Quote:
Originally posted by aflex
the email addy was an @ebay.com addy.. thats the part that tricks people.. look at the guys screenshot
|
In sendmail (for example), it's easy to put anything you want in the "sent from" column. They do the same thing with the ICQ "update your password and verify your account details" spam. The only part that never fits, is the URL, it never ends up being of the sender.
One day I'm sure they will make it law for every big company to solicit such updates only through some security mechanism like SSL, with certificates and such.