On Tue, 28 Nov 2006, Larry Seltzer wrote:
> I don't see any headers on these e-mails so I can't judge them. I don't
> see enough proof that these messages are legit, but I see no reason to
> believe they are illegit. How could they possibly be used in a scam?
I spoke of a bank of america email sent the other day to someone we both
know.
The email was legit, yet:
1. The server did not sit in the same hosting location as
www.bankofamerica.com.
2. It was a different domain.
3. It was a different certificate.
4. etc.
I did not believe this was a legitimate email, I was sure it was spam
phishing.
I was wrong. It was a legitimate email from the bank of america.
What is that all about?
Gadi.
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
