quite elaborately I might add.

Google has a pretty nifty tool to analyze email headers, so that you don’t have to wade through a bunch of code. You simply copy the header in its entirety, as shown below, and let Google do the analysis.

Header analysis

Here’s the result:
Header analysis result


The originating IP address,, is apparently in Bangladesh, in the Dhaka region, as one can find out via, for example.

I sent a complaint to the original service provider to report the abuse. Let’s see what happens.