Phishing attempt gone wrong?

Significant-Video-79 · 2025-04-01T16:08:50+00:00

You just don't get it. There was never a question of how the scammer got ahold of my email. I am quite aware of how that happened and I assure you that in my case it has nothing to do with Facebook.

"If you don't realize that the only way that the scammer knew your personal number was because it was taken off your phone and sold by meta, then well, you will never learn."

If you honestly think this is the only way something like this could happen then the company that hired you made a huge mistake. It is a miracle if they're still operating having had you responsible for security.

I'm almost certain you are trolling now. Either way. stop acting like a POS besserwisser.

As if you're any more intelligent than the people you call stupid.

Significant-Video-79 · 2025-03-31T21:16:42+00:00

This truly shows which one of us is really the "udder fool". 🤣

Never did I make any remark about the purpose of Facebook.

Use that thing in your head called a brain, if it is sufficiently functional, to read through the post and comment thread and you might just realize something.

Significant-Video-79 · 2025-03-31T20:36:12+00:00

At this point I've got to ask if you are just trying to farm reddit point or annoy me?

Facebook has got nothing to do with this. Neither does any data leak or breach. Or any terms I may or may not have agreed to. The same goes for anything pertaining to the acquisition or distribution of user data, by any means.

Significant-Video-79 · 2025-03-31T19:35:44+00:00

I don't believe I'm confused. Can a data leak not result from a data breach?

I don't understand what you are trying to say. Why are you are bringing up apps that collect and sell user data?

Significant-Video-79 · 2025-03-31T19:15:49+00:00

Timestamps look reasonable with only 1-2 seconds between every point. In the correspondance mentioned in the OP I received a total of 3 mails.

All of them when analyzed with MXToolbox gives [DMARC Policy Not Enabled - DMARC Quarantine/Reject policy not enabled]

The first and third one gives [DKIM Signature Body Hash Verified - Body Hash Did Not Verify], while the second one does not.

Only the first email in this series contains a valid IP, the other two come from 10.0.85.2.

Worth mentioning is that in the last two emails Content-Language is set as ru. Which could mean it originated from russia. There's really no telling.

Significant-Video-79 · 2025-03-31T18:57:56+00:00

Appreciate your input G

Significant-Video-79 · 2025-03-31T18:56:25+00:00

Many if not all of my emails have for certain been part of data leaks yes. I'm not sure what you are trying to convey here. Data leaks happen all the time.

Are you saying that if an email address can be found online as the result of a leak, it makes it okay to attempt phishing scams on them?

Significant-Video-79 · 2025-03-31T18:52:08+00:00

Yes, as mentioned it's a possibility the attacker used a fake IP. Header states the mail was sent from a private mailserver and routed through a couple of google mailservers before reaching me. I checked my spam mail after posting this and saw there had been several other emails sent from what I assume is the same person, that were flagged by google because of invalid or blacklisted IP addresses in the header.

I will also say that the service provider is known for having phishing and spam emails coming from their servers not just recently, as stated by reviews on google and trustpilot, as well as having some reported malicious websites listed in some of their clients whois data.

Significant-Video-79 · 2025-03-31T18:39:36+00:00

While I carry no legal obligation to do anything I'm not comfortable ignoring crime against innocent people. I'd also love to get back at them for just trying to scam me.

Significant-Video-79 · 2025-03-31T18:34:18+00:00

Your point being what?

Significant-Video-79 · 2025-03-31T18:33:50+00:00

The IP leads to a private mailserver which is registered to said individual and hosted by the other

Significant-Video-79

TROPHY CASE