So, the following arrived in my inbox today, allegedly sent from me, to me.
Further down in that longwinded text, they demand a payment in Bitcoin to release my email domain from the hack. I immediately checked the header to see whether my account has indeed been hacked. Of course it hasn’t, they just spoofed my email address, quite elaborately I might add.
Google has a pretty nifty tool to analyze email headers, so that you don’t have to wade through a bunch of code. You simply copy the header in its entirety, as shown below, and let Google do the analysis.
Here’s the result:
The originating IP address, 18.104.22.168, is apparently in Bangladesh, in the Dhaka region, as one can find out via https://www.iplocation.net, for example.
I sent a complaint to the original service provider to report the abuse. Let’s see what happens.