by code_Whisperer on 12/11/23, 12:41 PM with 5 comments
To be fair, it could have been an innocent mistake on the part of the person who signed up... maybe they meant to type .net instead of .com or something like that.
I contacted the vendor to tell them that the account is not authorized or known on my domain, and asked them to cancel, but they will not unless I send them an email using the 'from' address of the unauthorized account.
So, questions:
1) Is this a common thing? And if this is potentially illicit activity, what is this person thinking or hoping they'll be able to commit?
2) Even though I'd be using my own domain, should I intentionally impersonate someone who may (or may not) be attempting inappropriate activity in order to get the account removed? Wouldn't that - on its own - be a potentially dangerous or illegal act?
{sigh} modern problems.
by bell-cot on 12/11/23, 1:01 PM
IANAL...but there can be some legal exposure here, too. Mr. Bad Actor is up to shady sh*t, using a fake bactor@YourDomain.com account as part of that, and some less-than-friendly Feds (or lawyer for a victim, or ...) could be knocking on your door.
Yes, fake-account and typo'ed -address email can be kinda entertaining to read. But better to lose no time, need no lawyer, set things to auto-bounce with a "No Such Account" error, and keep email logs for ~3 months or so - to play the random clueless honest bystander part.
by mtmail on 12/11/23, 12:55 PM
If their username is go-to-ydotcom-for-free-cash then it might be spam. It doesn't seem very effective but I know a company where a spammer created 10.000 accounts overnight to be sent to random people.
by rini17 on 12/11/23, 12:44 PM